diff --git a/openssh-5.2p1-homechroot.patch b/openssh-5.2p1-homechroot.patch deleted file mode 100644 index 6b3a7a3..0000000 --- a/openssh-5.2p1-homechroot.patch +++ /dev/null @@ -1,268 +0,0 @@ -diff -up /dev/null openssh-5.2p1/chrootenv.h ---- /dev/null 2009-08-19 20:21:50.796466837 +0200 -+++ openssh-5.2p1/chrootenv.h 2009-08-19 23:22:15.000000000 +0200 -@@ -0,0 +1,32 @@ -+/* $OpenBSD: session.h,v 1.30 2008/05/08 12:21:16 djm Exp $ */ -+ -+/* -+ * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ */ -+#ifndef CHROOTENV_H -+#define CHROOTENV_H -+ -+extern int chroot_no_tree; -+ -+#endif -+ -diff -up openssh-5.2p1/session.c.homechroot openssh-5.2p1/session.c ---- openssh-5.2p1/session.c.homechroot 2009-08-19 23:22:14.000000000 +0200 -+++ openssh-5.2p1/session.c 2009-08-19 23:22:15.000000000 +0200 -@@ -119,6 +119,8 @@ void do_child(Session *, const char *); - void do_motd(void); - int check_quietlogin(Session *, const char *); - -+int chroot_no_tree = 0; -+ - static void do_authenticated1(Authctxt *); - static void do_authenticated2(Authctxt *); - -@@ -802,6 +804,11 @@ do_exec(Session *s, const char *command) - debug("Forced command (key option) '%.900s'", command); - } - -+ if ((s->is_subsystem != SUBSYSTEM_INT_SFTP) && chroot_no_tree) { -+ logit("You aren't welcomed, go away!"); -+ exit (1); -+ } -+ - #ifdef SSH_AUDIT_EVENTS - if (command != NULL) - PRIVSEP(audit_run_command(command)); -@@ -1399,6 +1406,61 @@ do_nologin(struct passwd *pw) - } - - /* -+ * Test if filesystem is mounted nosuid and nodev -+ */ -+ -+static void -+test_nosuid (dev_t fs) -+{ -+ FILE *f; -+ struct stat st; -+ char buf[4096], *s, *on, *mountpoint, *opt; -+ int nodev, nosuid; -+ -+ if (!(f = popen ("/bin/mount", "r"))) -+ fatal ("%s: popen(\"/bin/mount\", \"r\"): %s", -+ __func__, strerror (errno)); -+ for (;;) { -+ s = fgets (buf, sizeof (buf), f); -+ if (ferror (f)) -+ fatal ("%s: read from popen: %s", __func__, -+ strerror (errno)); -+ if (!s) { -+ pclose (f); -+ fatal ("cannot found filesystem with the chroot directory"); -+ } -+ (void) strtok (buf, " "); -+ on = strtok (NULL, " "); -+ if (strcmp (on, "on")) { -+ pclose (f); -+ fatal ("bad format of mount output"); -+ } -+ mountpoint = strtok (NULL, " "); -+ if (stat(mountpoint, &st) != 0) { -+ pclose (f); -+ fatal("%s: stat(\"%s\"): %s", __func__, -+ mountpoint, strerror(errno)); -+ } -+ if (fs != st.st_dev) -+ continue; -+ nodev = nosuid = 0; -+ for (opt = strtok (NULL, "("); opt; opt = strtok (NULL, " ,)")) { -+ if (!strcmp (opt, "nodev")) -+ nodev = 1; -+ else if (!strcmp (opt, "nosuid")) -+ nosuid = 1; -+ else if (!strcmp (opt, "noexec")) -+ nosuid = 1; -+ if (nodev && nosuid) { -+ pclose (f); -+ return; -+ } -+ } -+ fatal ("chroot into directory without nodev or nosuid"); -+ } -+} -+ -+/* - * Chroot into a directory after checking it for safety: all path components - * must be root-owned directories with strict permissions. - */ -@@ -1408,6 +1470,7 @@ safely_chroot(const char *path, uid_t ui - const char *cp; - char component[MAXPATHLEN]; - struct stat st; -+ int last; - - if (*path != '/') - fatal("chroot path does not begin at root"); -@@ -1419,7 +1482,7 @@ safely_chroot(const char *path, uid_t ui - * root-owned directory with strict permissions. - */ - for (cp = path; cp != NULL;) { -- if ((cp = strchr(cp, '/')) == NULL) -+ if (((last = ((cp = strchr(cp, '/')) == NULL)))) - strlcpy(component, path, sizeof(component)); - else { - cp++; -@@ -1432,14 +1495,20 @@ safely_chroot(const char *path, uid_t ui - if (stat(component, &st) != 0) - fatal("%s: stat(\"%s\"): %s", __func__, - component, strerror(errno)); -- if (st.st_uid != 0 || (st.st_mode & 022) != 0) -+ if ((st.st_uid != 0 || (st.st_mode & 022) != 0) && !(last && st.st_uid == uid)) - fatal("bad ownership or modes for chroot " - "directory %s\"%s\"", - cp == NULL ? "" : "component ", component); - if (!S_ISDIR(st.st_mode)) - fatal("chroot path %s\"%s\" is not a directory", - cp == NULL ? "" : "component ", component); -+ } -+ setenv ("TZ", "/etc/localtime", 0); -+ tzset (); - -+ if (st.st_uid) { -+ test_nosuid (st.st_dev); -+ ++chroot_no_tree; - } - - if (chdir(path) == -1) -@@ -1451,6 +1520,10 @@ safely_chroot(const char *path, uid_t ui - if (chdir("/") == -1) - fatal("%s: chdir(/) after chroot: %s", - __func__, strerror(errno)); -+ -+ if (access ("/etc/localtime", R_OK) < 0) -+ ++chroot_no_tree; -+ - verbose("Changed root directory to \"%s\"", path); - } - -diff -up openssh-5.2p1/sftp.c.homechroot openssh-5.2p1/sftp.c ---- openssh-5.2p1/sftp.c.homechroot 2009-02-14 06:26:19.000000000 +0100 -+++ openssh-5.2p1/sftp.c 2009-08-19 23:22:15.000000000 +0200 -@@ -94,6 +94,8 @@ int remote_glob(struct sftp_conn *, cons - - extern char *__progname; - -+int chroot_no_tree = 0; -+ - /* Separators for interactive commands */ - #define WHITESPACE " \t\r\n" - -diff -up openssh-5.2p1/sftp-common.c.homechroot openssh-5.2p1/sftp-common.c ---- openssh-5.2p1/sftp-common.c.homechroot 2006-08-05 04:39:40.000000000 +0200 -+++ openssh-5.2p1/sftp-common.c 2009-08-19 23:22:15.000000000 +0200 -@@ -40,6 +40,7 @@ - #include "xmalloc.h" - #include "buffer.h" - #include "log.h" -+#include "chrootenv.h" - - #include "sftp.h" - #include "sftp-common.h" -@@ -194,13 +195,13 @@ ls_file(const char *name, const struct s - char buf[1024], mode[11+1], tbuf[12+1], ubuf[11+1], gbuf[11+1]; - - strmode(st->st_mode, mode); -- if (!remote && (pw = getpwuid(st->st_uid)) != NULL) { -+ if (!remote && !chroot_no_tree && (pw = getpwuid(st->st_uid)) != NULL) { - user = pw->pw_name; - } else { - snprintf(ubuf, sizeof ubuf, "%u", (u_int)st->st_uid); - user = ubuf; - } -- if (!remote && (gr = getgrgid(st->st_gid)) != NULL) { -+ if (!remote && !chroot_no_tree && (gr = getgrgid(st->st_gid)) != NULL) { - group = gr->gr_name; - } else { - snprintf(gbuf, sizeof gbuf, "%u", (u_int)st->st_gid); -diff -up openssh-5.2p1/sftp-server-main.c.homechroot openssh-5.2p1/sftp-server-main.c ---- openssh-5.2p1/sftp-server-main.c.homechroot 2009-02-21 22:47:02.000000000 +0100 -+++ openssh-5.2p1/sftp-server-main.c 2009-08-19 23:22:15.000000000 +0200 -@@ -22,11 +22,14 @@ - #include - #include - #include -+#include - - #include "log.h" - #include "sftp.h" - #include "misc.h" - -+int chroot_no_tree = 0; -+ - void - cleanup_exit(int i) - { -diff -up openssh-5.2p1/sshd_config.0.homechroot openssh-5.2p1/sshd_config.0 ---- openssh-5.2p1/sshd_config.0.homechroot 2009-08-19 23:22:14.000000000 +0200 -+++ openssh-5.2p1/sshd_config.0 2009-08-19 23:31:26.000000000 +0200 -@@ -112,6 +112,14 @@ DESCRIPTION - essary if the in-process sftp server is used (see Subsystem for - details). - -+ In the special case when only sftp is used, not ssh nor scp, it -+ is possible to use ChrootDirectory %h or ChrootDirectory -+ /some/path/%u. The file system containing this directory must be -+ mounted with options nodev and either nosuid or noexec. The owner -+ of the directory should be the user. The ownership of the other -+ components of the path must fulfill the usual conditions. No adi- -+ tional files are required to be present in the directory. -+ - The default is not to chroot(2). - - Ciphers -diff -up openssh-5.2p1/sshd_config.5.homechroot openssh-5.2p1/sshd_config.5 ---- openssh-5.2p1/sshd_config.5.homechroot 2009-08-19 23:22:14.000000000 +0200 -+++ openssh-5.2p1/sshd_config.5 2009-08-19 23:22:15.000000000 +0200 -@@ -219,6 +219,17 @@ in-process sftp server is used (see - .Cm Subsystem - for details). - .Pp -+In the special case when only sftp is used, not ssh nor scp, -+it is possible to use -+.Cm ChrootDirectory -+%h or -+.Cm ChrootDirectory -+/some/path/%u. The file system containing this directory must be -+mounted with options nodev and either nosuid or noexec. The owner of the -+directory should be the user. The ownership of the other components of the path -+must fulfill the usual conditions. No aditional files are required to be present -+in the directory. -+.Pp - The default is not to - .Xr chroot 2 . - .It Cm Ciphers diff --git a/openssh.spec b/openssh.spec index 05c200e..1ff6370 100644 --- a/openssh.spec +++ b/openssh.spec @@ -96,7 +96,6 @@ Patch51: openssh-5.2p1-nss-keys.patch Patch55: openssh-5.1p1-cloexec.patch Patch62: openssh-5.1p1-scp-manpage.patch Patch65: openssh-5.2p1-fips.patch -Patch66: openssh-5.2p1-homechroot.patch Patch68: openssh-5.2p1-pathmax.patch Patch69: openssh-5.2p1-selabel.patch Patch71: openssh-5.2p1-edns.patch @@ -230,7 +229,6 @@ an X11 passphrase dialog for OpenSSH. %patch55 -p1 -b .cloexec %patch62 -p1 -b .manpage %patch65 -p1 -b .fips -%patch66 -p1 -b .homechroot %patch68 -p1 -b .pathmax %patch69 -p1 -b .selabel %patch71 -p1 -b .edns @@ -468,6 +466,9 @@ fi %endif %changelog +* Fri Sep 11 2009 Jan F. Chadima - 5.2p1-25 +- Dropped homechroot patch + * Mon Sep 7 2009 Jan F. Chadima - 5.2p1-24 - Add check for nosuid, nodev in homechroot