From 733a292c1125b070a2e49e3e514912460966a03e Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Sat, 9 Sep 2006 20:41:25 +1000 Subject: - (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@ --- ChangeLog | 3 ++- buildpkg.sh.in | 10 +--------- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5791ec25..0ebeee28 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 20060909 - (dtucker) [openbsd-compat/bsd-snprintf.c] Add stdarg.h. - (dtucker) [contrib/aix/buildbff.sh] Always create privsep user. + - (dtucker) [buildpkg.sh.in] Always create privsep user. ok djm@ 20060908 - (dtucker) [auth-sia.c] Add includes required for build on Tru64. Patch @@ -5419,4 +5420,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4539 2006/09/09 10:34:15 dtucker Exp $ +$Id: ChangeLog,v 1.4540 2006/09/09 10:41:25 dtucker Exp $ diff --git a/buildpkg.sh.in b/buildpkg.sh.in index 31db10d6..a3960cb8 100644 --- a/buildpkg.sh.in +++ b/buildpkg.sh.in @@ -311,14 +311,7 @@ then chroot=echo fi -if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null -then - echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user" - echo "or group." -else - echo "UsePrivilegeSeparation enabled in config (or defaulting to on)." - - # user required? + echo "PrivilegeSeparation user always required." if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null then echo "PrivSep user $SSH_PRIVSEP_USER already exists." @@ -363,7 +356,6 @@ else \$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER \$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER } -fi [ "\${POST_INS_START}" = "yes" ] && ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start exit 0 -- cgit v1.2.1