- stevesk@cvs.openbsd.org 2002/03/20 19:12:25
[servconf.c servconf.h ssh.h sshd.c]
for unprivileged user, group do:
pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
diff --git a/servconf.c b/servconf.c
index 0858549..8e6ee5b 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.104 2002/03/19 03:03:43 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.105 2002/03/20 19:12:24 stevesk Exp $");
#if defined(KRB4) || defined(KRB5)
#include <krb.h>
@@ -113,9 +113,6 @@
options->authorized_keys_file = NULL;
options->authorized_keys_file2 = NULL;
- options->unprivileged_user = -1;
- options->unprivileged_group = -1;
-
/* Needs to be accessable in many places */
use_privsep = -1;
}
@@ -247,10 +244,6 @@
/* Turn privilege separation _off_ by default */
if (use_privsep == -1)
use_privsep = 0;
- if (options->unprivileged_user == -1)
- options->unprivileged_user = 32767;
- if (options->unprivileged_group == -1)
- options->unprivileged_group = 32767;
}
/* Keyword tokens. */
@@ -283,7 +276,7 @@
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
- sUsePrivilegeSeparation, sUnprivUser, sUnprivGroup,
+ sUsePrivilegeSeparation,
sDeprecated
} ServerOpCodes;
@@ -360,8 +353,6 @@
{ "authorizedkeysfile", sAuthorizedKeysFile },
{ "authorizedkeysfile2", sAuthorizedKeysFile2 },
{ "useprivilegeseparation", sUsePrivilegeSeparation},
- { "unprivuser", sUnprivUser},
- { "unprivgroup", sUnprivGroup},
{ NULL, sBadOption }
};
@@ -742,14 +733,6 @@
intptr = &use_privsep;
goto parse_flag;
- case sUnprivUser:
- intptr = &options->unprivileged_user;
- goto parse_int;
-
- case sUnprivGroup:
- intptr = &options->unprivileged_group;
- goto parse_int;
-
case sAllowUsers:
while ((arg = strdelim(&cp)) && *arg != '\0') {
if (options->num_allow_users >= MAX_ALLOW_USERS)