- markus@cvs.openbsd.org 2001/02/12 16:16:23
[auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
ssh-keygen.c sshd.8]
PermitRootLogin={yes,without-password,forced-commands-only,no}
(before this change, root could login even if PermitRootLogin==no)
diff --git a/servconf.c b/servconf.c
index 43a2c11..27c8671 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.66 2001/02/11 12:59:25 markus Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.67 2001/02/12 16:16:23 markus Exp $");
#ifdef KRB4
#include <krb.h>
@@ -51,7 +51,7 @@
options->server_key_bits = -1;
options->login_grace_time = -1;
options->key_regeneration_time = -1;
- options->permit_root_login = -1;
+ options->permit_root_login = PERMIT_NOT_SET;
options->ignore_rhosts = -1;
options->ignore_user_known_hosts = -1;
options->print_motd = -1;
@@ -122,8 +122,8 @@
options->login_grace_time = 600;
if (options->key_regeneration_time == -1)
options->key_regeneration_time = 3600;
- if (options->permit_root_login == -1)
- options->permit_root_login = 1; /* yes */
+ if (options->permit_root_login == PERMIT_NOT_SET)
+ options->permit_root_login = PERMIT_YES;
if (options->ignore_rhosts == -1)
options->ignore_rhosts = 1;
if (options->ignore_user_known_hosts == -1)
@@ -453,14 +453,17 @@
exit(1);
}
if (strcmp(arg, "without-password") == 0)
- value = 2;
+ value = PERMIT_NO_PASSWD;
+ else if (strcmp(arg, "forced-commands-only") == 0)
+ value = PERMIT_FORCED_ONLY;
else if (strcmp(arg, "yes") == 0)
- value = 1;
+ value = PERMIT_YES;
else if (strcmp(arg, "no") == 0)
- value = 0;
+ value = PERMIT_NO;
else {
- fprintf(stderr, "%s line %d: Bad yes/without-password/no argument: %s\n",
- filename, linenum, arg);
+ fprintf(stderr, "%s line %d: Bad yes/"
+ "without-password/forced-commands-only/no "
+ "argument: %s\n", filename, linenum, arg);
exit(1);
}
if (*intptr == -1)