sshd.log /var/empty must be owned by root and not group or world-writable.

Corinna Vinschen corinna-cygwin@cygwin.com
Mon Feb 18 13:20:00 GMT 2008 

On Feb 17 19:41, Brian Dessent wrote:
> Brian Dessent wrote:
> 
> > I don't know why running ssh-host-config didn't work, you'd probably
> > have to debug that a little more to find out.
> 
> It just occured that perhaps /var/empty did not exist the first time
> ssh-host-config was run and thus the chown failed, and it was only
> created when the sshd tried to start and failed.  If that's the case
> then simply having ssh-host-config ensure that the directory exists
> before setting ownership seems like the right thing.

Like this?

Index: contrib/cygwin/ssh-host-config
===================================================================
RCS file: /cvs/openssh/contrib/cygwin/ssh-host-config,v
retrieving revision 1.20
diff -p -u -r1.20 ssh-host-config
--- contrib/cygwin/ssh-host-config      31 Aug 2006 01:28:49 -0000      1.20
+++ contrib/cygwin/ssh-host-config      18 Feb 2008 12:00:39 -0000
@@ -181,11 +181,23 @@ then
 fi
 
 # Create /var/empty file used as chroot jail for privilege separation
-if [ -f ${LOCALSTATEDIR}/empty ]
+if [ -e ${LOCALSTATEDIR}/empty -a ! -d ${LOCALSTATEDIR}/empty ]
 then
-  echo "Creating ${LOCALSTATEDIR}/empty failed!"
-else
-  mkdir -p ${LOCALSTATEDIR}/empty
+  echo
+  echo "${LOCALSTATEDIR}/empty is existant but not a directory."
+  echo "Cannot create ssh host configuration."
+  echo
+  exit 1
+if [ ! -e ${LOCALSTATEDIR}/empty ]
+then
+  if ! mkdir -p ${LOCALSTATEDIR}/empty
+  then
+    echo
+    echo "Creating ${LOCALSTATEDIR}/empty directory failed."
+    echo "Cannot create ssh host configuration."
+    echo
+    exit 1
+  fi
   if [ ${_nt} -gt 0 ]
   then
     chmod 755 ${LOCALSTATEDIR}/empty

With a little feedback I'll send it upstream.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list