X-Spam-Check-By: sourceware.org
Message-ID: <BAY108-F516A6DFF1F734F1227F1AB5F50@phx.gbl>
X-Sender: karlm30 AT hotmail DOT com
In-Reply-To: <20060228123700.GB3184@calimero.vinschen.de>
From: "Karl M" <karlm30 AT hotmail DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: ssh-host-config (/var/log/lastlog)
Date: Thu, 02 Mar 2006 13:02:00 -0800
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Hi Corinna...

I just tried it out and it worked fine.

Thanks,

...Karl

>From: Corinna Vinschen Subject: Re: ssh-host-config (/var/log/lastlog)
>Date: Tue, 28 Feb 2006 13:37:01 +0100
>
>On Feb 27 11:38, Karl M wrote:
> > Hi All...
> >
> > It was fun while it lasted 8-)
> >
> > Perhaps the permissions/owner for lastlog as a file should be
> > 644/system.none
> >
> > It works for me and protects the log a bit better.
>
>Would you mind to give the below patch to ssh-host-config a try?
>It now refuses to let you go ahead with a lastlog directory.
>
>
>Thanks,
>Corinna
>
>--- ssh-host-config.ORIG	2006-02-28 13:24:32.248566300 +0100
>+++ ssh-host-config	2006-02-28 13:32:22.168803900 +0100
>@@ -153,22 +153,31 @@ fi
>
>  # Create /var/log and /var/log/lastlog if not already existing
>
>-if [ -f ${LOCALSTATEDIR}/log ]
>+if [ -e ${LOCALSTATEDIR}/log -a ! -d ${LOCALSTATEDIR}/log ]
>  then
>-  echo "Creating ${LOCALSTATEDIR}/log failed!"
>-else
>-  if [ ! -d ${LOCALSTATEDIR}/log ]
>-  then
>-    mkdir -p ${LOCALSTATEDIR}/log
>-  fi
>-  if [ -d ${LOCALSTATEDIR}/log/lastlog ]
>-  then
>-    chmod 777 ${LOCALSTATEDIR}/log/lastlog
>-  elif [ ! -f ${LOCALSTATEDIR}/log/lastlog ]
>-  then
>-    cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
>-    chmod 666 ${LOCALSTATEDIR}/log/lastlog
>-  fi
>+  echo
>+  echo "${LOCALSTATEDIR}/log is existant but not a directory."
>+  echo "Cannot create ssh host configuration."
>+  echo
>+  exit 1
>+fi
>+if [ ! -e ${LOCALSTATEDIR}/log ]
>+then
>+  mkdir -p ${LOCALSTATEDIR}/log
>+fi
>+
>+if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog 
>]
>+then
>+  echo
>+  echo "${LOCALSTATEDIR}/log/lastlog exists, but is not a file."
>+  echo "Cannot create ssh host configuration."
>+  echo
>+  exit 1
>+fi
>+if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
>+then
>+  cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
>+  chmod 644 ${LOCALSTATEDIR}/log/lastlog
>  fi
>
>  # Create /var/empty file used as chroot jail for privilege separation
>@@ -578,6 +587,7 @@ then
>        fi
>        chown "${_user}" ${SYSCONFDIR}/ssh*
>        chown "${_user}".544 ${LOCALSTATEDIR}/empty
>+      chown "${_user}".544 ${LOCALSTATEDIR}/log/lastlog
>        if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
>        then
>  	chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log
>
>--
>Corinna Vinschen                  Please, send mails regarding Cygwin to
>Cygwin Project Co-Leader          cygwin AT cygwin DOT com
>Red Hat
>
>--
>Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>Problem reports:       http://cygwin.com/problems.html
>Documentation:         http://cygwin.com/docs.html
>FAQ:                   http://cygwin.com/faq/
>



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/