_PATH_PRIVSEP_CHROOT_DIR; ok provos@

4 files changed, 11 insertions, 16 deletions

diff --git a/usr.bin/ssh/pathnames.h b/usr.bin/ssh/pathnames.h
index b45131208e4..52845f64c36 100644
--- a/usr.bin/ssh/pathnames.h
+++ b/usr.bin/ssh/pathnames.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pathnames.h,v 1.11 2002/02/09 17:37:34 deraadt Exp $	*/
+/*	$OpenBSD: pathnames.h,v 1.12 2002/03/19 03:03:43 stevesk Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -122,3 +122,6 @@
 /* for sftp */
 #define _PATH_SFTP_SERVER		"/usr/libexec/sftp-server"
 #define _PATH_LS			"ls"
+
+/* chroot directory for unprivileged user when UsePrivilegeSeparation=yes */
+#define _PATH_PRIVSEP_CHROOT_DIR	"/var/empty"
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 78635bd0956..bb447e18549 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -10,7 +10,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: servconf.c,v 1.103 2002/03/18 23:52:51 stevesk Exp $");
+RCSID("$OpenBSD: servconf.c,v 1.104 2002/03/19 03:03:43 stevesk Exp $");
 
 #if defined(KRB4) || defined(KRB5)
 #include <krb.h>
@@ -110,7 +110,6 @@ initialize_server_options(ServerOptions *options)
 
 	options->unprivileged_user = -1;
 	options->unprivileged_group = -1;
-	options->unprivileged_dir = NULL;
 
 	/* Needs to be accessable in many places */
 	use_privsep = -1;
@@ -242,8 +241,6 @@ fill_default_server_options(ServerOptions *options)
 		options->unprivileged_user = 32767;
 	if (options->unprivileged_group == -1)
 		options->unprivileged_group = 32767;
-	if (options->unprivileged_dir == NULL)
-		options->unprivileged_dir = "/var/empty";
 }
 
 /* Keyword tokens. */
@@ -273,7 +270,7 @@ typedef enum {
 	sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
 	sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
 	sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
-	sUsePrivilegeSeparation, sUnprivUser, sUnprivGroup, sUnprivDir,
+	sUsePrivilegeSeparation, sUnprivUser, sUnprivGroup,
 	sDeprecated
 } ServerOpCodes;
 
@@ -349,7 +346,6 @@ static struct {
 	{ "useprivilegeseparation", sUsePrivilegeSeparation},
 	{ "unprivuser", sUnprivUser},
 	{ "unprivgroup", sUnprivGroup},
-	{ "unprivdir", sUnprivDir},
 	{ NULL, sBadOption }
 };
 
@@ -732,10 +728,6 @@ parse_flag:
 		intptr = &options->unprivileged_group;
 		goto parse_int;
 
-	case sUnprivDir:
-		charptr = &options->unprivileged_dir;
-		goto parse_filename;
-
 	case sAllowUsers:
 		while ((arg = strdelim(&cp)) && *arg != '\0') {
 			if (options->num_allow_users >= MAX_ALLOW_USERS)
diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h
index 5b99ea1aed3..8a7ed2c049d 100644
--- a/usr.bin/ssh/servconf.h
+++ b/usr.bin/ssh/servconf.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: servconf.h,v 1.55 2002/03/18 17:50:31 provos Exp $	*/
+/*	$OpenBSD: servconf.h,v 1.56 2002/03/19 03:03:43 stevesk Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -132,7 +132,6 @@ typedef struct {
 
 	int	unprivileged_user;	/* User unprivileged child uses */
 	int	unprivileged_group;	/* Group unprivileged child uses */
-	char   *unprivileged_dir;	/* Chroot dir for unprivileged user */
 }       ServerOptions;
 
 void	 initialize_server_options(ServerOptions *);
diff --git a/usr.bin/ssh/sshd.c b/usr.bin/ssh/sshd.c
index dfc5176e5dc..094566e7e6d 100644
--- a/usr.bin/ssh/sshd.c
+++ b/usr.bin/ssh/sshd.c
@@ -42,7 +42,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: sshd.c,v 1.231 2002/03/18 17:50:31 provos Exp $");
+RCSID("$OpenBSD: sshd.c,v 1.232 2002/03/19 03:03:43 stevesk Exp $");
 
 #include <openssl/dh.h>
 #include <openssl/bn.h>
@@ -524,8 +524,9 @@ privsep_preauth_child(void)
 	demote_sensitive_data();
 
 	/* Change our root directory*/
-	if (chroot(options.unprivileged_dir) == -1)
-		fatal("chroot(/var/empty)");
+	if (chroot(_PATH_PRIVSEP_CHROOT_DIR) == -1)
+		fatal("chroot(\"%s\"): %s", _PATH_PRIVSEP_CHROOT_DIR,
+		    strerror(errno));
 	if (chdir("/") == -1)
 		fatal("chdir(/)");