Date: Wed, 24 Mar 1999 09:36:02 -0600 (CST) From: Licia <licia@o-o.org> To: Terry Lambert <tlambert@primenet.com> Cc: freebsd-chat@FreeBSD.ORG, fad@o-o.org Subject: Re: added chroot to /usr/bin/login Message-ID: <Pine.BSF.4.05.9903240931590.11837-100000@o-o.org> In-Reply-To: <199903132103.OAA19502@usr09.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 13 Mar 1999, Terry Lambert wrote:
> > Thanks to welcome feedback, I've modified the patches :) no more login group.
> > It's all completely based on /etc/login.conf classes now. If there is a
> > capability called chroot, the value for it is used as the path to chroot to,
> > if there isn't, no chrooting... if there's interest I can add the ~ type
> > expansions to allow a single class to be used for multiple users to be
> > chrooted to their homedirs (trivial hack :) ) and this will easily allow
> > shared chroot environments, although the previous version did too :)
>
> If it's a path type object, the ~ and $ stuff are already in there,
> so if you want to use literal values, you have to escape them (\~),
> per the login.conf man page.
>
Hmm I must just not understand the login_cap functions properly. I tried
using login_getpath to get the capability, but it didn't expand the values
properly (perhaps because the login process is still setuid root at the time
of chroot?) so I've resorted to a simple if to check for a path of just ~ and
not worry about expanding ~ in full path names.
> Anyway, I think that this probably represents the first useful thing
> that login.conf has ever done for anyone (besides killing their
> process, running them out of file descriptors, and, in general, not
> supporting the SEcureCard stuff. 8-)).
>
> Good job! I think this stuff should be committed, post-haste!
>
>
(smiles) thank you :) compliments are -always- welcome ;)
What's the securecard stuff? (looking interested :) )
[ licia@o-o.org ] [ http://www.o-o.org/~licia/ ] [ Alias : Ladywolf]
[ Telnet to o-o.org and log in as bbs ] [ ssh -l bbs -C o-o.org ]
[ A happy user of FreeBSD : http://www.freebsd.org/ ]
main(){int num[4]={1768122732,762265697,1919889007,103};printf("%s\n",num);}
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9903240931590.11837-100000>