Re: ssh-host-config (/var/log/lastlog)

Tue, 28 Feb 2006 04:38:13 -0800 

On Feb 27 11:38, Karl M wrote:
> Hi All...
> 
> It was fun while it lasted 8-)
> 
> Perhaps the permissions/owner for lastlog as a file should be 
> 644/system.none
> 
> It works for me and protects the log a bit better.

Would you mind to give the below patch to ssh-host-config a try?
It now refuses to let you go ahead with a lastlog directory.


Thanks,
Corinna

--- ssh-host-config.ORIG        2006-02-28 13:24:32.248566300 +0100
+++ ssh-host-config     2006-02-28 13:32:22.168803900 +0100
@@ -153,22 +153,31 @@ fi
 
 # Create /var/log and /var/log/lastlog if not already existing
 
-if [ -f ${LOCALSTATEDIR}/log ]
+if [ -e ${LOCALSTATEDIR}/log -a ! -d ${LOCALSTATEDIR}/log ]
 then
-  echo "Creating ${LOCALSTATEDIR}/log failed!"
-else
-  if [ ! -d ${LOCALSTATEDIR}/log ]
-  then
-    mkdir -p ${LOCALSTATEDIR}/log
-  fi
-  if [ -d ${LOCALSTATEDIR}/log/lastlog ]
-  then
-    chmod 777 ${LOCALSTATEDIR}/log/lastlog
-  elif [ ! -f ${LOCALSTATEDIR}/log/lastlog ]
-  then
-    cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
-    chmod 666 ${LOCALSTATEDIR}/log/lastlog
-  fi
+  echo
+  echo "${LOCALSTATEDIR}/log is existant but not a directory."
+  echo "Cannot create ssh host configuration."
+  echo
+  exit 1
+fi
+if [ ! -e ${LOCALSTATEDIR}/log ]
+then
+  mkdir -p ${LOCALSTATEDIR}/log
+fi
+
+if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]
+then
+  echo 
+  echo "${LOCALSTATEDIR}/log/lastlog exists, but is not a file."
+  echo "Cannot create ssh host configuration."
+  echo 
+  exit 1
+fi
+if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
+then
+  cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
+  chmod 644 ${LOCALSTATEDIR}/log/lastlog
 fi
 
 # Create /var/empty file used as chroot jail for privilege separation
@@ -578,6 +587,7 @@ then
       fi
       chown "${_user}" ${SYSCONFDIR}/ssh*
       chown "${_user}".544 ${LOCALSTATEDIR}/empty
+      chown "${_user}".544 ${LOCALSTATEDIR}/log/lastlog
       if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
       then
        chown "${_user}".544 ${LOCALSTATEDIR}/log/sshd.log

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply via email to