diff options
author | Damien Miller <djm@mindrot.org> | 2011-08-17 12:09:19 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2011-08-17 12:09:19 +1000 |
commit | faf4d80420af1eb5074a1ae2ce9fc3e1bf9850c0 (patch) | |
tree | ef7af9804638d529aa8471bc985151be430d165b | |
parent | 9231c8bde4169895243a9f3e2dff09ae795c0d21 (diff) |
- markus@cvs.openbsd.org 2011/06/30 22:44:43
[connect-privsep.sh]
test with sandbox enabled; ok djm@
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | regress/connect-privsep.sh | 13 |
2 files changed, 15 insertions, 1 deletions
@@ -11,6 +11,9 @@ - dtucker@cvs.openbsd.org 2011/06/03 05:35:10 [regress/cfgmatch.sh] use OBJ to find test configs, patch from Tim Rice + - markus@cvs.openbsd.org 2011/06/30 22:44:43 + [regress/connect-privsep.sh] + test with sandbox enabled; ok djm@ 20110812 - (dtucker) [openbsd-compat/port-linux.c] Bug 1924: Improve selinux context diff --git a/regress/connect-privsep.sh b/regress/connect-privsep.sh index d23cadba..e7f93898 100644 --- a/regress/connect-privsep.sh +++ b/regress/connect-privsep.sh @@ -1,8 +1,9 @@ -# $OpenBSD: connect-privsep.sh,v 1.1 2002/03/21 21:45:07 markus Exp $ +# $OpenBSD: connect-privsep.sh,v 1.2 2011/06/30 22:44:43 markus Exp $ # Placed in the Public Domain. tid="proxy connect with privsep" +cp $OBJ/sshd_proxy $OBJ/sshd_proxy.orig echo 'UsePrivilegeSeparation yes' >> $OBJ/sshd_proxy for p in 1 2; do @@ -11,3 +12,13 @@ for p in 1 2; do fail "ssh privsep+proxyconnect protocol $p failed" fi done + +cp $OBJ/sshd_proxy.orig $OBJ/sshd_proxy +echo 'UsePrivilegeSeparation sandbox' >> $OBJ/sshd_proxy + +for p in 1 2; do + ${SSH} -$p -F $OBJ/ssh_proxy 999.999.999.999 true + if [ $? -ne 0 ]; then + fail "ssh privsep/sandbox+proxyconnect protocol $p failed" + fi +done |