From: Brian Feldman <green@xxxxxxxxxxx> >From FreeBSD 885a59f2e067 by Brian Feldman <green@xxxxxxxxxxx>. Details in FreeBSD PR 37416 https://bugs.freebsd.org/37416 - summary: > sshd uses the "default" login class for users with uid=0 instead of > the "root" login class when setting up the user's session. > ... > How-To-Repeat: > I added a :umask=002: entry to the default login class and a :umask=022: > entry to the root login class in </etc/login.conf>. After this, if root > logs in via a getty on a virtual console or via telnet, the umask is > 022 as expected, but if root logs in via ssh the umask is 002. However, > if root's password entry is changed to mention the root login class > explicitly, the umask is set to 022 when root logs in via ssh. Posted for discussion; if accepted I will see about adding autoconf goop, if necessary (i.e. if some systems have login_getclass but not login_getpwclass). --- auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth.c b/auth.c index 9a5498b66..c8e1ed074 100644 --- a/auth.c +++ b/auth.c @@ -600,7 +600,7 @@ getpwnamallow(struct ssh *ssh, const char *user) if (!allowed_user(ssh, pw)) return (NULL); #ifdef HAVE_LOGIN_CAP - if ((lc = login_getclass(pw->pw_class)) == NULL) { + if ((lc = login_getpwclass(pw)) == NULL) { debug("unable to get login class: %s", user); return (NULL); } -- 2.30.0 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
