Hey Damien,
> Would something like this help?
>
> Match sessiontype shell
> User foo
> Match remotecommand "none"
> User foo2
> Match sessiontype exec remotecommand "/rsync"
> User bar
> Match sessiontype subsystem remotecommand "sftp"
> User baz
>
>
> diff --git a/readconf.c b/readconf.c
> <snip>
Thanks for looking into it, much appreciated. I think it's looking on the right track, but after applying the patch locally to test it, openssh-portable ceases to compile:
```
cc -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=used -ftrivial-auto-var-init=zero -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I. -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE -DOPENSSL_API_COMPAT=0x10100000L -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/local/libexec/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c session.c -o session.o
ranlib libssh.a
readconf.c:1033:1: error: conflicting types for ‘process_config_line’; have ‘int(Options *, struct passwd *, const char *, const char *, char *, const char *, int, int *, int)’
1033 | process_config_line(Options *options, struct passwd *pw, const char *host,
| ^~~~~~~~~~~~~~~~~~~
In file included from readconf.c:66:
readconf.h:243:10: note: previous declaration of ‘process_config_line’ with type ‘int(Options *, struct passwd *, const char *, const char *, struct sshbuf *, char *, const char *, int, int *, int)’
243 | int process_config_line(Options *, struct passwd *, const char *,
| ^~~~~~~~~~~~~~~~~~~
...
cc -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=used -ftrivial-auto-var-init=zero -fno-builtin-memset -fstack-protector-strong -fPIE -I. -I. -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE -DOPENSSL_API_COMPAT=0x10100000L -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/local/libexec/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c auth2-hostbased.c -o auth2-hostbased.o
readconf.c:2431:1: error: conflicting types for ‘read_config_file’; have ‘int(const char *, struct passwd *, const char *, const char *, Options *, int, int *)’
2431 | read_config_file(const char *filename, struct passwd *pw, const char *host,
| ^~~~~~~~~~~~~~~~
readconf.h:245:10: note: previous declaration of ‘read_config_file’ with type ‘int(const char *, struct passwd *, const char *, const char *, struct sshbuf *, Options *, int, int *)’
245 | int read_config_file(const char *, struct passwd *, const char *,
| ^~~~~~~~~~~~~~~~
```
I think there could be something incorrect about those lines changed in readconf.h?
~ Tim
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
