mirror of
https://github.com/termux-pacman/termux-packages.git
synced 2025-12-27 14:10:32 +00:00
ac5164450b
Disables another chdir call. Issue https://github.com/termux/termux-packages/issues/18559
96 lines
2.6 KiB
Diff
96 lines
2.6 KiB
Diff
--- openssh-portable-V_9_5_P1/sshd.c 2023-10-04 07:34:10.000000000 +0300
|
|
+++ openssh-portable-V_9_5_P1.mod/sshd.c 2023-11-23 16:50:25.113650157 +0200
|
|
@@ -454,6 +454,7 @@
|
|
if (chdir("/") == -1)
|
|
fatal("chdir(\"/\"): %s", strerror(errno));
|
|
|
|
+#ifndef __ANDROID__
|
|
/* Drop our privileges */
|
|
debug3("privsep user:group %u:%u", (u_int)privsep_pw->pw_uid,
|
|
(u_int)privsep_pw->pw_gid);
|
|
@@ -461,6 +462,7 @@
|
|
if (setgroups(1, gidset) == -1)
|
|
fatal("setgroups: %.100s", strerror(errno));
|
|
permanently_set_uid(privsep_pw);
|
|
+#endif
|
|
}
|
|
}
|
|
|
|
@@ -1570,7 +1572,8 @@
|
|
saved_argc = ac;
|
|
rexec_argc = ac;
|
|
saved_argv = xcalloc(ac + 1, sizeof(*saved_argv));
|
|
- for (i = 0; (int)i < ac; i++)
|
|
+ saved_argv[0] = "@TERMUX_PREFIX@/bin/sshd";
|
|
+ for (i = 1; (int)i < ac; i++)
|
|
saved_argv[i] = xstrdup(av[i]);
|
|
saved_argv[i] = NULL;
|
|
|
|
@@ -1580,8 +1583,10 @@
|
|
av = saved_argv;
|
|
#endif
|
|
|
|
+#ifndef __ANDROID__
|
|
if (geteuid() == 0 && setgroups(0, NULL) == -1)
|
|
debug("setgroups(): %.200s", strerror(errno));
|
|
+#endif
|
|
|
|
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
|
|
sanitise_stdfd();
|
|
@@ -1706,8 +1711,10 @@
|
|
}
|
|
if (rexeced_flag || inetd_flag)
|
|
rexec_flag = 0;
|
|
+#ifndef __ANDROID__
|
|
if (!test_flag && !do_dump_cfg && rexec_flag && !path_absolute(av[0]))
|
|
fatal("sshd re-exec requires execution with an absolute path");
|
|
+#endif
|
|
if (rexeced_flag)
|
|
closefrom(REEXEC_MIN_FREE_FD);
|
|
else
|
|
@@ -1826,7 +1833,9 @@
|
|
freezero(privsep_pw->pw_passwd, strlen(privsep_pw->pw_passwd));
|
|
privsep_pw->pw_passwd = xstrdup("*");
|
|
}
|
|
+#ifndef __ANDROID__
|
|
endpwent();
|
|
+#endif
|
|
|
|
/* load host keys */
|
|
sensitive_data.host_keys = xcalloc(options.num_host_key_files,
|
|
@@ -2011,8 +2020,10 @@
|
|
* to create a file, and we can't control the code in every
|
|
* module which might be used).
|
|
*/
|
|
+#ifndef __ANDROID__
|
|
if (setgroups(0, NULL) < 0)
|
|
debug("setgroups() failed: %.200s", strerror(errno));
|
|
+#endif
|
|
|
|
if (rexec_flag) {
|
|
if (rexec_argc < 0)
|
|
@@ -2047,7 +2058,7 @@
|
|
already_daemon = daemonized();
|
|
if (!(debug_flag || inetd_flag || no_daemon_flag || already_daemon)) {
|
|
|
|
- if (daemon(0, 0) == -1)
|
|
+ if (daemon(1, 0) == -1)
|
|
fatal("daemon() failed: %.200s", strerror(errno));
|
|
|
|
disconnect_controlling_tty();
|
|
@@ -2055,12 +2066,14 @@
|
|
/* Reinitialize the log (because of the fork above). */
|
|
log_init(__progname, options.log_level, options.log_facility, log_stderr);
|
|
|
|
+#ifndef __ANDROID__
|
|
/*
|
|
* Chdir to the root directory so that the current disk can be
|
|
* unmounted if desired.
|
|
*/
|
|
if (chdir("/") == -1)
|
|
error("chdir(\"/\"): %s", strerror(errno));
|
|
+#endif
|
|
|
|
/* ignore SIGPIPE */
|
|
ssh_signal(SIGPIPE, SIG_IGN);
|