1 From 4358f75a31f2518fe6fa9e129e4bb23f1a3071b1 Mon Sep 17 00:00:00 2001
2 From: Alex Wilson <alex.wilson@joyent.com>
3 Date: Wed, 5 Aug 2015 12:25:15 -0700
4 Subject: [PATCH 24/36] Try to create privsep chroot dir if it doesn't exist
5 yet
6
7 ---
8 sshd.c | 25 ++++++++++++++++++++++---
9 1 file changed, 22 insertions(+), 3 deletions(-)
10
11 diff --git a/sshd.c b/sshd.c
12 index 6215b2c..f19b398 100644
13 --- a/sshd.c
14 +++ b/sshd.c
15 @@ -1917,11 +1917,30 @@ main(int ac, char **av)
16
17 if (use_privsep) {
18 struct stat st;
19 + int rc;
20
21 if ((stat(_PATH_PRIVSEP_CHROOT_DIR, &st) == -1) ||
22 - (S_ISDIR(st.st_mode) == 0))
23 - fatal("Missing privilege separation directory: %s",
24 - _PATH_PRIVSEP_CHROOT_DIR);
25 + (S_ISDIR(st.st_mode) == 0)) {
26 + rc = mkdir(_PATH_PRIVSEP_CHROOT_DIR, 0755);
27 + if (rc == 0) {
28 + /*
29 + * If mkdir works, try stat again, so the
30 + * permissions check below can work.
31 + */
32 + rc = stat(_PATH_PRIVSEP_CHROOT_DIR, &st);
33 + if (rc == 0 && S_ISDIR(st.st_mode) == 0) {
34 + rc = -1;
35 + errno = ENOTDIR;
36 + }
37 + }
38 +
39 + if (rc != 0) {
40 + fatal("Failed to create privilege separation "
41 + "directory %s: %s",
42 + _PATH_PRIVSEP_CHROOT_DIR,
43 + strerror(errno));
44 + }
45 + }
46
47 #ifdef HAVE_CYGWIN
48 if (check_ntsec(_PATH_PRIVSEP_CHROOT_DIR) &&
49 --
50 2.5.4 (Apple Git-61)
51