svn commit: r248617 - in head: secure/libexec/ssh-keysign share/examples/etc share/man/man5

Dag-Erling Smørgrav des at FreeBSD.org
Fri Mar 22 14:10:16 UTC 2013 

Author: des
Date: Fri Mar 22 14:10:15 2013
New Revision: 248617
URL: http://svnweb.freebsd.org/changeset/base/248617

Log:
  Retire the mislabeled ENABLE_SUID_SSH knob.

Modified:
  head/secure/libexec/ssh-keysign/Makefile
  head/share/examples/etc/make.conf
  head/share/man/man5/make.conf.5

Modified: head/secure/libexec/ssh-keysign/Makefile
==============================================================================
--- head/secure/libexec/ssh-keysign/Makefile	Fri Mar 22 13:36:03 2013	(r248616)
+++ head/secure/libexec/ssh-keysign/Makefile	Fri Mar 22 14:10:15 2013	(r248617)
@@ -4,9 +4,7 @@ PROG=	ssh-keysign
 SRCS=	ssh-keysign.c readconf.c roaming_dummy.c
 MAN=	ssh-keysign.8
 CFLAGS+=-I${SSHDIR} -include ssh_namespace.h
-.if defined(ENABLE_SUID_SSH)
-BINMODE=4511
-.endif
+BINMODE=4555
 
 DPADD=	${LIBSSH} ${LIBCRYPT} ${LIBCRYPTO} ${LIBZ}
 LDADD=	-lssh -lcrypt -lcrypto -lz

Modified: head/share/examples/etc/make.conf
==============================================================================
--- head/share/examples/etc/make.conf	Fri Mar 22 13:36:03 2013	(r248616)
+++ head/share/examples/etc/make.conf	Fri Mar 22 14:10:15 2013	(r248617)
@@ -102,9 +102,6 @@
 # Mtree will follow symlinks.
 #MTREE_FOLLOWS_SYMLINKS= -L
 #
-# To enable installing ssh(1) with the setuid bit turned on.
-#ENABLE_SUID_SSH=
-#
 # To enable installing newgrp(1) with the setuid bit turned on.
 # Without the setuid bit, newgrp cannot change users' groups.
 #ENABLE_SUID_NEWGRP=

Modified: head/share/man/man5/make.conf.5
==============================================================================
--- head/share/man/man5/make.conf.5	Fri Mar 22 13:36:03 2013	(r248616)
+++ head/share/man/man5/make.conf.5	Fri Mar 22 14:10:15 2013	(r248617)
@@ -454,11 +454,6 @@ with the set-user-ID bit set.
 Otherwise,
 .Xr newgrp 1
 will not be able to change users' groups.
-.It Va ENABLE_SUID_SSH
-.Pq Vt bool
-Set this to install
-.Xr ssh 1
-with the set-user-ID bit turned on.
 .It Va LOADER_TFTP_SUPPORT
 .Pq Vt bool
 By default the

More information about the svn-src-all mailing list