Bug#652622: openssh-server: Match block should allow PrintMotd and PrintLastlog
Package: openssh-server
Version: 1:5.9p1-2
Severity: normal
Tags: upstream patch
Hi,
PrintMotd and PrintLastlog is not allowed within a Match block.
Due I needed it for me and didn't see any sense to disallow this
configuration directive, I saw this as a bug and wrote a patch to fix it.
This bug also affects the upstream release.
Stable release is also affected, the patch should be applicable also there.
(PS: May other configuration directives are also affected by such a senseless
restriction, but I didn't check them all yet and before wasting time with
something like this I want to see if this patch has a chance to come in.)
Greetings,
Michael
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (700, 'testing'), (650, 'unstable'), (600, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.1.0-1-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages openssh-server depends on:
ii adduser 3.113
ii debconf [debconf-2.0] 1.5.41
ii dpkg 1.16.1.2
ii libc6 2.13-21
ii libcomerr2 1.42-1
ii libgssapi-krb5-2 1.9.1+dfsg-3
ii libkrb5-3 1.9.1+dfsg-3
ii libpam-modules 1.1.3-6
ii libpam-runtime 1.1.3-6
ii libpam0g 1.1.3-6
ii libselinux1 2.1.0-4
ii libssl1.0.0 1.0.0e-3
ii libwrap0 7.6.q-21
ii lsb-base 3.2-28
ii openssh-client 1:5.9p1-2
ii procps 1:3.2.8-11
ii zlib1g 1:1.2.3.4.dfsg-3
Versions of packages openssh-server recommends:
ii openssh-blacklist 0.4.1
ii openssh-blacklist-extra 0.4.1
ii xauth 1:1.0.6-1
Versions of packages openssh-server suggests:
pn molly-guard <none>
pn monkeysphere <none>
pn rssh 2.3.3-1
pn ssh-askpass 1:1.2.4.1-9
pn ufw <none>
-- Configuration Files:
/etc/pam.d/sshd changed [not included]
-- debconf information excluded
Index: openssh-5.9p1/servconf.c
===================================================================
--- openssh-5.9p1.orig/servconf.c 2011-12-19 11:32:10.644602022 +0100
+++ openssh-5.9p1/servconf.c 2011-12-19 11:32:18.952708519 +0100
@@ -422,8 +422,8 @@
{ "checkmail", sDeprecated, SSHCFG_GLOBAL },
{ "listenaddress", sListenAddress, SSHCFG_GLOBAL },
{ "addressfamily", sAddressFamily, SSHCFG_GLOBAL },
- { "printmotd", sPrintMotd, SSHCFG_GLOBAL },
- { "printlastlog", sPrintLastLog, SSHCFG_GLOBAL },
+ { "printmotd", sPrintMotd, SSHCFG_ALL },
+ { "printlastlog", sPrintLastLog, SSHCFG_ALL },
{ "ignorerhosts", sIgnoreRhosts, SSHCFG_GLOBAL },
{ "ignoreuserknownhosts", sIgnoreUserKnownHosts, SSHCFG_GLOBAL },
{ "x11forwarding", sX11Forwarding, SSHCFG_ALL },
@@ -1547,6 +1547,8 @@
M_CP_INTOPT(allow_agent_forwarding);
M_CP_INTOPT(permit_tun);
M_CP_INTOPT(gateway_ports);
+ M_CP_INTOPT(print_motd);
+ M_CP_INTOPT(print_lastlog);
M_CP_INTOPT(x11_display_offset);
M_CP_INTOPT(x11_forwarding);
M_CP_INTOPT(x11_use_localhost);
Reply to: