Multiplay Labs

tech hits and tips from Multiplay

Archive for September, 2013

sftp-server umask not working under older versions

without comments

Older versions of openssh’s sftp-server, such as the version shipped in 8.3-RELEASE, includes a bug which means the command line option for umask is not processed correctly.

This can be used to support chroot’ed sftp only as done via the following block in

/etc/ssh/sshd_config
Subsystem   sftp    internal-sftp
Match group chroot
    ChrootDirectory %h
    X11Forwarding no
    AllowTcpForwarding no
    ForceCommand internal-sftp -u 0477

The following patch fixes this issue:

--- crypto/openssh/sftp-server.c.orig	2013-09-27 15:10:32.089496594 +0000
+++ crypto/openssh/sftp-server.c	2013-09-27 15:12:06.128649706 +0000
@@ -1378,7 +1378,7 @@ sftp_server_main(int argc, char **argv, 
 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
 	char *cp, buf[4*4096];
 	const char *errmsg;
-	mode_t mask;
+	long mask;
 
 	extern char *optarg;
 	extern char *__progname;
@@ -1412,11 +1412,11 @@ sftp_server_main(int argc, char **argv, 
 				error("Invalid log facility \"%s\"", optarg);
 			break;
 		case 'u':
-			mask = (mode_t)strtonum(optarg, 0, 0777, &errmsg);
-			if (errmsg != NULL)
-				fatal("Invalid umask \"%s\": %s",
-				    optarg, errmsg);
-			(void)umask(mask);
+			mask = strtol(optarg, &cp, 8);
+			if (mask < 0 || mask > 0777 || *cp != '\0' ||
+			    cp == optarg || (mask == 0 && errno != 0))
+				fatal("Invalid umask \"%s\"", optarg);
+			(void)umask((mode_t)mask);
 			break;
 		case 'h':
 		default:

Written by Dilbert

September 27th, 2013 at 3:41 pm

Posted in Code,FreeBSD

MySQL under FreeBSD max_open_files more than 11095

without comments

If your seeing the following in your MySQL log even after raising kern.maxfilesperproc on FreeBSD, don’t forget you need to logout and log back into the machine before the new kern.maxfilesperproc value will be available to your session and hence available when you start MySQL via rc.d
[Warning] Buffered warning: Could not increase number of max_open_files to more than 11095 (request: 25000)

Written by Dilbert

September 5th, 2013 at 3:41 pm

Posted in FreeBSD,MySQL