Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 154440 - Openssh sftplogging patch for 4.4p1 is here!
Summary: Openssh sftplogging patch for 4.4p1 is here!
Status: RESOLVED WONTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo's Team for Core System packages
URL: http://sftplogging.sourceforge.net/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-11-08 01:51 UTC by Hans Rakers
Modified: 2006-11-19 19:27 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
openssh-4.4_p1-r7.ebuild w/ "sftplogging" use flag (openssh-4.4_p1-r7.ebuild,5.93 KB, text/plain)
2006-11-19 19:27 UTC, Zrajm C Akfohg 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hans Rakers 2006-11-08 01:51:02 UTC 
Can some please re-enable this in the 4.4 ebuild?

The sftplogging use flag was masked since the version bump to 4.4 since the sftplogging patch was incompatible, but the author of the sftplogging patch recently posted a openssh-4.4p1 compatible patch :)

See http://sftplogging.sourceforge.net/

thx
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2006-11-08 01:56:18 UTC 
Well, I fail to see what patch are you talking about since the functionality requires no patch at all w/ 4.4_p1 (go read Bug 154215).
Comment 2 Hans Rakers 2006-11-08 02:14:44 UTC 
Well maybe you should've checked the url i posted ;)

quote:

"Sorry it's taking so long, but openssh changed their code (in fact they added logging, but they did not add any control of chown, chmod or umask)"

I cant be bothered about the logging, it's mostly the umask part i'm interested in and used sftplogging for (and i'm probably not the only one)
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2006-11-08 02:17:51 UTC 
Shrug...
Comment 4 SpanKY gentoo-dev 2006-11-08 11:59:36 UTC 
we're not patching anymore; get said features integrated upstream
Comment 5 Zrajm C Akfohg 2006-11-19 19:09:04 UTC 
When I emerged "openssh-4.4_p1-r6" I noticed support for the sftplogging use flag was gone.



After emerging I could no longer log in via ssh, and after checking around a bit I realised that sshd choked on my /etc/ssh/sshd_config. Trying to start ssh from the command line (as root) gets me:



    # /usr/sbin/sshd

    /etc/ssh/sshd_config: line 109: Bad configuration option: LogSftp

    /etc/ssh/sshd_config: terminating, 1 bad configuration options



Everything works fine if I remove all sftp options from my sshd_config, but then logging of any sftp activity is *far* from the level of detail I used to have with sftplogging enabled. :(



Turns out the sftplogging patch is still around, and has been updated to work with openssh-4.4, though (see http://sftplogging.sourceforge.net). So I updated the ebuild accordingly.



So here it is. openssh-4.4_p1-r6, *with* sftplogging support.



It's marked as unstable for all platforms, but works fine for me, ymmv tho.
Comment 6 Zrajm C Akfohg 2006-11-19 19:27:31 UTC 
Created attachment 102370 [details]
openssh-4.4_p1-r7.ebuild w/ "sftplogging" use flag

openssh-4.4_p1-r7.ebuild uses the "sftplogging" patch from http://sftplogging.sourceforge.net/ to add (or put back) the USE flag with the same name.

Sftplogging gives a higher level of details in the logging made by the sftp-server, it also gives you control over chroot, chmod and umask settings from sshd_config.