|
Line 0
Link Here
|
|
|
1 |
diff --git a/Makefile.in b/Makefile.in |
| 2 |
index 126b2c74..f53bb732 100644 |
| 3 |
--- a/Makefile.in |
| 4 |
+++ b/Makefile.in |
| 5 |
@@ -138,7 +138,7 @@ PATHSUBS = \ |
| 6 |
-e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \ |
| 7 |
-e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \ |
| 8 |
-e 's|/etc/ssh/ssh_host_ed25519_key|$(sysconfdir)/ssh_host_ed25519_key|g' \ |
| 9 |
- -e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \ |
| 10 |
+ -e 's|/run/sshd.pid|$(piddir)/sshd.pid|g' \ |
| 11 |
-e 's|/etc/moduli|$(sysconfdir)/moduli|g' \ |
| 12 |
-e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \ |
| 13 |
-e 's|/etc/ssh/sshrc|$(sysconfdir)/sshrc|g' \ |
| 14 |
diff --git a/configure.ac b/configure.ac |
| 15 |
index 68fd22b2..8b38aa1b 100644 |
| 16 |
--- a/configure.ac |
| 17 |
+++ b/configure.ac |
| 18 |
@@ -3146,11 +3146,11 @@ AC_ARG_WITH([prngd-port], |
| 19 |
|
| 20 |
# PRNGD Unix domain socket |
| 21 |
AC_ARG_WITH([prngd-socket], |
| 22 |
- [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/var/run/egd-pool)], |
| 23 |
+ [ --with-prngd-socket=FILE read entropy from PRNGD/EGD socket FILE (default=/run/egd-pool)], |
| 24 |
[ |
| 25 |
case "$withval" in |
| 26 |
yes) |
| 27 |
- withval="/var/run/egd-pool" |
| 28 |
+ withval="/run/egd-pool" |
| 29 |
;; |
| 30 |
no) |
| 31 |
withval="" |
| 32 |
@@ -3179,7 +3179,7 @@ AC_ARG_WITH([prngd-socket], |
| 33 |
if test "x$OPENSSL_SEEDS_ITSELF" != "xyes" ; then |
| 34 |
AC_MSG_CHECKING([for PRNGD/EGD socket]) |
| 35 |
# Insert other locations here |
| 36 |
- for sock in /var/run/egd-pool /dev/egd-pool /etc/entropy; do |
| 37 |
+ for sock in /run/egd-pool /dev/egd-pool /etc/entropy; do |
| 38 |
if test -r $sock && $TEST_MINUS_S_SH -c "test -S $sock -o -p $sock" ; then |
| 39 |
PRNGD_SOCKET="$sock" |
| 40 |
AC_DEFINE_UNQUOTED([PRNGD_SOCKET], ["$PRNGD_SOCKET"]) |
| 41 |
@@ -4943,7 +4943,7 @@ AC_ARG_WITH([bsd-auth], |
| 42 |
) |
| 43 |
|
| 44 |
# Where to place sshd.pid |
| 45 |
-piddir=/var/run |
| 46 |
+piddir=/run |
| 47 |
# make sure the directory exists |
| 48 |
if test ! -d $piddir ; then |
| 49 |
piddir=`eval echo ${sysconfdir}` |
| 50 |
@@ -5127,7 +5127,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ |
| 51 |
]) |
| 52 |
if test -z "$conf_utmp_location"; then |
| 53 |
if test x"$system_utmp_path" = x"no" ; then |
| 54 |
- for f in /etc/utmp /usr/adm/utmp /var/run/utmp; do |
| 55 |
+ for f in /etc/utmp /usr/adm/utmp /run/utmp; do |
| 56 |
if test -f $f ; then |
| 57 |
conf_utmp_location=$f |
| 58 |
fi |
| 59 |
diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd |
| 60 |
index 28f28e41..602e9909 100644 |
| 61 |
--- a/contrib/suse/rc.sshd |
| 62 |
+++ b/contrib/suse/rc.sshd |
| 63 |
@@ -99,8 +99,8 @@ case "$1" in |
| 64 |
|
| 65 |
# Status has a slightly different for the status command: |
| 66 |
# 0 - service running |
| 67 |
- # 1 - service dead, but /var/run/ pid file exists |
| 68 |
- # 2 - service dead, but /var/lock/ lock file exists |
| 69 |
+ # 1 - service dead, but /run/ pid file exists |
| 70 |
+ # 2 - service dead, but /run/lock/ lock file exists |
| 71 |
# 3 - service not running |
| 72 |
|
| 73 |
checkproc -p $SSHD_PIDFILE $SSHD_BIN |
| 74 |
diff --git a/pathnames.h b/pathnames.h |
| 75 |
index 6fb4767c..0a3773e4 100644 |
| 76 |
--- a/pathnames.h |
| 77 |
+++ b/pathnames.h |
| 78 |
@@ -19,7 +19,7 @@ |
| 79 |
#endif |
| 80 |
|
| 81 |
#ifndef _PATH_SSH_PIDDIR |
| 82 |
-#define _PATH_SSH_PIDDIR "/var/run" |
| 83 |
+#define _PATH_SSH_PIDDIR "/run" |
| 84 |
#endif |
| 85 |
|
| 86 |
/* |
| 87 |
diff --git a/regress/Makefile b/regress/Makefile |
| 88 |
index 647b4a04..49311c35 100644 |
| 89 |
--- a/regress/Makefile |
| 90 |
+++ b/regress/Makefile |
| 91 |
@@ -122,7 +122,7 @@ CLEANFILES= *.core actual agent-key.* authorized_keys_${USERNAME} \ |
| 92 |
t8.out t8.out.pub t9.out t9.out.pub testdata \ |
| 93 |
user_*key* user_ca* user_key* |
| 94 |
|
| 95 |
-SUDO_CLEAN+= /var/run/testdata_${USERNAME} /var/run/keycommand_${USERNAME} |
| 96 |
+SUDO_CLEAN+= /run/testdata_${USERNAME} /run/keycommand_${USERNAME} |
| 97 |
|
| 98 |
# Enable all malloc(3) randomisations and checks |
| 99 |
TEST_ENV= "MALLOC_OPTIONS=CFGJRSUX" |
| 100 |
diff --git a/regress/keys-command.sh b/regress/keys-command.sh |
| 101 |
index 4029e2c7..e277e327 100644 |
| 102 |
--- a/regress/keys-command.sh |
| 103 |
+++ b/regress/keys-command.sh |
| 104 |
@@ -3,9 +3,9 @@ |
| 105 |
|
| 106 |
tid="authorized keys from command" |
| 107 |
|
| 108 |
-if [ -z "$SUDO" -a ! -w /var/run ]; then |
| 109 |
+if [ -z "$SUDO" -a ! -w /run ]; then |
| 110 |
echo "skipped (SUDO not set)" |
| 111 |
- echo "need SUDO to create file in /var/run, test won't work without" |
| 112 |
+ echo "need SUDO to create file in /run, test won't work without" |
| 113 |
exit 0 |
| 114 |
fi |
| 115 |
|
| 116 |
@@ -17,9 +17,9 @@ chmod a+rw $OBJ/keys-command-args |
| 117 |
expected_key_text=`awk '{ print $2 }' < $OBJ/rsa.pub` |
| 118 |
expected_key_fp=`$SSHKEYGEN -lf $OBJ/rsa.pub | awk '{ print $2 }'` |
| 119 |
|
| 120 |
-# Establish a AuthorizedKeysCommand in /var/run where it will have |
| 121 |
+# Establish a AuthorizedKeysCommand in /run where it will have |
| 122 |
# acceptable directory permissions. |
| 123 |
-KEY_COMMAND="/var/run/keycommand_${LOGNAME}" |
| 124 |
+KEY_COMMAND="/run/keycommand_${LOGNAME}" |
| 125 |
cat << _EOF | $SUDO sh -c "rm -f '$KEY_COMMAND' ; cat > '$KEY_COMMAND'" |
| 126 |
#!/bin/sh |
| 127 |
echo args: "\$@" >> $OBJ/keys-command-args |
| 128 |
@@ -76,7 +76,7 @@ if [ -x $KEY_COMMAND ]; then |
| 129 |
fail "connect failed" |
| 130 |
fi |
| 131 |
else |
| 132 |
- echo "SKIPPED: $KEY_COMMAND not executable (/var/run mounted noexec?)" |
| 133 |
+ echo "SKIPPED: $KEY_COMMAND not executable (/run mounted noexec?)" |
| 134 |
fi |
| 135 |
|
| 136 |
$SUDO rm -f $KEY_COMMAND |
| 137 |
diff --git a/regress/principals-command.sh b/regress/principals-command.sh |
| 138 |
index bcc68e80..da6a9106 100644 |
| 139 |
--- a/regress/principals-command.sh |
| 140 |
+++ b/regress/principals-command.sh |
| 141 |
@@ -6,9 +6,9 @@ tid="authorized principals command" |
| 142 |
rm -f $OBJ/user_ca_key* $OBJ/cert_user_key* |
| 143 |
cp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak |
| 144 |
|
| 145 |
-if [ -z "$SUDO" -a ! -w /var/run ]; then |
| 146 |
+if [ -z "$SUDO" -a ! -w /run ]; then |
| 147 |
echo "skipped (SUDO not set)" |
| 148 |
- echo "need SUDO to create file in /var/run, test won't work without" |
| 149 |
+ echo "need SUDO to create file in /run, test won't work without" |
| 150 |
exit 0 |
| 151 |
fi |
| 152 |
|
| 153 |
@@ -28,9 +28,9 @@ CA_BODY=`cat $OBJ/user_ca_key.pub | awk '{ print $2 }'` |
| 154 |
CERT_FP=`${SSHKEYGEN} -lf $OBJ/cert_user_key-cert.pub | awk '{ print $2 }'` |
| 155 |
CA_FP=`${SSHKEYGEN} -lf $OBJ/user_ca_key.pub | awk '{ print $2 }'` |
| 156 |
|
| 157 |
-# Establish a AuthorizedPrincipalsCommand in /var/run where it will have |
| 158 |
+# Establish a AuthorizedPrincipalsCommand in /run where it will have |
| 159 |
# acceptable directory permissions. |
| 160 |
-PRINCIPALS_COMMAND="/var/run/principals_command_${LOGNAME}" |
| 161 |
+PRINCIPALS_COMMAND="/run/principals_command_${LOGNAME}" |
| 162 |
cat << _EOF | $SUDO sh -c "cat > '$PRINCIPALS_COMMAND'" |
| 163 |
#!/bin/sh |
| 164 |
test "x\$1" != "x${LOGNAME}" && exit 1 |
| 165 |
@@ -164,5 +164,5 @@ if [ -x $PRINCIPALS_COMMAND ]; then |
| 166 |
done |
| 167 |
else |
| 168 |
echo "SKIPPED: $PRINCIPALS_COMMAND not executable " \ |
| 169 |
- "(/var/run mounted noexec?)" |
| 170 |
+ "(/run mounted noexec?)" |
| 171 |
fi |
| 172 |
diff --git a/regress/sftp-chroot.sh b/regress/sftp-chroot.sh |
| 173 |
index ba5bd1ef..ab806566 100644 |
| 174 |
--- a/regress/sftp-chroot.sh |
| 175 |
+++ b/regress/sftp-chroot.sh |
| 176 |
@@ -3,12 +3,12 @@ |
| 177 |
|
| 178 |
tid="sftp in chroot" |
| 179 |
|
| 180 |
-CHROOT=/var/run |
| 181 |
+CHROOT=/run |
| 182 |
FILENAME=testdata_${USER} |
| 183 |
PRIVDATA=${CHROOT}/${FILENAME} |
| 184 |
|
| 185 |
-if [ -z "$SUDO" -a ! -w /var/run ]; then |
| 186 |
- echo "need SUDO to create file in /var/run, test won't work without" |
| 187 |
+if [ -z "$SUDO" -a ! -w /run ]; then |
| 188 |
+ echo "need SUDO to create file in /run, test won't work without" |
| 189 |
echo SKIPPED |
| 190 |
exit 0 |
| 191 |
fi |
| 192 |
diff --git a/sshd.8 b/sshd.8 |
| 193 |
index d33a50a1..fdd84c8f 100644 |
| 194 |
--- a/sshd.8 |
| 195 |
+++ b/sshd.8 |
| 196 |
@@ -958,7 +958,7 @@ during privilege separation in the pre-authentication phase. |
| 197 |
The directory should not contain any files and must be owned by root |
| 198 |
and not group or world-writable. |
| 199 |
.Pp |
| 200 |
-.It Pa /var/run/sshd.pid |
| 201 |
+.It Pa /run/sshd.pid |
| 202 |
Contains the process ID of the |
| 203 |
.Nm |
| 204 |
listening for connections (if there are several daemons running |
| 205 |
diff --git a/sshd_config b/sshd_config |
| 206 |
index 014b16f7..abe467ad 100644 |
| 207 |
--- a/sshd_config |
| 208 |
+++ b/sshd_config |
| 209 |
@@ -95,7 +95,7 @@ |
| 210 |
#ClientAliveInterval 0 |
| 211 |
#ClientAliveCountMax 3 |
| 212 |
#UseDNS no |
| 213 |
-#PidFile /var/run/sshd.pid |
| 214 |
+#PidFile /run/sshd.pid |
| 215 |
#MaxStartups 10:30:100 |
| 216 |
#PermitTunnel no |
| 217 |
#ChrootDirectory none |
| 218 |
diff --git a/sshd_config.5 b/sshd_config.5 |
| 219 |
index 47db015f..6bf8ed27 100644 |
| 220 |
--- a/sshd_config.5 |
| 221 |
+++ b/sshd_config.5 |
| 222 |
@@ -1363,7 +1363,7 @@ SSH daemon, or |
| 223 |
.Cm none |
| 224 |
to not write one. |
| 225 |
The default is |
| 226 |
-.Pa /var/run/sshd.pid . |
| 227 |
+.Pa /run/sshd.pid . |
| 228 |
.It Cm Port |
| 229 |
Specifies the port number that |
| 230 |
.Xr sshd 8 |
