1*bfb09990Sdjm# $OpenBSD: sftp-chroot.sh,v 1.9 2023/05/12 06:37:42 djm Exp $ 2c763b0e2Sdjm# Placed in the Public Domain. 3c763b0e2Sdjm 4c763b0e2Sdjmtid="sftp in chroot" 5c763b0e2Sdjm 6c763b0e2SdjmCHROOT=/var/run 779792e0aSdtuckerFILENAME=testdata_${USER}.$$ 8c763b0e2SdjmPRIVDATA=${CHROOT}/${FILENAME} 979792e0aSdtuckertrap "${SUDO} rm -f ${PRIVDATA}" 0 10c763b0e2Sdjm 112078aca3Sbluhmif [ -z "$SUDO" -a ! -w /var/run ]; then 124233cbebSdtucker skip "need SUDO to create file in /var/run, test won't work without" 13c763b0e2Sdjmfi 14c763b0e2Sdjm 15c763b0e2Sdjm$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ 16c763b0e2Sdjm fatal "create $PRIVDATA failed" 17c763b0e2Sdjm 18*bfb09990Sdjmecho "ForceCommand internal-sftp -d /" >> $OBJ/sshd_config 19*bfb09990Sdjm 20*bfb09990Sdjmstart_sshd -oChrootDirectory=$CHROOT 21c763b0e2Sdjm 22c763b0e2Sdjmverbose "test $tid: get" 23d0627b28Sdtucker${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \ 241a896ddcSdtucker >>$TEST_REGRESS_LOGFILE 2>&1 || \ 25c763b0e2Sdjm fatal "Fetch ${FILENAME} failed" 26c763b0e2Sdjmcmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" 27*bfb09990Sdjm 28*bfb09990Sdjmstop_sshd 29*bfb09990Sdjm 30*bfb09990Sdjmverbose "test $tid: match" 31*bfb09990Sdjmcat << EOF >> $OBJ/sshd_config 32*bfb09990SdjmMatch All 33*bfb09990Sdjm ChrootDirectory $CHROOT 34*bfb09990SdjmEOF 35*bfb09990Sdjmstart_sshd 36*bfb09990Sdjm$SUDO sh -c "echo orpheanbeholder > $PRIVDATA" || \ 37*bfb09990Sdjm fatal "create $PRIVDATA failed" 38*bfb09990Sdjm${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \ 39*bfb09990Sdjm >>$TEST_REGRESS_LOGFILE 2>&1 || \ 40*bfb09990Sdjm fatal "Fetch ${FILENAME} failed" 41*bfb09990Sdjmcmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" 42*bfb09990Sdjm 43*bfb09990Sdjmstop_sshd 44