1# $OpenBSD: sftp-chroot.sh,v 1.9 2023/05/12 06:37:42 djm Exp $ 2# Placed in the Public Domain. 3 4tid="sftp in chroot" 5 6CHROOT=/var/run 7FILENAME=testdata_${USER}.$$ 8PRIVDATA=${CHROOT}/${FILENAME} 9trap "${SUDO} rm -f ${PRIVDATA}" 0 10 11if [ -z "$SUDO" -a ! -w /var/run ]; then 12 skip "need SUDO to create file in /var/run, test won't work without" 13fi 14 15$SUDO sh -c "echo mekmitastdigoat > $PRIVDATA" || \ 16 fatal "create $PRIVDATA failed" 17 18echo "ForceCommand internal-sftp -d /" >> $OBJ/sshd_config 19 20start_sshd -oChrootDirectory=$CHROOT 21 22verbose "test $tid: get" 23${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \ 24 >>$TEST_REGRESS_LOGFILE 2>&1 || \ 25 fatal "Fetch ${FILENAME} failed" 26cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" 27 28stop_sshd 29 30verbose "test $tid: match" 31cat << EOF >> $OBJ/sshd_config 32Match All 33 ChrootDirectory $CHROOT 34EOF 35start_sshd 36$SUDO sh -c "echo orpheanbeholder > $PRIVDATA" || \ 37 fatal "create $PRIVDATA failed" 38${SFTP} -S "$SSH" -F $OBJ/ssh_config host:/${FILENAME} $COPY \ 39 >>$TEST_REGRESS_LOGFILE 2>&1 || \ 40 fatal "Fetch ${FILENAME} failed" 41cmp $PRIVDATA $COPY || fail "$PRIVDATA $COPY differ" 42 43stop_sshd 44