Hi all, I just added the following to the http://wiki.dirvish.org/index.cgi?ApplyingSSHRestrictions page. I hope it's useful to others:
If you are going to be using pre/post-client scripts, and limiting them with authprogs, authprogs will reject the command every time because of the environment variables that Dirvish includes in every command. You can apply the following patch to authprogs to remove the environment variables prior to comparing the command. Also note that pre-client scripts usually include a "cd /<tree>; " prior to whatever command you're running, so include that in your authprogs.conf line (check authprogs.log) 171a172,177 > # Remove Dirvish environment variables from the command > # 2007-10-19: Roberto Mello (http://blog.divisiblebyfour.org/) > > my $NO_DIRVISH_CLIENT_COMMAND = $CLIENT_COMMAND; > $NO_DIRVISH_CLIENT_COMMAND =~ s/(DIRVISH_[^=]+=[^\s]+ )*//g; > 186a193 > log 4, " Dirvish-less Client command: $NO_DIRVISH_CLIENT_COMMAND\n"; 188c195 < if ( $allowed_command_sans_quotes eq $CLIENT_COMMAND ) { --- > if (( $allowed_command_sans_quotes eq $CLIENT_COMMAND ) or ( > $allowed_command_sans_quotes eq $NO_DIRVISH_CLIENT_COMMAND )) { -Roberto _______________________________________________ Dirvish mailing list [email protected] http://www.dirvish.org/mailman/listinfo/dirvish
