upstream/oracle/userland-gate: comparison components/openssh/patches/007-manpages.patch

equal deleted inserted replaced

-:1d0e6cf38844
+:06e4fcc325a1
-# This change is Solaris-specific and thus is not being contributed back
-# to the upstream community.  Details:
-#
-# OpenSSH uses the BSD/Linux man page scheme which is different from the SysV
-# man page scheme used in Solaris.  In order to comply to the Solaris man page
-# policy and also use the IPS mediator to switch between SunSSH and OpenSSH man
-# pages, the section numbers of some OpenSSH man pages are changed to be the
-# same as their corresponding ones in SunSSH.
-#
-diff -pur old/moduli.5 new/moduli.5
---- old/moduli.5
-+++ new/moduli.5
-@@ -14,7 +14,7 @@
-.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.Dd $Mdocdate: September 26 2012 $
--.Dt MODULI 5
-+.Dt MODULI 4
-.Os
-.Sh NAME
-.Nm moduli
-@@ -23,7 +23,7 @@
-The
-.Pa /etc/moduli
-file contains prime numbers and generators for use by
--.Xr sshd 8
-+.Xr sshd 1M
-in the Diffie-Hellman Group Exchange key exchange method.
-.Pp
-New moduli may be generated with
-@@ -40,7 +40,7 @@ pass, using
-.Ic ssh-keygen -T ,
-provides a high degree of assurance that the numbers are prime and are
-safe for use in Diffie-Hellman operations by
--.Xr sshd 8 .
-+.Xr sshd 1M .
-This
-.Nm
-format is used as the output from each pass.
-@@ -70,7 +70,7 @@ are Sophie Germain primes (type 4).
-Further primality testing with
-.Xr ssh-keygen 1
-produces safe prime moduli (type 2) that are ready for use in
--.Xr sshd 8 .
-+.Xr sshd 1M .
-Other types are not used by OpenSSH.
-.It tests
-Decimal number indicating the type of primality tests that the number
-@@ -105,16 +105,16 @@ The modulus itself in hexadecimal.
-.El
-.Pp
-When performing Diffie-Hellman Group Exchange,
--.Xr sshd 8
-+.Xr sshd 1M
-first estimates the size of the modulus required to produce enough
-Diffie-Hellman output to sufficiently key the selected symmetric cipher.
--.Xr sshd 8
-+.Xr sshd 1M
-then randomly selects a modulus from
-.Fa /etc/moduli
-that best meets the size requirement.
-.Sh SEE ALSO
-.Xr ssh-keygen 1 ,
--.Xr sshd 8
-+.Xr sshd 1M
-.Sh STANDARDS
-.Rs
-.%A M. Friedl
-diff -pur old/sftp-server.8 new/sftp-server.8
---- old/sftp-server.8
-+++ new/sftp-server.8
-@@ -23,7 +23,7 @@
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: December 11 2014 $
--.Dt SFTP-SERVER 8
-+.Dt SFTP-SERVER 1M
-.Os
-.Sh NAME
-.Nm sftp-server
-@@ -47,7 +47,7 @@ is a program that speaks the server side
-to stdout and expects client requests from stdin.
-.Nm
-is not intended to be called directly, but from
--.Xr sshd 8
-+.Xr sshd 1M
-using the
-.Cm Subsystem
-option.
-@@ -58,7 +58,7 @@ should be specified in the
-.Cm Subsystem
-declaration.
-See
--.Xr sshd_config 5
-+.Xr sshd_config 4
-for more information.
-.Pp
-Valid options are:
-@@ -71,7 +71,7 @@ The pathname may contain the following t
-and %u is replaced by the username of that user.
-The default is to use the user's home directory.
-This option is useful in conjunction with the
--.Xr sshd_config 5
-+.Xr sshd_config 4
-.Cm ChrootDirectory
-option.
-.It Fl e
-@@ -152,8 +152,8 @@ establish a logging socket inside the ch
-.Sh SEE ALSO
-.Xr sftp 1 ,
-.Xr ssh 1 ,
--.Xr sshd_config 5 ,
--.Xr sshd 8
-+.Xr sshd_config 4 ,
-+.Xr sshd 1M
-.Rs
-.%A T. Ylonen
-.%A S. Lehtinen
-diff -pur old/ssh-keysign.8 new/ssh-keysign.8
---- old/ssh-keysign.8
-+++ new/ssh-keysign.8
-@@ -23,7 +23,7 @@
-.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: December 7 2013 $
--.Dt SSH-KEYSIGN 8
-+.Dt SSH-KEYSIGN 1M
-.Os
-.Sh NAME
-.Nm ssh-keysign
-@@ -52,7 +52,7 @@ is not intended to be invoked by the use
-See
-.Xr ssh 1
-and
--.Xr sshd 8
-+.Xr sshd 1M
-for more information about host-based authentication.
-.Sh FILES
-.Bl -tag -width Ds -compact
-@@ -83,8 +83,8 @@ information corresponding with the priva
-.Sh SEE ALSO
-.Xr ssh 1 ,
-.Xr ssh-keygen 1 ,
--.Xr ssh_config 5 ,
--.Xr sshd 8
-+.Xr ssh_config 4 ,
-+.Xr sshd 1M
-.Sh HISTORY
-.Nm
-first appeared in
-diff -pur old/ssh-pkcs11-helper.8 new/ssh-pkcs11-helper.8
---- old/ssh-pkcs11-helper.8
-+++ new/ssh-pkcs11-helper.8
-@@ -15,7 +15,7 @@
-.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-.\"
-.Dd $Mdocdate: July 16 2013 $
--.Dt SSH-PKCS11-HELPER 8
-+.Dt SSH-PKCS11-HELPER 1M
-.Os
-.Sh NAME
-.Nm ssh-pkcs11-helper
-diff -pur old/ssh_config.5 new/ssh_config.5
---- old/ssh_config.5
-+++ new/ssh_config.5
-@@ -35,7 +35,7 @@
-.\"
-.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $
-.Dd $Mdocdate: August 14 2015 $
--.Dt SSH_CONFIG 5
-+.Dt SSH_CONFIG 4
-.Os
-.Sh NAME
-.Nm ssh_config
-@@ -568,7 +568,7 @@ then the master connection will remain i
-.Dq Fl O No exit
-option).
-If set to a time in seconds, or a time in any of the formats documented in
--.Xr sshd_config 5 ,
-+.Xr sshd_config 4 ,
-then the backgrounded master connection will automatically terminate
-after it has remained idle (with no client connections) for the
-specified time.
-@@ -695,7 +695,7 @@ option is also enabled.
-Specify a timeout for untrusted X11 forwarding
-using the format described in the
-TIME FORMATS section of
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
-X11 connections received by
-.Xr ssh 1
-after this time will be refused.
-@@ -762,7 +762,7 @@ should hash host names and addresses whe
-These hashed names may be used normally by
-.Xr ssh 1
-and
--.Xr sshd 8 ,
-+.Xr sshd 1M ,
-but they do not reveal identifying information should the file's contents
-be disclosed.
-The default is
-@@ -1286,7 +1286,7 @@ depending on the cipher.
-The optional second value is specified in seconds and may use any of the
-units documented in the
-TIME FORMATS section of
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
-The default value for
-.Cm RekeyLimit
-is
-@@ -1330,7 +1330,7 @@ Specifying a remote
-will only succeed if the server's
-.Cm GatewayPorts
-option is enabled (see
--.Xr sshd_config 5 ) .
-+.Xr sshd_config 4 ) .
-.It Cm RequestTTY
-Specifies whether to request a pseudo-tty for the session.
-The argument may be one of:
-@@ -1396,7 +1396,7 @@ pseudo-terminal is requested as it is re
-Refer to
-.Cm AcceptEnv
-in
--.Xr sshd_config 5
-+.Xr sshd_config 4
-for how to configure the server.
-Variables are specified by name, which may contain wildcard characters.
-Multiple environment variables may be separated by whitespace or spread
-diff -pur old/sshd.8 new/sshd.8
---- old/sshd.8
-+++ new/sshd.8
-@@ -35,7 +35,7 @@
-.\"
-.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $
-.Dd $Mdocdate: July 3 2015 $
--.Dt SSHD 8
-+.Dt SSHD 1M
-.Os
-.Sh NAME
-.Nm sshd
-@@ -77,7 +77,7 @@ and data exchange.
-.Nm
-can be configured using command-line options or a configuration file
-(by default
--.Xr sshd_config 5 ) ;
-+.Xr sshd_config 4 ) ;
-command-line options override values specified in the
-configuration file.
-.Nm
-@@ -204,7 +204,7 @@ Can be used to give options in the forma
-This is useful for specifying options for which there is no separate
-command-line flag.
-For full details of the options, and their values, see
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
-.It Fl p Ar port
-Specifies the port on which the server listens for connections
-(default 22).
-@@ -274,7 +274,7 @@ The default is to use protocol 2 only,
-though this can be changed via the
-.Cm Protocol
-option in
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
-Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
-protocol 1 only supports RSA keys.
-For both protocols,
-@@ -399,7 +399,7 @@ if it exists, and users are allowed to c
-See the
-.Cm PermitUserEnvironment
-option in
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
-.It
-Changes to user's home directory.
-.It
-@@ -549,7 +549,7 @@ The command originally supplied by the c
-environment variable.
-Note that this option applies to shell, command or subsystem execution.
-Also note that this command may be superseded by either a
--.Xr sshd_config 5
-+.Xr sshd_config 4
-.Cm ForceCommand
-directive or a command embedded in a certificate.
-.It Cm environment="NAME=value"
-@@ -570,7 +570,7 @@ Specifies that in addition to public key
-name of the remote host or its IP address must be present in the
-comma-separated list of patterns.
-See PATTERNS in
--.Xr ssh_config 5
-+.Xr ssh_config 4
-for more information on patterns.
-.Pp
-In addition to the wildcard matching that may be applied to hostnames or
-@@ -858,7 +858,7 @@ It should only be writable by root.
-.It Pa /etc/moduli
-Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
-The file format is described in
--.Xr moduli 5 .
-+.Xr moduli 4 .
-.Pp
-.It Pa /etc/motd
-See
-@@ -919,7 +919,7 @@ should be world-readable.
-Contains configuration data for
-.Nm sshd .
-The file format and configuration options are described in
--.Xr sshd_config 5 .
-+.Xr sshd_config 4 .
-.Pp
-.It Pa /etc/ssh/sshrc
-Similar to
-@@ -954,10 +954,10 @@ The content of this file is not sensitiv
-.Xr ssh-keyscan 1 ,
-.Xr chroot 2 ,
-.Xr login.conf 5 ,
--.Xr moduli 5 ,
--.Xr sshd_config 5 ,
--.Xr inetd 8 ,
--.Xr sftp-server 8
-+.Xr moduli 4 ,
-+.Xr sshd_config 4 ,
-+.Xr inetd 1M ,
-+.Xr sftp-server 1M
-.Sh AUTHORS
-OpenSSH is a derivative of the original and free
-ssh 1.2.12 release by Tatu Ylonen.
-diff -pur old/sshd_config.5 new/sshd_config.5
---- old/sshd_config.5
-+++ new/sshd_config.5
-@@ -35,7 +35,7 @@
-.\"
-.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $
-.Dd $Mdocdate: August 14 2015 $
--.Dt SSHD_CONFIG 5
-+.Dt SSHD_CONFIG 4
-.Os
-.Sh NAME
-.Nm sshd_config
-@@ -43,7 +43,7 @@
-.Sh SYNOPSIS
-.Nm /etc/ssh/sshd_config
-.Sh DESCRIPTION
--.Xr sshd 8
-+.Xr sshd 1M
-reads configuration data from
-.Pa /etc/ssh/sshd_config
-(or the file specified with
-@@ -68,7 +68,7 @@ the session's
-See
-.Cm SendEnv
-in
--.Xr ssh_config 5
-+.Xr ssh_config 4
-for how to configure the client.
-Note that environment passing is only supported for protocol 2, and
-that the
-@@ -89,7 +89,7 @@ For this reason, care should be taken in
-The default is not to accept any environment variables.
-.It Cm AddressFamily
-Specifies which address family should be used by
--.Xr sshd 8 .
-+.Xr sshd 1M .
-Valid arguments are
-.Dq any ,
-.Dq inet
-@@ -122,7 +122,7 @@ and finally
-.Cm AllowGroups .
-.Pp
-See PATTERNS in
--.Xr ssh_config 5
-+.Xr ssh_config 4
-for more information on patterns.
-.It Cm AllowTcpForwarding
-Specifies whether TCP forwarding is permitted.
-@@ -182,7 +182,7 @@ and finally
-.Cm AllowGroups .
-.Pp
-See PATTERNS in
--.Xr ssh_config 5
-+.Xr ssh_config 4
-for more information on patterns.
-.It Cm AuthenticationMethods
-Specifies the authentication methods that must be successfully completed
-@@ -250,7 +250,7 @@ will be supplied.
-.Pp
-The program should produce on standard output zero or
-more lines of authorized_keys output (see AUTHORIZED_KEYS in
--.Xr sshd 8 ) .
-+.Xr sshd 1M ) .
-If a key supplied by AuthorizedKeysCommand does not successfully authenticate
-and authorize the user then public key authentication continues using the usual
-.Cm AuthorizedKeysFile
-@@ -273,7 +273,7 @@ for user authentication.
-The format is described in the
-AUTHORIZED_KEYS FILE FORMAT
-section of
--.Xr sshd 8 .
-+.Xr sshd 1M .
-.Cm AuthorizedKeysFile
-may contain tokens of the form %T which are substituted during connection
-setup.
-@@ -332,7 +332,7 @@ this file lists names, one of which must
-to be accepted for authentication.
-Names are listed one per line preceded by key options (as described
-in AUTHORIZED_KEYS FILE FORMAT in
--.Xr sshd 8 ) .
-+.Xr sshd 1M ) .
-Empty lines and comments starting with
-.Ql #
-are ignored.
-@@ -362,7 +362,7 @@ and is not consulted for certification a
-though the
-.Cm principals=
-key option offers a similar facility (see
--.Xr sshd 8
-+.Xr sshd 1M
-for details).
-.It Cm Banner
-The contents of the specified file are sent to the remote user before
-@@ -387,7 +387,7 @@ At session startup
-checks that all components of the pathname are root-owned directories
-which are not writable by any other user or group.
-After the chroot,
--.Xr sshd 8
-+.Xr sshd 1M
-changes the working directory to the user's home directory.
-.Pp
-The pathname may contain the following tokens that are expanded at runtime once
-@@ -490,7 +490,7 @@ with an argument of
-.It Cm ClientAliveCountMax
-Sets the number of client alive messages (see below) which may be
-sent without
--.Xr sshd 8
-+.Xr sshd 1M
-receiving any messages back from the client.
-If this threshold is reached while client alive messages are being sent,
-sshd will disconnect the client, terminating the session.
-@@ -517,7 +517,7 @@ This option applies to protocol version
-.It Cm ClientAliveInterval
-Sets a timeout interval in seconds after which if no data has been received
-from the client,
--.Xr sshd 8
-+.Xr sshd 1M
-will send a message through the encrypted
-channel to request a response from the client.
-The default
-@@ -548,7 +548,7 @@ and finally
-.Cm AllowGroups .
-.Pp
-See PATTERNS in
--.Xr ssh_config 5
-+.Xr ssh_config 4
-for more information on patterns.
-.It Cm DenyUsers
-This keyword can be followed by a list of user name patterns, separated
-@@ -567,7 +567,7 @@ and finally
-.Cm AllowGroups .
-.Pp
-See PATTERNS in
--.Xr ssh_config 5
-+.Xr ssh_config 4
-for more information on patterns.
-.It Cm FingerprintHash
-Specifies the hash algorithm used when logging key fingerprints.
-@@ -600,7 +600,7 @@ files when used with
-Specifies whether remote hosts are allowed to connect to ports
-forwarded for the client.
-By default,
--.Xr sshd 8
-+.Xr sshd 1M
-binds remote port forwardings to the loopback address.
-This prevents other remote hosts from connecting to forwarded ports.
-.Cm GatewayPorts
-@@ -686,7 +686,7 @@ files during
-A setting of
-.Dq yes
-means that
--.Xr sshd 8
-+.Xr sshd 1M
-uses the name supplied by the client rather than
-attempting to resolve the name from the TCP connection itself.
-The default is
-@@ -697,7 +697,7 @@ The certificate's public key must match
-by
-.Cm HostKey .
-The default behaviour of
--.Xr sshd 8
-+.Xr sshd 1M
-is not to load any certificates.
-.It Cm HostKey
-Specifies a file containing a private host key
-@@ -779,7 +779,7 @@ The default is
-.Dq yes .
-.It Cm IgnoreUserKnownHosts
-Specifies whether
--.Xr sshd 8
-+.Xr sshd 1M
-should ignore the user's
-.Pa ~/.ssh/known_hosts
-during
-@@ -914,7 +914,7 @@ If the value is 0, the key is never rege
-The default is 3600 (seconds).
-.It Cm ListenAddress
-Specifies the local addresses
--.Xr sshd 8
-+.Xr sshd 1M
-should listen on.
-The following forms may be used:
-.Pp
-@@ -954,7 +954,7 @@ If the value is 0, there is no time limi
-The default is 120 seconds.
-.It Cm LogLevel
-Gives the verbosity level that is used when logging messages from
--.Xr sshd 8 .
-+.Xr sshd 1M .
-The possible values are:
-QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
-The default is INFO.
-@@ -1059,7 +1059,7 @@ and
-The match patterns may consist of single entries or comma-separated
-lists and may use the wildcard and negation operators described in the
-PATTERNS section of
--.Xr ssh_config 5 .
-+.Xr ssh_config 4 .
-.Pp
-The patterns in an
-.Cm Address
-@@ -1148,7 +1148,7 @@ Alternatively, random early drop can be
-the three colon separated values
-.Dq start:rate:full
-(e.g. "10:30:60").
--.Xr sshd 8
-+.Xr sshd 1M
-will refuse connection attempts with a probability of
-.Dq rate/100
-(30%)
-@@ -1268,7 +1268,7 @@ and
-options in
-.Pa ~/.ssh/authorized_keys
-are processed by
--.Xr sshd 8 .
-+.Xr sshd 1M .
-The default is
-.Dq no .
-Enabling environment processing may enable users to bypass access
-@@ -1289,7 +1289,7 @@ The default is
-.Pa /var/run/sshd.pid .
-.It Cm Port
-Specifies the port number that
--.Xr sshd 8
-+.Xr sshd 1M
-listens on.
-The default is 22.
-Multiple options of this type are permitted.
-@@ -1297,14 +1297,14 @@ See also
-.Cm ListenAddress .
-.It Cm PrintLastLog
-Specifies whether
--.Xr sshd 8
-+.Xr sshd 1M
-should print the date and time of the last user login when a user logs
-in interactively.
-On Solaris this option is always ignored since pam_unix_session(5)
-reports the last login time.
-.It Cm PrintMotd
-Specifies whether
--.Xr sshd 8
-+.Xr sshd 1M
-should print
-.Pa /etc/motd
-when a user logs in interactively.
-@@ -1315,7 +1315,7 @@ The default is
-.Dq yes .
-.It Cm Protocol
-Specifies the protocol versions
--.Xr sshd 8
-+.Xr sshd 1M
-supports.
-The possible values are
-.Sq 1
-@@ -1440,7 +1440,7 @@ The default is
-.Dq no .
-.It Cm StrictModes
-Specifies whether
--.Xr sshd 8
-+.Xr sshd 1M
-should check file modes and ownership of the
-user's files and home directory before accepting login.
-This is normally desirable because novices sometimes accidentally leave their
-@@ -1474,7 +1474,7 @@ By default no subsystems are defined.
-Note that this option applies to protocol version 2 only.
-.It Cm SyslogFacility
-Gives the facility code that is used when logging messages from
--.Xr sshd 8 .
-+.Xr sshd 1M .
-The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
-LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
-The default is AUTH.
-@@ -1571,13 +1571,13 @@ or
-If
-.Cm UsePAM
-is enabled, you will not be able to run
--.Xr sshd 8
-+.Xr sshd 1M
-as a non-root user.
-The default is
-.Dq no .
-.It Cm UsePrivilegeSeparation
-Specifies whether
--.Xr sshd 8
-+.Xr sshd 1M
-separates privileges by creating an unprivileged child process
-to deal with incoming network traffic.
-After successful authentication, another process will be created that has
-@@ -1599,7 +1599,7 @@ The default is
-.Dq none .
-.It Cm X11DisplayOffset
-Specifies the first display number available for
--.Xr sshd 8 Ns 's
-+.Xr sshd 1M Ns 's
-X11 forwarding.
-This prevents sshd from interfering with real X11 servers.
-The default is 10.
-@@ -1614,7 +1614,7 @@ The default is
-.Pp
-When X11 forwarding is enabled, there may be additional exposure to
-the server and to client displays if the
--.Xr sshd 8
-+.Xr sshd 1M
-proxy display is configured to listen on the wildcard address (see
-.Cm X11UseLocalhost
-below), though this is not the default.
-@@ -1625,7 +1625,7 @@ display server may be exposed to attack
-forwarding (see the warnings for
-.Cm ForwardX11
-in
--.Xr ssh_config 5 ) .
-+.Xr ssh_config 4 ) .
-A system administrator may have a stance in which they want to
-protect clients that may expose themselves to attack by unwittingly
-requesting X11 forwarding, which can warrant a
-@@ -1639,7 +1639,7 @@ X11 forwarding is automatically disabled
-is enabled.
-.It Cm X11UseLocalhost
-Specifies whether
--.Xr sshd 8
-+.Xr sshd 1M
-should bind the X11 forwarding server to the loopback address or to
-the wildcard address.
-By default,
-@@ -1672,7 +1672,7 @@ The default is
-.Pa /usr/X11R6/bin/xauth .
-.El
-.Sh TIME FORMATS
--.Xr sshd 8
-+.Xr sshd 1M
-command-line arguments and configuration file options that specify time
-may be expressed using a sequence of the form:
-.Sm off
-@@ -1716,12 +1716,12 @@ Time format examples:
-.Bl -tag -width Ds
-.It Pa /etc/ssh/sshd_config
-Contains configuration data for
--.Xr sshd 8 .
-+.Xr sshd 1M .
-This file should be writable by root only, but it is recommended
-(though not necessary) that it be world-readable.
-.El
-.Sh SEE ALSO
--.Xr sshd 8 ,
-+.Xr sshd 1M ,
-.Xr pam_unix_session 5
-.Sh AUTHORS
-OpenSSH is a derivative of the original and free

changeset 5036	06e4fcc325a1
parent 5035	1d0e6cf38844
child 5040	6242a3f0012d