Bug 1080154

Summary: sftp / symlink does not create relative links
Product: Red Hat Enterprise Linux 6 Reporter: Leon Fauster <leonfauster>
Component: opensshAssignee: Petr Lautrbach <plautrba>
Status: CLOSED NOTABUG QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.6   
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-04-04 11:14:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Leon Fauster 2014-03-24 19:05:25 UTC 
Description of problem:
while being connected via sftp - the usage of symlink will always
create a link with a absolute path. this leads to invalid links
when using chrooted sftp connections. 



Version-Release number of selected component (if applicable):
rpm -q openssh
openssh-5.3p1-94.el6.x86_64



How reproducible:
create chroot config like
tail -16  /etc/ssh/sshd_config
# override default of no subsystems
#Subsystem	sftp	/usr/libexec/openssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	ForceCommand cvs server

Subsystem	sftp	internal-sftp
Match Group myexamplegroup
  ForceCommand internal-sftp
  AllowTcpForwarding no
  ChrootDirectory /myexampleroot/service/
  X11Forwarding no

---
login via sftp (with an user in group myexamplegroup)
and do something like this in a subdirectory:

symlink ../example/ test

the result is only valid while being in the sftp session.

outside the chroot the link points to 

test -> /myexampleroot/service/subdir/../example/

which is not valid




Expected results:
relative links
Comment 2 Petr Lautrbach 2014-04-04 11:14:21 UTC 
Works for me with sftp client from RHEL-6

sftp> symlink ../bin bin-link
debug3: Wrote 80 bytes for a total of 2797
debug3: Sent message SSH2_FXP_SYMLINK "../bin" -> "/a/bin-link"
debug3: SSH2_FXP_STATUS 0

But I can reproduce this issue using RHEL-7's sftp:

sftp> symlink ../bin bin-link
debug3: Sent message SSH2_FXP_SYMLINK "/a/../bin" -> "/a/bin-link"
debug3: SSH2_FXP_STATUS 0

RHEL-7 bug - #1084079
Comment 3 Leon Fauster 2014-04-11 15:44:47 UTC 
indeed it seems to be on client side. i was 
connecting from an osx client to a EL6 server.

this sftp clients works:
========================

el5$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

el6$ ssh -V
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013



this sftp client does NOT works:
=================================
osx$ ssh -V
OpenSSH_5.9p1, OpenSSL 0.9.8y 5 Feb 2013



server side for both el5 and el6
Comment 4 Leon Fauster 2015-03-17 15:50:49 UTC 
Despite that it works in the rhel ecosystem. 
we have customers that login from 

# ssh -v 2>&1 |head -1
OpenSSH_6.0p1 Debian-4+deb7u2, OpenSSL 1.0.1e 11 Feb 2013

# cat /etc/debian_version 
7.8


I have openssh 6.7p1_0 tested under OSX via macports tested 
but can not create a valid symlink. 

Is this fixed in the upstream project? So that newer releases/sftp clients 
from other distributions can be used to create valid symlinks?


I do not expect this to be a valid behaviour. So, what path should one go
to fix this?
Comment 5 Petr Lautrbach 2015-03-17 15:55:28 UTC 
I guess it's fixed in openssh-6.5p1 - http://www.openssh.com/txt/release-6.5 - https://bugzilla.mindrot.org/show_bug.cgi?id=2129