upstream: UsePrivilegeSeparation no is deprecated

test "yes" and "sandbox".

OpenBSD-Regress-ID: 80e685ed8990766527dc629b1affc09a75bfe2da

diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index d2ecd318beae727f8d3c7dd8823de64f6aba5304..3ce777967a5d03353b6680cdc02bd77e0c62211f 100644 (file)
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: cert-hostkey.sh,v 1.16 2018/07/03 11:43:49 djm Exp $
+#      $OpenBSD: cert-hostkey.sh,v 1.17 2018/10/31 11:09:27 dtucker Exp $
 #      Placed in the Public Domain.
 
 tid="certified host keys"
@@ -127,7 +127,7 @@ attempt_connect() {
 }
 
 # Basic connect and revocation tests.
-for privsep in yes no ; do
+for privsep in yes sandbox ; do
        for ktype in $PLAIN_TYPES ; do
                verbose "$tid: host ${ktype} cert connect privsep $privsep"
                (
@@ -165,7 +165,7 @@ for ktype in $PLAIN_TYPES ; do
        kh_revoke cert_host_key_${ktype}.pub >> $OBJ/known_hosts-cert.orig
 done
 cp $OBJ/known_hosts-cert.orig $OBJ/known_hosts-cert
-for privsep in yes no ; do
+for privsep in yes sandbox ; do
        for ktype in $PLAIN_TYPES ; do
                verbose "$tid: host ${ktype} revoked cert privsep $privsep"
                (

diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 30c2c156d2f1976833fae6a9590c870f94129aa9..6849e99226493445c10ec498b5188b8b8106ac65 100644 (file)
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: cert-userkey.sh,v 1.19 2018/03/12 00:54:04 djm Exp $
+#      $OpenBSD: cert-userkey.sh,v 1.20 2018/10/31 11:09:27 dtucker Exp $
 #      Placed in the Public Domain.
 
 tid="certified user keys"
@@ -47,7 +47,7 @@ done
 # Test explicitly-specified principals
 for ktype in $EXTRA_TYPES $PLAIN_TYPES ; do
        t=$(kname $ktype)
-       for privsep in yes no ; do
+       for privsep in yes sandbox ; do
                _prefix="${ktype} privsep $privsep"
 
                # Setup for AuthorizedPrincipalsFile

diff --git a/regress/multipubkey.sh b/regress/multipubkey.sh
index e9d15306ff2f19908eb9453f5c52e0845fd6a980..4d443ec45da3072545d38532dc25094d80c52c15 100644 (file)
--- a/regress/multipubkey.sh
+++ b/regress/multipubkey.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: multipubkey.sh,v 1.1 2014/12/22 08:06:03 djm Exp $
+#      $OpenBSD: multipubkey.sh,v 1.2 2018/10/31 11:09:27 dtucker Exp $
 #      Placed in the Public Domain.
 
 tid="multiple pubkey"
@@ -31,7 +31,7 @@ grep -v IdentityFile $OBJ/ssh_proxy.orig > $OBJ/ssh_proxy
 opts="-oProtocol=2 -F $OBJ/ssh_proxy -oIdentitiesOnly=yes"
 opts="$opts -i $OBJ/cert_user_key1 -i $OBJ/user_key1 -i $OBJ/user_key2"
 
-for privsep in no yes; do
+for privsep in yes sandbox ; do
        (
                grep -v "Protocol"  $OBJ/sshd_proxy.orig
                echo "Protocol 2"

diff --git a/regress/principals-command.sh b/regress/principals-command.sh
index bcc68e80bca69448a10ca0f117641f761882847c..66b5b5bdede217211c01876f1d859e7c3013fae8 100644 (file)
--- a/regress/principals-command.sh
+++ b/regress/principals-command.sh
@@ -1,4 +1,4 @@
-#      $OpenBSD: principals-command.sh,v 1.4 2017/04/30 23:34:55 djm Exp $
+#      $OpenBSD: principals-command.sh,v 1.5 2018/10/31 11:09:27 dtucker Exp $
 #      Placed in the Public Domain.
 
 tid="authorized principals command"
@@ -57,7 +57,7 @@ fi
 
 if [ -x $PRINCIPALS_COMMAND ]; then
        # Test explicitly-specified principals
-       for privsep in yes no ; do
+       for privsep in yes sandbox ; do
                _prefix="privsep $privsep"
 
                # Setup for AuthorizedPrincipalsCommand