From dd03698218f38dc549524908675a178b115da0e1 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Tue, 1 Mar 2016 09:19:16 -0500
Subject: sshd fixes

---
 src/firejail/main.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/src/firejail/main.c b/src/firejail/main.c
index 31c58d8ae..c0050be1f 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -612,8 +612,24 @@ int main(int argc, char **argv) {
 	bandwidth_shm_del_file(sandbox_pid);
 	EUID_USER();
 	
-	// is this a login shell?
-	if (*argv[0] == '-') {
+	//check if the parent is sshd daemon
+	int parent_sshd = 0;
+	{
+		pid_t ppid = getppid();
+		char *comm = pid_proc_comm(ppid);
+		if (comm) {
+			// remove \n
+			char *ptr = strchr(comm, '\n');
+			if (ptr)
+				*ptr = '\0';
+			if (strcmp(comm, "sshd") == 0)
+				parent_sshd = 1;
+			free(comm);
+		}
+	}
+	
+	// is this a login shell, or a command passed by sshd insert command line options from /etc/firejail/login.users
+	if (*argv[0] == '-' || parent_sshd) {
 		fullargc = restricted_shell(cfg.username);
 		if (fullargc) {
 			int j;
-- 
cgit v1.2.3-70-g09d2