[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Some missing libraries - the ones missing are in /li
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] Some missing libraries - the ones missing are in /lib64 - could that make SFTP not work correctly? |
Date: |
Wed, 23 Jan 2008 00:05:14 +0100 |
User-agent: |
Thunderbird 2.0.0.6 (X11/20071022) |
please reply to the mailinglist so other people can be helped by the
answers as well.
address@hidden wrote:
> OK, I did:
>
> chgrp 100 /home/jail/./home/tom
>
> Now I get the following when I try to login as tom:
>
> Jan 22 12:31:17 server1 jk_chrootsh[20398]: now entering jail /home/jail
> for user tom (100)
> Jan 22 20:31:17 server1 jk_lsh[20398]: jk_lsh version 2.4, started
> Jan 22 20:31:17 server1 jk_lsh[20398]: WARNING: user tom (1008) tried to
> run 'sftp-server', which is not allowed according to
> /etc/jailkit/jk_lsh.ini
>
> It is referencing /etc/jailkit/jk_lsh.ini
>
> AND NOT /home/jail/etc/jailkit/jk_lsh.ini
true. A program inside a jail thinks the file /etc/jailkit/jk_lsh.ini is
in the real /etc/ directory. Jailed programs do not know they are in a
jail.
To answer it the other way around: jk_lsh cannot read the real
/etc/jailkit/jk_lsh.ini because it can only read files that are inside
the jail.
>
> My sftp process is in: /usr/bin/sftp
that is the client. On the server it needs sftp-server
> I really only need SSH access though through CuteFTP - over Port 22.
ssh shell or ssh sftp?
as far as I understood right now you use a ftp-client on a different
computer, and you want the sftp-server in the jail and nothing else.
That means you need the sftp-server binary in your jail with it's
libraries, and you don't need anything else like the /usr/bin/sftp or
/usr/bin/ssh.
regards,
Olivier