[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Problems configuring in Suse 10.2
|
From: |
Jere Retzer |
|
Subject: |
Re: [Jailkit-users] Problems configuring in Suse 10.2 |
|
Date: |
Tue, 06 Mar 2007 14:24:00 -0800 |
I really appreciate the help. I did as suggested and got the following:
Mar 6 13:59:03 thinkpad sshd[14037]: subsystem request for sftp
Mar 6 13:59:03 thinkpad jk_chrootsh[14038]: abort, path /home/jail/./home/lcmc
is setgid
Mar 6 13:59:03 thinkpad jk_chrootsh[14038]: abort, path /home/jail/./home/lcmc
is group writable
Mar 6 13:59:28 thinkpad sshd[14041]: Accepted keyboard-interactive/pam for
mike from 127.0.0.1 port 13628 ssh2
Mar 6 13:59:28 thinkpad sshd[14044]: subsystem request for sftp
Mar 6 13:59:28 thinkpad jk_chrootsh[14045]: abort, path /home/jail/./home/mike
is setgid
Mar 6 13:59:28 thinkpad jk_chrootsh[14045]: abort, path /home/jail/./home/mike
is group writable
So I then dropped group read and write and got this:
Mar 6 14:05:51 thinkpad sshd[14082]: subsystem request for sftp
Mar 6 14:05:51 thinkpad jk_chrootsh[14083]: now entering jail /home/jail for
user lcmc (1002)
Mar 6 14:05:51 thinkpad jk_chrootsh[14083]: abort, chdir(/home/lcmc) failed
inside the jail /home/jail: Permission denied, check the permissions for
/home/jail//home/lcmc
Mar 6 14:06:25 thinkpad sshd[14086]: Accepted keyboard-interactive/pam for
mike from 127.0.0.1 port 17037 ssh2
Mar 6 14:06:25 thinkpad sshd[14089]: subsystem request for sftp
Mar 6 14:06:25 thinkpad jk_chrootsh[14090]: now entering jail /home/jail for
user mike (1001)
Mar 6 14:06:25 thinkpad jk_chrootsh[14090]: abort, chdir(/home/mike) failed
inside the jail /home/jail: Permission denied, check the permissions for
/home/jail//home/mike
So I gave the user rwx (they were previously rw) for their home directories and
now the passwords fail:
Mar 6 14:12:22 thinkpad sshd[14106]: error: PAM: Authentication failure for
lcmc from localhost
Mar 6 14:12:46 thinkpad sshd[14113]: error: PAM: Authentication failure for
mike from localhost
>>> address@hidden 3/6/2007 1:43 PM >>>
Jere Retzer wrote:
> I have the /etc/passwd in the file now. The sequence I'm using creates the
> groups and users and then moves them to the jail. It reads:
>
> mike:x:1001:1000::/home/mike:/usr/sbin/jk_lsh
> lcmc:x:1002:1001::/home/lcmc:/usr/sbin/jk_lsh
>
> Now I can get a session by sftp address@hidden but it terminates as soon as I
> enter the password. Here is what I see in /var/log/messages:
just fix what the logs say is wrong
> Mar 6 12:21:21 thinkpad jk_chrootsh[13879]: abort, path
> /home/jail/./home/lcmc is setgid
remove the setgid bit from that directory
(chmod u-s /home/jail/./home/lcmc)
> Mar 6 12:21:21 thinkpad jk_chrootsh[13879]: abort, path
> /home/jail/./home/lcmc does not have group 1001
make the path owned by group 1001
(chown lcmc:1001 /home/jail/./home/lcmc)
> Mar 6 12:21:39 thinkpad jk_chrootsh[13886]: abort, path
> /home/jail/./home/mike is setgid
chmod u-s /home/jail/./home/mike
> Mar 6 12:21:39 thinkpad jk_chrootsh[13886]: abort, path
> /home/jail/./home/mike does not have group 1000
chown lcmc:1000 /home/jail/./home/lcmc
regards,
Olivier
_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users
- [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/05
- Re: [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/06
- Re: [Jailkit-users] Problems configuring in Suse 10.2,
Jere Retzer <=
- Re: [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/07
- Re: [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/07
- Re: [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/07
- Re: [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/07
- Re: [Jailkit-users] Problems configuring in Suse 10.2, Jere Retzer, 2007/03/08