jailkit-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] cvs and jails


From: jurgen . depicker
Subject: Re: [Jailkit-users] cvs and jails
Date: Thu, 15 Mar 2007 09:10:41 +0100




>
> Hello to all.
> I jailed all my users with the wonderful jailkit (really, it worked like
> a charm), but now i face troubles with cvs access.
> My clients connect using windows clients, and ssh (putty).
> cvs (i use cvsnt 2.5.03 build 2151 un ubuntu 6.06 LTS ser ver) is
> configured with protocol :ext: or :ssh: .  When a client tries to
> connect after being jailed, cvs doesn't work.   The cvs repository was
> outside the jail.  So i moved the repo inside the jail, as well as the
> cvsnt binaries.  To no avail.

1) I think cvs needs /dev/null or /dev/zero, not sure which one

/jail/dev/Zero does not exist on my system.

2) did you copy the libraries for cvs as well? (did you use jk_cp to
copy the binaries into the jail?)


Here I have a conceptual problem...  Actually, I wanted to keep my cvs tree outside the jail.  To prevent users browsing inside it.  So their only access would be via checkouts, which are controlled by cvsnt access control lists.
Is it possible to keep the cvs tree outside the jail at all?  Or should I use a different method?  I don't really understand how cvs access over ssh works.  Does it mean the cvs binaries need to be accessible from the jail user's shell?  It seems like a cath22 situation...   I end up having to put my whole system in the jail, since eg cvs runs some scripts, which need php, and which need access to the mysql db driving my drupal site (for checking commit access control).

Thanks for your swift reply!!!!
J├╝rgen


_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users



reply via email to

[Prev in Thread] Current Thread [Next in Thread]