[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Some missing libraries - the ones missing are in /li

From: Olivier Sessink
Subject: Re: [Jailkit-users] Some missing libraries - the ones missing are in /lib64 - could that make SFTP not work correctly?
Date: Wed, 23 Jan 2008 00:05:14 +0100
User-agent: Thunderbird (X11/20071022)

please reply to the mailinglist so other people can be helped by the
answers as well.

address@hidden wrote:
> OK, I did:
> chgrp 100 /home/jail/./home/tom
> Now I get the following when I try to login as tom:
> Jan 22 12:31:17 server1 jk_chrootsh[20398]: now entering jail /home/jail
> for user tom (100)
> Jan 22 20:31:17 server1 jk_lsh[20398]: jk_lsh version 2.4, started
> Jan 22 20:31:17 server1 jk_lsh[20398]: WARNING: user tom (1008) tried to
> run 'sftp-server', which is not allowed according to
> /etc/jailkit/jk_lsh.ini
> It is referencing /etc/jailkit/jk_lsh.ini
> AND NOT /home/jail/etc/jailkit/jk_lsh.ini

true. A program inside a jail thinks the file /etc/jailkit/jk_lsh.ini is
in the real /etc/ directory. Jailed programs do not know they are in a

To answer it the other way around: jk_lsh cannot read the real
/etc/jailkit/jk_lsh.ini because it can only read files that are inside
the jail.

> My sftp process is in:  /usr/bin/sftp

that is the client. On the server it needs sftp-server

> I really only need SSH access though through CuteFTP - over Port 22.

ssh shell or ssh sftp?

as far as I understood right now you use a ftp-client on a different
computer, and you want the sftp-server in the jail and nothing else.
That means you need the sftp-server binary in your jail with it's
libraries, and you don't need anything else like the /usr/bin/sftp or


reply via email to

[Prev in Thread] Current Thread [Next in Thread]