[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Jailkit-users] Jailkit confusion
From: |
Paul Mitchell |
Subject: |
[Jailkit-users] Jailkit confusion |
Date: |
Fri, 23 Oct 2009 15:42:22 -0400 (EDT) |
User-agent: |
Alpine 2.00 (LRH 1167 2008-08-23) |
Hello,
I'm trying to move a user into jailkit, restricted to sftp connections.
I've actually moved myself in as a test case, and from another server
I can sftp sucessfully (note I'm running command line sftp on a Solaris
client to reach my server with jailkit, which is redhat linux):
-bash-3.00$ sftp elndz01m
Connecting to elndz01m...
The authenticity of host 'elndz01m
RSA key fingerprint is
Are you sure you want to continue connecting (yes/no)? yes
Failed to add the host to the list of known hosts
(/export/home/pmitchel/.ssh/known_hosts).
address@hidden's password:
sftp> ls
.
..
.bash_history
pmitchel
sftp>
My entry in the /etc/passwd file is:
pmitchel:x:11xxx:11xxx:Paul
Mitchell:/home/jail/./home/pmitchel:/usr/sbin/jk_chrootsh
(note: I x'd out a few numbers for paranoidal sake!^)
Here's the user I'm trying to ge in:
grep faxian /etc/passwd
faxian:x:16xxxx:16xxxx:Faxian
Yang:/home/jail/./home/faxian:/usr/sbin/jk_chrootsh
my /etc/jailkit/jk_lsh.ini looks like:
cat /etc/jailkit/jk_lsh.ini
## example for a user
[DEFAULT]
paths= /usr/lib/
executables= /usr/lib/sftp-server
allow_word_expansion = 0
umask = 002
#
## example for a user
[faxian]
paths= /usr/lib/
executables= /usr/lib/sftp-server
allow_word_expansion = 0
umask = 002
## example for a user
[pmitchel]
paths= /usr/lib/
executables= /usr/lib/sftp-server
allow_word_expansion = 0
umask = 002
#
##example for a group, there should be only 1 space inbetween the words!
#[group users]
#paths = /usr/bin
#executables = /usr/bin/cvs
#allow_word_expansion = 0
#environment= HELIX_PATH=/opt/RealPlayer/, TMP=/tmp/
[group admission]
paths= /usr/bin, /usr/lib/
executables= /usr/bin/scp, /usr/lib/sftp-server,
/usr/lib/openssh/sftp-server, /usr/libexec/sftp-server
address@hidden jailkit]#
Curiously, I get the following errors:
Oct 21 14:34:14 elndz01m rpc.idmapd[8656]: nss_getpwnam: name
'address@hidden' does not map into domain 'localdomain'
Oct 21 15:25:50 elndz01m jk_chrootsh[30657]: now entering jail /home/jail
for user faxian (164890)
Oct 21 15:48:09 elndz01m jk_chrootsh[30715]: now entering jail /home/jail
for user faxian (164890)
Oct 21 15:48:18 elndz01m jk_chrootsh[30723]: now entering jail /home/jail
for user faxian (164890)
Oct 22 11:23:59 elndz01m jk_chrootsh[2090]: now entering jail /home/jail
for user faxian (164890)
Oct 22 11:25:09 elndz01m jk_chrootsh[2100]: now entering jail /home/jail
for user faxian (164890)
Oct 23 12:02:27 elndz01m jk_chrootsh[6948]: now entering jail /home/jail
for user faxian (164890)
Oct 23 12:03:00 elndz01m jk_chrootsh[6958]: now entering jail /home/jail
for user faxian (164890)
Oct 23 12:03:37 elndz01m jk_chrootsh[6969]: now entering jail /home/jail
for user faxian (164890)
Oct 23 12:07:30 elndz01m jk_chrootsh[7049]: now entering jail /home/jail
for user faxian (164890)
Oct 23 16:07:30 elndz01m jk_lsh[7049]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 13:42:03 elndz01m jk_chrootsh[7472]: now entering jail /home/jail
for user faxian (164890)
Oct 23 17:42:03 elndz01m jk_lsh[7472]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 13:42:39 elndz01m jk_chrootsh[7480]: now entering jail /home/jail
for user faxian (164890)
Oct 23 17:42:39 elndz01m jk_lsh[7480]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 13:43:54 elndz01m jk_chrootsh[7490]: now entering jail /home/jail
for user faxian (164890)
Oct 23 17:43:54 elndz01m jk_lsh[7490]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 13:45:21 elndz01m jk_chrootsh[7502]: now entering jail /home/jail
for user faxian (164890)
Oct 23 17:45:21 elndz01m jk_lsh[7502]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 14:20:29 elndz01m jk_chrootsh[7617]: now entering jail /home/jail
for user faxian (164890)
Oct 23 18:20:29 elndz01m jk_lsh[7617]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 14:21:14 elndz01m jk_chrootsh[7628]: now entering jail /home/jail
for user faxian (164890)
Oct 23 18:21:14 elndz01m jk_lsh[7628]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
Oct 23 15:08:08 elndz01m jk_chrootsh[7833]: now entering jail /home/jail
for user faxian (164890)
Oct 23 19:08:08 elndz01m jk_lsh[7833]: did neither find a section
'faxian', nor 'group faxian' nor 'DEFAULT' in configfile
/etc/jailkit/jk_lsh.ini
I'm confused, I have both a DEFAULT and faxian entry in the file.
Any ideas?
Thanks,
Paul Mitchell
==============================================================================
Paul Mitchell
Enterprise Systems
email: address@hidden
NOTE: new location: 440 Franklin, cubby 1213
NOTE: new desk phone: 919 962-2521 (Is here!^)
==============================================================================