Re: [Jailkit-users] Config problems - New users don't work

[Derek Weichenthal]

address@hidden:/jail/etc# ls -la
-rw-r--r-- 1 root root   86 Jun 10 09:50 passwd

address@hidden:/jail/etc# ls -la /etc/passwd
-rw-r--r-- 1 root root 2370 Jun 10 09:50 /etc/passwd

There is no libnsswitch.conf file present on the system. I am using NIS 
though for network authentication, could that possibly be the problem? 
My old accounts work while on NIS just fine, though it was with an older 
build.

Thanks,
Derek

On 06/16/2010 03:05 AM, Olivier Sessink wrote:
> > The time adjustment worked and it is reporting correctly now.
> >
> > address@hidden:~# grep jailtest /jail/etc/passwd
> > jailtest:x:9041:9043::/home/jailtest:/usr/sbin/jk_lsh
> >
> > address@hidden:~# grep jailtest /etc/passwd
> > jailtest:x:9041:9043::/jail/./home/jailtest:/usr/sbin/jk_chrootsh
> >      
> this looks good. Are the permissions on both files identical? You're not
> using users in ldap or nscd? (check /etc/libnsswitch.conf)
>
> Olivier
>
>    
> > On 6/13/2010 2:42 AM, Olivier Sessink wrote:
> >      
> > > On 06/10/2010 04:28 PM, Derek Weichenthal wrote:
> > >        
> > > > Hello,
> > > >
> > > > I'm a new user to jailkit, previously this network was using a jail
> > > > environment but it was built with an older package from a couple years
> > > > ago and it will no longer create a user that works properly. I'm having
> > > > some similar problems using the 2.11 release.
> > > >
> > > > Following the README.txt included I can successfully create the jail
> > > > environment and add sftp and scp support. I was able to add the user
> > > > correctly, my /etc/passwd and /jail/etc/passwd are correct according to
> > > > http://olivier.sessink.nl/jailkit/howtos_sftp_scp_only.html
> > > >
> > > > I have edited /jail/etc/jailkit/jk_init.ini and added:
> > > > [jailtest]
> > > > paths = /usr/bin, /usr/lib
> > > > executables = /usr/lib/sftp-server, /usr/lib/scp
> > > > allow_word_expansion = 1
> > > > umask = 002
> > > >
> > > > Ran killall command then ran jk_socketd to restart. Now at this point
> > > > everything should be working according to the readme.
> > > > address@hidden:/jail/etc/jailkit# sftp address@hidden
> > > > Connecting to titan...
> > > > address@hidden's password:
> > > > Connection closed
> > > >
> > > > > From /var/log/messages, I am not sure why jk_lsh is reporting 4 hours
> > > > in the future, could this be the problem?
> > > >          
> > > you probably don't have timezone information in your jail.
> > >
> > > jk_init -j<jail>  logbasics
> > >
> > >        
> > > > If I try to use SSH instead of
> > > > SCP I get the same message and it also reports 4 hours ahead.
> > > > Jun 10 10:21:08 titan jk_socketd[22109]: version 2.11, listening on
> > > > socket /var/chroot/dev/log with rates [512:2048]/10.000000
> > > > Jun 10 10:21:08 titan jk_socketd[22109]: version 2.11, listening on
> > > > socket /jail/dev/log with rates [512:2048]/10.000000
> > > > Jun 10 10:21:08 titan jk_socketd[22109]: version 2.11, socket
> > > > /jail/dev/log is mentioned multiple times in config file
> > > > Jun 10 10:21:16 titan jk_chrootsh[22117]: now entering jail /jail for
> > > > user jailtest (9041)
> > > > Jun 10 14:21:16 titan jk_lsh[22117]: jk_lsh version 2.11, started
> > > > Jun 10 14:21:16 titan jk_lsh[22117]: cannot find user info for USER
> > > > jailtest: Success
> > > >          
> > > this means that jk_lsh cannot find the user jailtest inside jail /jail
> > >
> > > what does `grep jailtest /jail/etc/passwd` show?
> > >
> > >        
> > > > I am unable to check /var/log/daemon.log or /var/log/auth.log as I do
> > > > not have them on my system. If these logs would help I would need a
> > > > hand
> > > > setting them up as well to work with the jailkit.
> > > >          
> > > on your system probably everything is logged to /var/log/messages
> > >
> > > Olivier
> > >
> > >
> > > _______________________________________________
> > > Jailkit-users mailing list
> > > address@hidden
> > > http://lists.nongnu.org/mailman/listinfo/jailkit-users
> > >        
> >
> > _______________________________________________
> > Jailkit-users mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/jailkit-users
> >
> >      
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
>