Re: [Jailkit-users] Config problems - New users don't work

[Olivier Sessink]

> The time adjustment worked and it is reporting correctly now.
>
> address@hidden:~# grep jailtest /jail/etc/passwd
> jailtest:x:9041:9043::/home/jailtest:/usr/sbin/jk_lsh
>
> address@hidden:~# grep jailtest /etc/passwd
> jailtest:x:9041:9043::/jail/./home/jailtest:/usr/sbin/jk_chrootsh

this looks good. Are the permissions on both files identical? You're not
using users in ldap or nscd? (check /etc/libnsswitch.conf)

Olivier

> On 6/13/2010 2:42 AM, Olivier Sessink wrote:
>> On 06/10/2010 04:28 PM, Derek Weichenthal wrote:
>>> Hello,
>>>
>>> I'm a new user to jailkit, previously this network was using a jail
>>> environment but it was built with an older package from a couple years
>>> ago and it will no longer create a user that works properly. I'm having
>>> some similar problems using the 2.11 release.
>>>
>>> Following the README.txt included I can successfully create the jail
>>> environment and add sftp and scp support. I was able to add the user
>>> correctly, my /etc/passwd and /jail/etc/passwd are correct according to
>>> http://olivier.sessink.nl/jailkit/howtos_sftp_scp_only.html
>>>
>>> I have edited /jail/etc/jailkit/jk_init.ini and added:
>>> [jailtest]
>>> paths = /usr/bin, /usr/lib
>>> executables = /usr/lib/sftp-server, /usr/lib/scp
>>> allow_word_expansion = 1
>>> umask = 002
>>>
>>> Ran killall command then ran jk_socketd to restart. Now at this point
>>> everything should be working according to the readme.
>>> address@hidden:/jail/etc/jailkit# sftp address@hidden
>>> Connecting to titan...
>>> address@hidden's password:
>>> Connection closed
>>>
>>> >From /var/log/messages, I am not sure why jk_lsh is reporting 4 hours
>>> in the future, could this be the problem?
>>
>> you probably don't have timezone information in your jail.
>>
>> jk_init -j <jail> logbasics
>>
>> > If I try to use SSH instead of
>>> SCP I get the same message and it also reports 4 hours ahead.
>>> Jun 10 10:21:08 titan jk_socketd[22109]: version 2.11, listening on
>>> socket /var/chroot/dev/log with rates [512:2048]/10.000000
>>> Jun 10 10:21:08 titan jk_socketd[22109]: version 2.11, listening on
>>> socket /jail/dev/log with rates [512:2048]/10.000000
>>> Jun 10 10:21:08 titan jk_socketd[22109]: version 2.11, socket
>>> /jail/dev/log is mentioned multiple times in config file
>>> Jun 10 10:21:16 titan jk_chrootsh[22117]: now entering jail /jail for
>>> user jailtest (9041)
>>> Jun 10 14:21:16 titan jk_lsh[22117]: jk_lsh version 2.11, started
>>> Jun 10 14:21:16 titan jk_lsh[22117]: cannot find user info for USER
>>> jailtest: Success
>>
>> this means that jk_lsh cannot find the user jailtest inside jail /jail
>>
>> what does `grep jailtest /jail/etc/passwd` show?
>>
>>> I am unable to check /var/log/daemon.log or /var/log/auth.log as I do
>>> not have them on my system. If these logs would help I would need a
>>> hand
>>> setting them up as well to work with the jailkit.
>>
>> on your system probably everything is logged to /var/log/messages
>>
>> Olivier
>>
>>
>> _______________________________________________
>> Jailkit-users mailing list
>> address@hidden
>> http://lists.nongnu.org/mailman/listinfo/jailkit-users
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
>