|
From: | Marcus |
Subject: | Re: [Jailkit-users] is it possible to "sudo su - user" to a jailkit user? |
Date: | Sun, 2 Jun 2013 23:08:27 -0400 |
Hi Oliver, I am having a lot of trouble getting "su - testuser" to work if it includes a hyphen / dash ( I am trying to have the profile run) I know you mentioned "the jk_chrootsh code is very strict and abort on anything that could be the start of hacking" I looked at /var/log/auth.log and I am getting: jk_chrootsh[25433]: abort, jk_chrootsh is called as -su I am looking at the source file - jk_chrootsh.c for version 2.16 and I see this section which looks like where the error is coming from around line 206: if (strcmp(tmp, PROGRAMNAME) != 0 && strcmp(tmp, "su")!= 0 && (tmp[0] != '-' || strcmp(&tmp[1], PROGRAMNAME))) { DEBUG_MSG("wrong name, tmp=%s, &tmp[1]=%s\n", tmp, &tmp[1]); syslog(LOG_ERR, "abort, "PROGRAMNAME" is called as %s", argv[0]); exit(1); } It looks like it should allow "su" with "-" but it is not. According to Rich's notes (if I am reading it correctly) he is able to do it with the dash. Is this a bug in the code somehow? I'm trying to test more and fix it. I am also trying to sign up for the dev list because maybe that is a better place for this question. Thanks, Marcus On May 30, 2013, at 5:14 PM, Olivier Sessink <address@hidden> wrote: that is probably because the jk_chrootsh code is very strict and abort |
[Prev in Thread] | Current Thread | [Next in Thread] |