|
From: | Chris Tankersley |
Subject: | Re: [Jailkit-users] `git clone` allowing access to files outside chroot |
Date: | Thu, 11 Jul 2013 11:52:06 -0400 |
Hello!Firstly, thanks for Jailkit. I stumbled on it while searching for how to create a chroot jail. Wish I had found it earlier, it's a very handy tool!I'm using Debian Testing. Here's what I've done for my setup:jk_init -v -j /home/jail basicshell editors extendedshell netutils ssh sftp scp git
jk_jailuser -m -j /home/jail/ -s /bin/bash testConnecting via SSH and SFTP are both fine, and the user is jailed as expected. There is a Git repository at /home/test/git/example in the jail. When I try to clone this Git repository, it fails:address@hidden:/tmp$ git clone ssh://example.com/home/test/git/example .Cloning into '.'...fatal: '/home/test/git/example' does not appear to be a git repositoryfatal: Could not read from remote repository.Please make sure you have the correct access rights and the repository exists.However, if I use the full path (/home/jail/...), it works:address@hidden:/tmp$ git clone ssh://example.com/home/jail/home/test/git/example .Cloning into '.'...remote: Counting objects: 6, done.remote: Compressing objects: 100% (2/2), done.remote: Total 6 (delta 0), reused 0 (delta 0)Receiving objects: 100% (6/6), done.This leads me to believe that Git isn't being jailed for some reason. Any ideas on how to fix my configuration so that SSH login shells and SFTP are jailed, and Git is also jailed?Thanks!
_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users
[Prev in Thread] | Current Thread | [Next in Thread] |