Re: [Jailkit-users] jk_lsh[7742]: cannot find user info for USER guest:

Hello Olivier, and Happy New Year! I imagine this email will do nothing to make it happier, but here goes ...

You will remember that I had a problem with making an sftp/scp only shell for a jailed user. On starting an sftp session, the connection closes immediately upon entering the password, and it looks like getpwnam() succeeds, but not actually in the way it should.

Thank you very much for kindly offering to look at the trace logs produced by strace. Thank you also for telling me about strace: I can see that it is a hugely powerful tool and I was also delighted to find that it is included in the Raspbian Stretch OS on my Raspberry Pis. But, yes, I think it needs more expertise than I have to interpret the output.

So I followed your excellent instructions about debugging without a shell in the jail, and obtained seven tracefiles. I take the liberty of including them all below, but I suspect that the last one, 2544, is the important one. Originally, this had about 1000 lines of "BAD FILE DESCRIPTOR" from line 234. I've removed all except the first and last few, but obviously there is something wrong here, though I cannot work out what it might be.

To remind you, I have user "guest" with password "guest" jailed in /srv/sftpjail/home/guest.

I have picked out what seem to me cardinal events in tracefile.2544; I'll set them out here so that you can see I have done at least some work for myself!

Line 29: chdir("srv/sftpjail/./home/guest") looks OK

Line 36: /etc/ssh/sshrc No such file or directory. This may be the first sign of trouble? Certainly there is no such file or directory, either in /srv/sftpjail/etc or in /etc/ssh. Should there be? And should it be at the "real" root or the jailed root?

Line 195: open /etc/passwd, retunr value 3: looks OK?

Line 210: open /etc/group, return value 3: looks OK?

Line 220: open /etc/jailkit/jk.chrootsh.ini, return value 3: looks OK?

Line 234 onwards: "BAD FILE DESCRIPTOR" Oh dear

Line 267 (re-numbered) chroot("/srv/ftpjail"), looks like we haven't failed terminally yet?

Line 292 chdir("/home/guest")

Line 503 exited with 2. I assume that from here we recurse back through the other processes, at some point undoing the chroot at line 267. I haven't found that.

Olivier, I feel really bad asking you to look at this stuff. Please let me know if you see anything obvious here, but I cannot ask you to spend a lot of time on it and will be very happy if you can just point me in the right direction. Am I anywhere near right in my interpretation?

Thanks and best wishes,

John

On Sat, Dec 15, 2018 at 4:16 PM Olivier Sessink <address@hidden> wrote:

On 14-12-18 15:59, John Pilkington wrote:

Thank you so much for your quick reply, Olivier. I have checked; there was a linefeed at the end of guest:x:1002:1002:,,,:/home/guest:/usr/sbin/jk_lsh but not following i.e. not an empty line with just the linefeed character after the guest line.

I removed the trailing linefeed after /jk_lsh, but I'm afraid it made no difference to the result, the connection still terminates as before. Thank you for your explanation of getpwnam(), I was puzzled by the "Success" reported there.

So any further thoughts about where I should look next would be welcome. Can I debug the call to getpwnam() somehow?

this puzzles me too.. you can get some debugging information using strace:

https://olivier.sessink.nl/jailkit/howtos_debug_jails.html

especially the last section "Debugging a user account without shell in a jail" is what you need to do.

ssh to the account, but don't provide the password yet, first connect strace, and then provide the password and generate the debug information. Feel free to send me the logs if you don't find what's wrong.

Olivier
-- 
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/
_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users

From:	John Pilkington
Subject:	Re: [Jailkit-users] jk_lsh[7742]: cannot find user info for USER guest: Success (2)
Date:	Sat, 5 Jan 2019 12:27:22 +0000