https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451619#M358742 Dear Gurus, <BR /> i tried to creat a user with following attibute :<BR />1) should not transerve back from assigned home dir .<BR />2)from this i ran ssh_chroot_setup.sh<BR />--selected option 1.Configure a chroot enviroment<BR />--Enter the new root directory for newuser with absolute path<BR />/finlogs/alllogs/testlogs<BR />3) Selected chroot secure shell<BR />--2 ssh &amp; sftp &amp; scp<BR />(hereis if i choose option 1--sftp only,<BR />user is not able to login thru psftp)<BR /><BR />But user is still able to transerve all way back to / and any dir.<BR />i tried /./ in passwdord file,ftp and telnet are blocked on the system.<BR />The system is 11.31.<BR />I need help on this , the user should not transerve back from assigned home dir.<BR />what i am doing incorrect Thu, 02 Jul 2009 08:07:16 GMT DeafFrog 2009-07-02T08:07:16Z https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451619#M358742 Dear Gurus, <BR /> i tried to creat a user with following attibute :<BR />1) should not transerve back from assigned home dir .<BR />2)from this i ran ssh_chroot_setup.sh<BR />--selected option 1.Configure a chroot enviroment<BR />--Enter the new root directory for newuser with absolute path<BR />/finlogs/alllogs/testlogs<BR />3) Selected chroot secure shell<BR />--2 ssh &amp; sftp &amp; scp<BR />(hereis if i choose option 1--sftp only,<BR />user is not able to login thru psftp)<BR /><BR />But user is still able to transerve all way back to / and any dir.<BR />i tried /./ in passwdord file,ftp and telnet are blocked on the system.<BR />The system is 11.31.<BR />I need help on this , the user should not transerve back from assigned home dir.<BR />what i am doing incorrect Thu, 02 Jul 2009 08:07:16 GMT https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451619#M358742 DeafFrog 2009-07-02T08:07:16Z https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451620#M358743 Shalom,<BR /><BR />To answer your question, I would need to see the /var/adm/syslog/syslog.log out put related to the login.<BR /><BR />There is an error there almost certainly, which explains why chroot configuration is failing.<BR /><BR />SEP Thu, 02 Jul 2009 09:40:08 GMT https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451620#M358743 Steven E. Protter 2009-07-02T09:40:08Z https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451621#M358744 Hi Sep , <BR /><BR /> Here are the lines generated as a result og login attempt:<BR /><BR />Jul 2 13:50:15 PWCDR sshd[19385]: SSH: Server;Ltype: Version;Remote: 80.XXX.YYY.227-3632;Protocol: 2.0;Client: PuTTY_Release<BR />_0.59<BR />Jul 2 13:50:22 PWCDR sshd[19385]: Accepted keyboard-interactive/pam for ftpuser from 80.XXX.YYY.227 port 3632 ssh2<BR />Jul 2 13:50:22 PWCDR sshd[19392]: fatal: bad ownership or modes for chroot directory component "/pcard17/"<BR /> Thu, 02 Jul 2009 09:52:38 GMT https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451621#M358744 DeafFrog 2009-07-02T09:52:38Z https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451622#M358745 <!--!*#-->&gt; Jul 2 13:50:22 PWCDR sshd[19392]: fatal:<BR />&gt; bad ownership or modes for chroot directory<BR />&gt; component "/pcard17/"<BR /><BR />Some of us non-psychics can't see the<BR />ownership or permissions on this directory.<BR />"ls -l[d]"?<BR /><BR />Or what's in /etc/passwd for this user.<BR /><BR />Or much else. Thu, 02 Jul 2009 11:13:22 GMT https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451622#M358745 Steven Schweda 2009-07-02T11:13:22Z https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451623#M358746 Dear Steven , <BR /> Here they are :<BR />PWCDR#more /etc/passwd | grep "^ftpuser"<BR />ftpuser:ilMT1teLJzfGM:115:107:chrooted user:/pcard17/dir1/dir2/dir3/./:/bin/sh<BR />PWCDR#ls -ld /pcard17/dir1/dir2/dir3<BR />drwxr-xr-x 10 root sys 1024 Jul 2 11:26 /pcard17/dir1/dir2/dir3<BR />PWCDR#ls -ld ls -ld /pcard17/dir1/dir2<BR />PWCDR#ls -ld /pcard17/dir1/dir2<BR />drwxrwxrwx 3 root sys 96 Jul 2 09:33 /pcard17/dir1/dir2<BR />PWCDR#ls -ld /pcard17/dir1<BR />drwxrwxrwx 3 root sys 96 Jul 2 09:31 /pcard17/dir1<BR /><BR />Please let me know if some more o/p is required.<BR />Regards , <BR />Rahul Thu, 02 Jul 2009 11:27:00 GMT https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451623#M358746 DeafFrog 2009-07-02T11:27:00Z https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451624#M358747 Hi,<BR />&gt;&gt;fatal: bad ownership or modes for chroot directory component "/pcard17/"<BR /><BR />Check permission of the directiory which user is going to access.<BR /><BR />Suraj Thu, 02 Jul 2009 11:27:12 GMT https://community.hpe.com/t5/operating-system-hp-ux/problem-with-chroot-on-11-31/m-p/4451624#M358747 Suraj K Sankari 2009-07-02T11:27:12Z