System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

problem with chroot on 11.31

DeafFrog
Valued Contributor

problem with chroot on 11.31

Dear Gurus,
i tried to creat a user with following attibute :
1) should not transerve back from assigned home dir .
2)from this i ran ssh_chroot_setup.sh
--selected option 1.Configure a chroot enviroment
--Enter the new root directory for newuser with absolute path
/finlogs/alllogs/testlogs
3) Selected chroot secure shell
--2 ssh & sftp & scp
(hereis if i choose option 1--sftp only,
user is not able to login thru psftp)

But user is still able to transerve all way back to / and any dir.
i tried /./ in passwdord file,ftp and telnet are blocked on the system.
The system is 11.31.
I need help on this , the user should not transerve back from assigned home dir.
what i am doing incorrect
FrogIsDeaf
5 REPLIES
Steven E. Protter
Exalted Contributor

Re: problem with chroot on 11.31

Shalom,

To answer your question, I would need to see the /var/adm/syslog/syslog.log out put related to the login.

There is an error there almost certainly, which explains why chroot configuration is failing.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
DeafFrog
Valued Contributor

Re: problem with chroot on 11.31

Hi Sep ,

Here are the lines generated as a result og login attempt:

Jul 2 13:50:15 PWCDR sshd[19385]: SSH: Server;Ltype: Version;Remote: 80.XXX.YYY.227-3632;Protocol: 2.0;Client: PuTTY_Release
_0.59
Jul 2 13:50:22 PWCDR sshd[19385]: Accepted keyboard-interactive/pam for ftpuser from 80.XXX.YYY.227 port 3632 ssh2
Jul 2 13:50:22 PWCDR sshd[19392]: fatal: bad ownership or modes for chroot directory component "/pcard17/"
FrogIsDeaf
Steven Schweda
Honored Contributor

Re: problem with chroot on 11.31

> Jul 2 13:50:22 PWCDR sshd[19392]: fatal:
> bad ownership or modes for chroot directory
> component "/pcard17/"

Some of us non-psychics can't see the
ownership or permissions on this directory.
"ls -l[d]"?

Or what's in /etc/passwd for this user.

Or much else.
DeafFrog
Valued Contributor

Re: problem with chroot on 11.31

Dear Steven ,
Here they are :
PWCDR#more /etc/passwd | grep "^ftpuser"
ftpuser:ilMT1teLJzfGM:115:107:chrooted user:/pcard17/dir1/dir2/dir3/./:/bin/sh
PWCDR#ls -ld /pcard17/dir1/dir2/dir3
drwxr-xr-x 10 root sys 1024 Jul 2 11:26 /pcard17/dir1/dir2/dir3
PWCDR#ls -ld ls -ld /pcard17/dir1/dir2
PWCDR#ls -ld /pcard17/dir1/dir2
drwxrwxrwx 3 root sys 96 Jul 2 09:33 /pcard17/dir1/dir2
PWCDR#ls -ld /pcard17/dir1
drwxrwxrwx 3 root sys 96 Jul 2 09:31 /pcard17/dir1

Please let me know if some more o/p is required.
Regards ,
Rahul
FrogIsDeaf
Suraj K Sankari
Honored Contributor

Re: problem with chroot on 11.31

Hi,
>>fatal: bad ownership or modes for chroot directory component "/pcard17/"

Check permission of the directiory which user is going to access.

Suraj