- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- SITE EXEC on ftpd for a chroot'ed guest user
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-17-2012 01:18 AM
05-17-2012 01:18 AM
SITE EXEC on ftpd for a chroot'ed guest user
I am having a vast amount of hassle getting an FTP user in the guest group to run a "site exec" command. The man page is fairly unhelpful in that it only talks about regular and anonymous site execs.
Has anyone managed to achieve this? The user's sample home directory is "/usr/sap/cust/./aaa/incoming".
Share and Enjoy! Ian
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-18-2012 07:10 AM
05-18-2012 07:10 AM
Re: SITE EXEC on ftpd for a chroot'ed guest user
What is the binary the chrooted FTP user is supposed to run with the "site exec" command?
Run "ldd <binary_pathname>" to see which library files it depends on, and make copies of those libraries available in <chroot>/lib and/or <chroot>/usr/lib, as appropriate.Then check those libraries too, in case the libraries themselves depend on other libraries.
In your case, the library directories would apparently be /usr/sap/cust/lib and /usr/sap/cust/usr/lib.
You cannot get away with making symbolic links: you must make actual copies of the necessary libraries.
Perhaps surprisingly, a copy of /dev/null is very likely required. Just create the /usr/sap/cust/dev directory, and use mknod to create a duplicate of the real /dev/null device node, using the same major/minor device numbers as the real one.
You may also have to supply copies of some basic configuration files in <chroot>/etc: perhaps a stub /usr/sap/cust/etc/passwd with only the FTP users' own entries. The actual password hashes should not be necessary: the file only needs to have the correct format, so that libc's user/group lookup routines can function.
If the binary the chrooted user must run is complex, you may have to test it with "truss" or similar tool to identify all the system files it reads, and then provide suitable replacements inside the chroot environment.