[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-dev] owner restriction
|
From: |
Olivier Sessink |
|
Subject: |
Re: [Jailkit-dev] owner restriction |
|
Date: |
Sun, 02 Mar 2014 17:31:24 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 |
On 03/02/2014 01:51 AM, Pas wrote:
> Hello!
>
> ISP Config has Jailkit support, but it doesn't chown the directory to
> the user, but leaves it owned by root. (Which is fine, the user has a
> few directories owned by itself.)
>
> So I was a bit suprised to find that this is quite a showstopper, but
> then rejoiced when found this old thread (
> http://lists.gnu.org/archive/html/jailkit-dev/2009-08/threads.html ),
> but then again found myself between a rock (tinkering with ISPConfig's
> PHP) and "forking" jailkit.
>
> At least, if I correctly interpret the source, as in, it still needs
> target uid to own the target dir.
>
> http://cvs.savannah.gnu.org/viewvc/jailkit/src/jk_chrootsh.c?root=jailkit&view=log
> uses testsafepath which at 1.19 is still very strict
> http://cvs.savannah.gnu.org/viewvc/jailkit/src/jk_lib.c?revision=1.19&root=jailkit&view=markup
>
> Do you have any ideas about this?
I've just added the option relax_home_owner to the jk_chrootsh config to
relax the requirement that the home directory is owned by the user.
Available in latest cvs.
Olivier
--
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/