[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Jailkit-users] RE: Jailkit-users Digest, Vol 32, Issue 8
|
From: |
Wendt, Barrett |
|
Subject: |
[Jailkit-users] RE: Jailkit-users Digest, Vol 32, Issue 8 |
|
Date: |
Thu, 8 May 2008 09:02:03 -0500 |
Wendt, Barrett wrote:
> I currently have Jailkit (scp/sftp) installed and working for
> individual users, very easy setup. The problem is that I have one user
> that needs access to all of the files uploaded by other jailed users.
> It is basically a batch job that logs in every 15 minutes and
> downloads any new files it finds in the jails.
>
> I created a new group for this master user and changed the group
> permissions on all the jailed homes allow access for this group (770
> permissions with SUID). Oh yeah and I set the following in the
> /etc/jailkit/jk_chrootsh.ini
>
> [Jailed Username]
> relax_home_group=1
> relax_home_group_permissions=1
>
> When I login in with the master user via scp/sftp and attempt to
> access the jailed home folders of the other users I receive a
> permissions denied error. I have gone as far as setting the jailed
> homes to 777 but still no luck.
> can you post `ls -l <jail>/home` and the important bits from
/etc/passwd and /etc/group?
> Olivier
Since this didn't work I removed the group and changed permissions on
the jailed homes to the master users default group. This worked. So for
testing and to comply with your request I added the scpaccess group
again and assigned group permissions to the jailed homes. This time it
is working fine. I must have fat fingered something last time. Sorry
about that. Thanks for the work on this product, it has been very
helpful.
Barrett
-----Original Message-----
From: address@hidden
[mailto:address@hidden On
Behalf Of address@hidden
Sent: Thursday, May 08, 2008 8:39 AM
To: address@hidden
Subject: Jailkit-users Digest, Vol 32, Issue 8
Send Jailkit-users mailing list submissions to
address@hidden
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.nongnu.org/mailman/listinfo/jailkit-users
or, via email, send a message with subject or body 'help' to
address@hidden
You can reach the person managing the list at
address@hidden
When replying, please edit your Subject line so it is more specific than
"Re: Contents of Jailkit-users digest..."
Today's Topics:
1. Re: Problem to establish a SFTP for windows (yellow protoss)
2. Re: Jail permissions (Olivier Sessink)
3. Can't get logging working (Alexander Oleshev)
4. Is there anyone that already manage to make SFTP working with
jailkit? (yellow protoss)
5. Jailkit, SSH, bash and openbsd 4.2 on a boat ... (L x)
6. Re: Can't get logging working (Olivier Sessink)
7. Re: Problem to establish a SFTP for windows (Olivier Sessink)
----------------------------------------------------------------------
Message: 1
Date: Wed, 7 May 2008 20:27:56 +0200
From: "yellow protoss" <address@hidden>
Subject: Re: [Jailkit-users] Problem to establish a SFTP for windows
To: address@hidden
Message-ID:
<address@hidden>
Content-Type: text/plain; charset="iso-8859-1"
Hi! If there is someone that has a SFTP jailkit working, if there is a
so kind person,
Please who could be so kind to post his all file configurations of the
/etc/jailkit + TREE folders with permissions (or a tar.gz from the /
since it can be in /home, or /jailfolder or wherever ) +
/etc/passwd ?
Please
thanks !!!!
On 5/7/08, Olivier Sessink <address@hidden> wrote:
>
> > Hello,
> > I used gftp from Linux, in sftp mode. Does it work then ?
> > thanks
>
> I don't know. Can you try commandline sftp to be sure?
>
> I know winscp has different modes for sftp. In one mode it starts a
> shell (which is denied if you use jk_lsh), and it starts sftp from the
> shell. In the 'pure' sftp mode it works. Perhaps gftp works the same
way?
>
> Olivier
>
>
>
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.gnu.org/pipermail/jailkit-users/attachments/20080507/d793c5
82/attachment.html
------------------------------
Message: 2
Date: Wed, 07 May 2008 22:59:14 +0200
From: Olivier Sessink <address@hidden>
Subject: Re: [Jailkit-users] Jail permissions
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Wendt, Barrett wrote:
> I currently have Jailkit (scp/sftp) installed and working for
> individual users, very easy setup. The problem is that I have one user
> that needs access to all of the files uploaded by other jailed users.
> It is basically a batch job that logs in every 15 minutes and
> downloads any new files it finds in the jails.
>
> I created a new group for this master user and changed the group
> permissions on all the jailed homes allow access for this group (770
> permissions with SUID). Oh yeah and I set the following in the
> /etc/jailkit/jk_chrootsh.ini
>
> [Jailed Username]
> relax_home_group=1
> relax_home_group_permissions=1
>
> When I login in with the master user via scp/sftp and attempt to
> access the jailed home folders of the other users I receive a
> permissions denied error. I have gone as far as setting the jailed
> homes to 777 but still no luck.
can you post `ls -l <jail>/home` and the important bits from /etc/passwd
and /etc/group?
Olivier
------------------------------
Message: 3
Date: Thu, 8 May 2008 09:41:27 +0100
From: "Alexander Oleshev" <address@hidden>
Subject: [Jailkit-users] Can't get logging working
To: <address@hidden>
Message-ID:
<address@hidden>
Content-Type: text/plain; charset="iso-8859-1"
hi there,
I'm trying to get logging working for jail setup on Suse box.
syslogd is running, I can see new entries for FTP (vsftpd.log) and other
messages in /var/log.
I've successfully started jk_socketd, but it hasn't changed anything in
terms of logs.
All I want is to see - some sort of logging for users logging in via
SFTP. Can you suggest any way of troubleshooting ?
Thanks,
Alex
Registered Office - Payzone UK Ltd, Davidson, House, Gadbrook Park,
Northwich, Cheshire, CW9 7TW. Registered in England and Wales with
company number 3102137. VAT registered number 665 2970 07. NOTICE AND
DISCLAIMER: This email (including attachments) is confidential. If you
have received this email in error please notify the sender immediately
and delete this email from your system without copying or disseminating
it or placing any reliance upon its contents. We cannot accept liability
for any breaches of confidence arising through use of email. Any
opinions expressed in this email (including attachments) are those of
the author and do not necessarily reflect our opinions. We will not
accept responsibility for any commitments made by our employees outside
the scope of our business. We do not warrant the accuracy or
completeness of such information. All E-Mails are scanned for viruses,
and content is monitored by Payzone UK Ltd. Payzone UK Ltd Davidson
House Gadbrook Park Nor thwich Cheshire CW9 7TW
Registered Office - Payzone UK Ltd, Davidson, House, Gadbrook Park,
Northwich, Cheshire, CW9 7TW. Registered in England and Wales with
company number 3102137. VAT registered number 665 2970 07.
NOTICE AND DISCLAIMER: This email (including attachments) is
confidential. If you have received this email in error please notify the
sender immediately and delete this email from your system without
copying or disseminating it or placing any reliance upon its contents.
We cannot accept liability for any breaches of confidence arising
through use of email. Any opinions expressed in this email (including
attachments) are those of the author and do not necessarily reflect our
opinions. We will not accept responsibility for any commitments made by
our employees outside the scope of our business. We do not warrant the
accuracy or completeness of such information. All E-Mails are scanned
for viruses, and content is monitored by Payzone UK Ltd. Payzone UK Ltd
Davidson House Gadbrook Park Northwich Cheshire CW9 7TW
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.gnu.org/pipermail/jailkit-users/attachments/20080508/aa78cb
69/attachment.html
------------------------------
Message: 4
Date: Thu, 8 May 2008 11:37:23 +0200
From: "yellow protoss" <address@hidden>
Subject: [Jailkit-users] Is there anyone that already manage to make
SFTP working with jailkit?
To: address@hidden
Message-ID:
<address@hidden>
Content-Type: text/plain; charset="iso-8859-1"
Hello Guys,
I would be interested to know whether the jailkit works for sftp
(through
jk_lsh) or eventually the present project is out of date. Is there
still some persons working on the jailkit project?
Is there anyone that already manage to make SFTP working ?
What are other alternative, that work, to sftp through a jail ?
thank you, any reply would be very welcome !
Sincerely,
Yellow
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.gnu.org/pipermail/jailkit-users/attachments/20080508/002aed
b0/attachment.html
------------------------------
Message: 5
Date: Thu, 8 May 2008 12:52:20 +0200
From: "L x" <address@hidden>
Subject: [Jailkit-users] Jailkit, SSH, bash and openbsd 4.2 on a boat
...
To: <address@hidden>
Message-ID: <address@hidden>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
i've a little problem with my jail , bash and openbsd 4.2 ..
here is the log i get when i try to connect via putty :
/usr/local/bin/bash : cant load libraby 'libintl.so.3.0'
the libraby is in the right place in the jail and seem to have correct
rights ...
any idea ?
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://lists.gnu.org/pipermail/jailkit-users/attachments/20080508/4b3e60
d6/attachment.html
------------------------------
Message: 6
Date: Thu, 08 May 2008 15:37:22 +0200
From: Olivier Sessink <address@hidden>
Subject: Re: [Jailkit-users] Can't get logging working
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Alexander Oleshev wrote:
> hi there,
>
> I'm trying to get logging working for jail setup on Suse box.
> syslogd is running, I can see new entries for FTP (vsftpd.log) and
> other messages in /var/log.
>
> I've successfully started jk_socketd, but it hasn't changed anything
> in terms of logs.
>
> All I want is to see - some sort of logging for users logging in via
> SFTP. Can you suggest any way of troubleshooting ?
why not use syslog with an extra socket if that is all you want?
simply add '-a /srv/jail/dev/log' to the start options of syslog and
restart it.
regards,
Olivier
------------------------------
Message: 7
Date: Thu, 08 May 2008 15:39:21 +0200
From: Olivier Sessink <address@hidden>
Subject: Re: [Jailkit-users] Problem to establish a SFTP for windows
To: address@hidden
Message-ID: <address@hidden>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
yellow protoss wrote:
> I tried sftp from the cmmand line from a linux box.
> all looks right from this side.
do you mean it works or it does not work?
> the config looks okay i hope and the permissions work sinec ssh loging
> worked in /bin/bash mode.
>
> what could be the issue ?
can you look in your logging and see what jailkit is reporting?
`grep jk_ /var/log/*` will show all jailkit related logging.
Olivier
------------------------------
_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users
End of Jailkit-users Digest, Vol 32, Issue 8
********************************************
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Jailkit-users] RE: Jailkit-users Digest, Vol 32, Issue 8,
Wendt, Barrett <=