[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] RE: Jailkit-users Digest, Vol 39, Issue 3
|
From: |
Olivier Sessink |
|
Subject: |
Re: [Jailkit-users] RE: Jailkit-users Digest, Vol 39, Issue 3 |
|
Date: |
Fri, 06 Feb 2009 23:20:52 +0100 |
|
User-agent: |
Thunderbird 2.0.0.19 (X11/20090105) |
Kaleb Joel Albee wrote:
> Olivier, I have looked in /var/log/ auth and messages, neither report
> anything other than connected to my jail then an automatic
> disconnect. The setup is a default 'out of the box' rather no real
> changes.
I can think of thousands of different out-of-the-box configurations. I'm
going to make a guess now: you are using jk_chrootsh to put a user in
the jail and you use jk_lsh inside that jail to limit the user to a
certain set of commands.
My next assumption is that you don't have logging enabled in your jail,
and that is why you don't see messages from jk_lsh in your logs.
> => /jail/etc/jailkit/jk_lsh.ini [kaleb] paths= /usr/bin executables=
> /usr/bin/mysql
>
>
> => /jail/etc/passwd
> ldsdevnet:x:1004:1005:,,,:/home/ldsdevnet:/usr/sbin/jk_lsh
>
> => /var/log/auth.log (only the pertinent lines) Feb 6 16:55:19
> familysearch sshd[2417]: pam_unix(sshd:session): session opened for
> user ldsdevnet by (uid=0) Feb 6 16:55:19 familysearch
> jk_chrootsh[2419]: now entering jail /jail for user ldsdevnet (1004)
> Feb 6 16:55:19 familysearch sshd[2417]: pam_unix(sshd:session):
> session closed for user ldsdevnet
I've never seen someonce using mysql as only allowed command in the
jail. How do you start that? `ssh address@hidden mysql` ?
Olivier