[Jailkit-users] Permission denied errors

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jailkit-users] Permission denied errors

From:	Khusro Jaleel
Subject:	[Jailkit-users] Permission denied errors
Date:	Tue, 7 Apr 2009 16:39:42 +0100

Hello,

I've used the following to create an SFTP jail:
http://olivier.sessink.nl/jailkit/howtos_sftp_scp_only.html

This is quite similar to a problem posted by another user last month
which I don't think was resolved.

I'm getting the following errors in auth.log when trying to SFTP to an
sftp chroot jail I've setup on a Debian Etch machine. I have checked
the permissions on everything and I don't think there is anything
wrong that I can spot.

auth.log:
Apr  7 15:45:08 foobar jk_chrootsh[21586]: path
/home/sftproot/./home/test_user is setgid
Apr  7 15:45:08 foobar jk_chrootsh[21586]: now entering jail
/home/sftproot for user test_user (2010)
Apr  7 15:45:08 foobar jk_chrootsh[21586]: abort,
chdir(/home/test_user) failed inside the jail /home/sftproot:
Permission denied, check the permissions for
/home/sftproot//home/test_user

# ls -ld /home/sftproot
drwxr-x--- 7 root root 4096 2009-04-02 13:53 /home/sftproot/

# ls -l /home/sftproot/
total 20
drwxr-xr-x 2 root root 4096 2009-04-05 14:22 dev
drwxr-xr-x 3 root root 4096 2009-04-05 14:22 etc
drwxr-sr-x 3 root root 4096 2009-04-02 13:53 home
drwxr-xr-x 2 root root 4096 2009-04-02 13:37 lib
drwxr-xr-x 5 root root 4096 2009-04-02 13:37 usr

# ls -l /home/sftproot/etc/passwd
-rw-r--r-- 1 root root 96 2009-04-02 13:52 /home/sftproot/etc/passwd

# cat /home/sftproot/etc/passwd
root:x:0:0:root:/root:/bin/bash
test_user:x:2010:2010::/home/test_user:/usr/sbin/jk_lsh

# ls -l /home/sftproot/home/
total 4
drwxr-sr-x 2 test_user test_user 4096 2009-04-02 13:53 test_user

I have looked inside /etc/passwd and it looks fine. Is /etc/group
important? In any case, it has a correct entry as well.

I recompiled jk_chrootsh.c with DEBUG enabled and the initiating
client (if using SSH) sees this:

===================================================================
foobar:~# ssh address@hidden
Password:
Linux foobar 2.4.27-3-686-smp #1 SMP Tue Dec 5 23:12:28 UTC 2006 i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Apr  5 14:35:11 2009 from localhost.localdomain
Could not chdir to home directory /home/sftproot/./home/test_user:
Permission denied
jk_chrootsh, started
get user info
got user test_user
get group info
get additional groups
got additional groups 2010,
no relevant section found in configfile
close filedescriptors
USER is NOT in except
HOME is NOT in except
MAIL is NOT in except
SSH_CLIENT is NOT in except
SSH_TTY is NOT in except
LANGUAGE is NOT in except
EDITOR is NOT in except
get jaildir
dir=/home/sftproot/./home/test_user,jaildir=/home/sftproot,newhome=/home/test_user
get chdir()
chroot()
Connection to localhost closed.
foobar:~#
===================================================================

Any help appreciated, I've been trying to get this going for a few
days now with no luck.

Thanks,
Khusro

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] Permission denied errors, Khusro Jaleel <=
- Re: [Jailkit-users] Permission denied errors, Olivier Sessink, 2009/04/07
  - Message not available
    - Re: [Jailkit-users] Permission denied errors, Olivier Sessink, 2009/04/07
    - Re: [Jailkit-users] Permission denied errors, Khusro Jaleel, 2009/04/07

Prev by Date: RE: [Jailkit-users] how-to add ftp access to ssh only jail?
Next by Date: Re: [Jailkit-users] Permission denied errors
Previous by thread: Re: [Jailkit-users] how-to add ftp access to ssh only jail?
Next by thread: Re: [Jailkit-users] Permission denied errors
Index(es):
- Date
- Thread