dev/null yes...
dev/zero -- no I did not have that one...
So now I have:
srw-rw-rw-  1 root root    0 Apr  7 13:27 log
crw-r--r--  1 root root 1, 3 Apr  7 13:57 null
crw-r--r--  1 root root 1, 5 Apr  7 17:12 zero
I tried shortening the path in the jail copy of passwd to have the home 
dir set to /ahosp...
But, still same results - same output in messages log and same 
Connection closed.

On 4/7/2011 6:09 PM, Eric Gottesman wrote:
> Did you remember to create /dev/null and /dev/zero?
>
> Also, make sure you change the user's home directory in /etc/passwd to the 
> appropriate in-jail path.
>
>
> On 4/7/11 3:06 PM, "Larry Irwin"<mkit...@gmail.com>  wrote:
>
>   /etc/passwd in the jail is a copy of /etc/passwd - for now...
> I was going to remove everything but root and the user after I got it
> working...
> Like you do for some versions of jails for ftp servers.
> The thing that is troubling me is that I can chroot from the command
> prompt and run "ls" and "sftp-server" without issue.
> (I set up ls as well so I could browse around after chroot'ing)
> And I've successfully set up dev/log, but there aren't any errors being
> generated.
> If I had a clue how to debug rssh_chroot_helper, I'd be able to dig a
> bit further...
> It looks like it runs like this:
> /usr/local/libexec/rssh_chroot_helper 2 "/usr/libexec/openssh/sftp-server"
> I just don't have any output - like the exit status - at all... So it
> looks like it thinks it exited with a 0.
>
> On 4/7/2011 5:13 PM, Eric Gottesman wrote:
>> You're almost certainly missing a file somewhere in your chroot jail, but 
>> also, do you have the user set up correctly in the jail's /etc/passwd and 
>> whatnot?
>>
>>
>>
>>
>> On 4/7/11 1:17 PM, "lrirwin"<lrir...@alum.wustl.edu>   wrote:
>>
>>    Hi,
>>
>> The server I am trying to get this working on is RHEL5
>> 2.6.18-194.el5 #1 SMP Tue Mar 16 21:52:39 EDT 2010 x86_64 x86_64 x86_64
>> GNU/Linux
>> OpenSSH Version is: OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
>> ssh and sftp work fine for admin uses, but I need to set up an sftp
>> folder for a third party drop-off for importing data.
>> I compiled and installed from "rssh-2.3.3.tar.gz" using simply
>> ./configure and make install signed in as root.
>> I added a user and built a chroot jail with a home folder for that user
>> below the jail.
>> The jail is: /u/www/pe5/clients/prexhop/hl7/rawimport
>> The user's passwd entry is:
>> hopftp:x:1901:50::/u/www/pe5/clients/prexhop/hl7/rawimport/ahosp:/usr/local/bin/rssh
>> The rssh.conf file has a single line in it: user =
>> hopftp:000:00010:/u/www/pe5/clients/prexhop/hl7/rawimport
>> I set up dev/log  and bin/ls additionally so I could catch messages
>> after chroot'ing and got through all the obvious trip-ups...
>> (like: "rssh_chroot_helper[8018]: execv() failed,
>> /usr/libexec/openssh/sftp-server: No such file or directory", which was
>> actually sftp-server needing the libs for determining the UID in the
>> jail...)
>> Then I was able to, from the command prompt, signed on as root:
>> ---
>> # cd  /u/www/pe5/clients/prexhop/hl7/rawimport
>> # chroot .
>> # cd /ahosp
>> # /usr/libexec/openssh/sftp-server
>> ---
>> Which executes sftp-server without error at this point, but of course
>> since I can't interact with sftp-server via the keyboard properly, it
>> drops out after I hit enter.
>>
>> Then, from a remote site, I try to use the account for sftp and the
>> session looks like this (not the real IP, just an example):
>>
>> # sftp hopftp@2.2.2.2
>> Connecting to 2.2.2.2...
>> hopftp@2.2.2.2's password:
>> Connection closed
>>
>> (the password is not the issue, if I change the user's shell to bash, I
>> can login from a remote site using ssh without any problems)
>> The resulting entries in /var/log/messages are (again the IP isn't real):
>> Apr  7 14:43:05 pe sshd[1076]: Accepted password for hopftp from
>> 28.28.28.28 port 49933 ssh2
>> Apr  7 14:43:05 pe sshd[1076]: subsystem request for sftp
>> Apr  7 14:43:05 pe rssh[1389]: line 1: configuring user hopftp
>> Apr  7 14:43:05 pe rssh[1389]: setting hopftp's umask to 0
>> Apr  7 19:43:05 pe rssh_chroot_helper[1389]: new session for hopftp,
>> UID=1901
>> Apr  7 14:43:05 pe rssh[1389]: allowing sftp to user hopftp
>> Apr  7 19:43:05 pe rssh_chroot_helper[1389]: user's home dir is
>> /u/www/pe5/clients/prexhop/hl7/rawimport/ahosp
>> Apr  7 14:43:05 pe rssh[1389]: chrooting hopftp to
>> /u/www/pe5/clients/prexhop/hl7/rawimport
>> Apr  7 19:43:05 pe rssh_chroot_helper[1389]: chrooted to
>> /u/www/pe5/clients/prexhop/hl7/rawimport
>> Apr  7 14:43:05 pe rssh[1389]: chroot cmd line:
>> /usr/local/libexec/rssh_chroot_helper 2 "/usr/libexec/openssh/sftp-server"
>> Apr  7 19:43:05 pe rssh_chroot_helper[1389]: changing working directory
>> to /ahosp (inside jail)
>>
>> Based on a few items I saw about about other UID issues that might be
>> causing trouble, I tried:
>> cd /lib; find . -print | cpio -pmud
>> /u/www/pe5/clients/prexhop/hl7/rawimport/lib
>> cd /lib64; find . -print | cpio -pmud
>> /u/www/pe5/clients/prexhop/hl7/rawimport/lib64
>> But that did not make any difference.
>>
>> It looks like everything should be working - no errors anywhere... but
>> it drops to "Connection closed"...
>> Any help would be greatly appreciated,
>> Larry Irwin
>> CCA Medical
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Xperia(TM) PLAY
>> It's a major breakthrough. An authentic gaming
>> smartphone on the nation's most reliable network.
>> And it wants your games.
>> http://p.sf.net/sfu/verizon-sfdev
>> _______________________________________________
>> rssh-discuss mailing list
>> rssh-discuss@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/rssh-discuss
>>
>>
>>
>>
>
>

------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
rssh-discuss mailing list
rssh-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rssh-discuss

Reply via email to