[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] chroot: ssh works, scp doesn't (more info)



/ 2004-01-23 12:44:59 -0000
\ Tom Knight:
> 
> I've been playing with this a lot now.
> 
> Looking at the two files /etc/passwd and /bin/compart.jail:
> 
> If I change the /etc/passwd shell for the user to /bin/bash, scp is fine.
> When I cange it back to /bin/compart.jail, it's not fine, as before.
> 
> If I change /bin/compart.jail to read:
>   #!/bin/bash
>   /bin/bash
> scp is _still_ not functioning in the same way as before
> 
> Looking at debug logging of sshd, I can see that the sudo line in the 
> /bin/compart.jail is called, so I know the system does manage to read 
> that file. In case you really want to know, here are its permissions:
> 4 -rwxr-xr-x   1 root    root    390 2004-01-23 12:09 /bin/compart.jail
> 
> So it looks like scp doesn't like the login shell being /bin/compart.jail
> 
> There must be a way.....

blindly guessing:
echo "/bin/compart.jail" >> /etc/shells

	Lars Ellenberg

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here