[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [suse-security] chroot: ssh works, scp doesn't (more info)



> what I found by means of google:
>
> | I suspect this won't work.  Scp is nothing but a hardcoded
> command running
> | over an ssh channel.  When you scp a file to a remote host, your local
> | host makes an ssh connection to the remote system and then runs
> a specific
> | command on that remote system -- which means that you have to have a
> | shell that, minimally, accept the '-c <command>' command line option.
> |
> | For example, the following command:
> |
> |   scp file remotehost:
> |
> | Is largely equivilent to:
> |
> |   ssh remotehost <shell> -c "scp -t ."
>
> so please try again with
>
> /bin/compart.jail:
> #!/bin/bash
> /bin/bash "$@"
>
> if that works, all you have to do is go back to your first try,
> but don't forget to pass the command line arguments
>
>    ;)
>
> 	Lars Ellenberg

May I praise you to the world?

Of course, that DID work. Now I've changed my /bin/compart.jail to read:
#!/bin/bash
sudo /usr/sbin/compartment --user update --group nogroup --chroot
/home/update/JAIL /bin/bash "$@"

Thank you _very_ much indeed for bringing a smile to an otherwise
rubbish Monday morning!

Tom.



-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here