[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] pam_unix(sshd:session): session closed for user
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] pam_unix(sshd:session): session closed for user |
Date: |
Tue, 30 Jun 2009 13:27:47 +0200 |
User-agent: |
Thunderbird 2.0.0.21 (X11/20090318) |
Igor Galić wrote:
> Hi folks,
>
> Today I've been evaluating a couple of methods of chrooting scp/sftp users,
> and it seems that jk_chrootsh is so far the sanest.
>
> I didn't like the fact that jk_chrootsh was chrooted, so I gave it
> SYS_CAP_CHROOT:
> % sudo setcap CAP_SYS_CHROOT=ep /opt/bw/sbin/jk_chrootsh
> % sudo chmod -s /opt/bw/sbin/jk_chrootsh
>
> Of course that wouldn't work:
> jk_chrootsh[25029]: abort, effective user ID is not 0, possibly jk_chrootsh
> is not setuid root
>
> Welcome to 2009....
in cvs is initial capability support for jk_chrootsh. Could you give
that a try and test if it works as expected?
Olivier