jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] centos 5.4 ldap and jail

From: Jordan Tomkinson
Subject: Re: [Jailkit-users] centos 5.4 ldap and jail
Date: Thu, 21 Jan 2010 09:49:34 +0800 
You can try a bind mount, sort of like a symlink (symlinks outside a
jail dont work inside the jail) but not

from the mount man file:
       mount --bind olddir newdir
       After this call the same contents is accessible in two places.
One can also remount a single file (on a single file).


something like

# delete the symlink
rm -f /www
# create a bind mount
mkdir /www
mount --bind /libxfs/www /www

I have something similer setup and it works ok

Regards,

Jordan

On Thu, Jan 21, 2010 at 5:41 AM, Richard Genthner
<address@hidden> wrote:
> I have this setup centos 5.4 jail 2.10 ldap and pam. I have it setup so
> the only think my users can do is scp and sftp and rsync. But the
> problem I'm having is the at when the users home dir
> is /ibxfs/www/jaildrop/./home/username it works, but if the users home
> dir is /www/jaildrop/./home/username it fails. ls -l of / is below. www
> is a symlink that points to ibxfs which is a mount point for our cluster
> FS. This wouldn't be a problem accept during failover I would have to
> point all homedirs in ldap to point to backup cluster fs /bibxfs/. This
> isn't running in socket mode. here is a example of the user from
> the /etc/passwd:
>
> testuser:x:1537:1537::/www/jaildrop/./home/testuser:/usr/sbin/jk_chrootsh
>
> Any help would be great, this use to work until we replaced the server
> with the new centos 5.4 box.
>
> drwxr-xr-x   2 root     4096 Dec  3 13:27 bibxfs
> drwxr-xr-x   2 root     4096 Dec 16 04:02 bin
> drwxr-xr-x   4 root     1024 Dec  3 13:03 boot
> lrwxrwxrwx   1 root        7 Dec  3 13:32 clusterfs -> /ibxfs/
> drwxr-xr-x  12 root     3620 Jan 11 09:45 dev
> drwxr-xr-x  94 root    12288 Jan 20 16:17 etc
> -rw-r--r--   1 root 14160977 Dec 31 13:08 etc-before-antono.zip
> drwxr-xr-x   4 root     4096 Jan  8 13:37 gpfs
> drwxr-xr-x   6 root     4096 Dec 31 13:24 hold.old
> lrwxrwxrwx   1 root       17 Jan  8 13:38 home -> /gpfs/mailfs/home
> drwxr-xr-x  38 root   106496 Jan  8 12:51 ibxfs
> drwxr-xr-x  11 root     4096 Dec 15 12:37 lib
> drwxr-xr-x   7 root     4096 Jan 16 04:02 lib64
> drwx------   2 root    16384 Dec  3 12:42 lost+found
> drwxr-xr-x   2 root     4096 Mar 11  2009 media
> drwxr-xr-x   2 root        0 Jan  8 13:20 misc
> drwxr-xr-x   2 root     4096 Mar 11  2009 mnt
> drwxr-xr-x   2 root        0 Jan  8 13:20 net
> drwxr-xr-x   2 root     4096 Mar 11  2009 opt
> dr-xr-xr-x 221 root        0 Jan  8 13:19 proc
> drwxr-xr-x  37 root     4096 Jan 20 16:33 root
> drwxr-xr-x   2 root    12288 Dec 16 04:02 sbin
> drwxr-xr-x   2 root     4096 Dec  3 12:43 selinux
> drwxr-xr-x   2 root     4096 Mar 11  2009 srv
> drwxr-xr-x  11 root        0 Jan  8 13:19 sys
> drwxrwxrwt   4 root     4096 Jan 20 16:16 tmp
> drwxr-xr-x  16 root     4096 Jan 20 16:19 usr
> drwxr-xr-x  25 root     4096 Jan 15 16:28 var
> lrwxrwxrwx   1 root       11 Dec  3 13:32 www -> /ibxfs/www/
>
>
> --
> Thanks,
> Richard Genthner
> Systems Administrator
> Symplicity
> tel. 703-351-0200x8051
>
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]