Re: [Jailkit-users] jailkit-2.0-1 -- NIS authentication error.

[Olivier Sessink]

Christopher Potter wrote:
> Hello list,
>
>      I have installed jailkit-2.0-1.el4.rf.i386.rpm on my Red Hat 
> Enterprise
> Linux AS release 4 box. I had a jail setup and working with a test user
> that was authenticating with an encrypted password in /etc/shadow. Upon
> switching the authentication to use Kerberos I was no longer able to 
> login with the test user. What happens is that it appears that the user 
> logs in and then is instantly booted out. Kerberos logins do work for 
> non jailed users.

you probably need to copy many extra files into the jail (libnss_nis, 
probably some kerberso libraries, config files, nis configuration files 
etc.).

> Here is the output from /var/log/messages:
> Jun  7 10:06:01 cs537 jk_chrootsh[4793]: now entering jail /home/jail 
> for user test666 (500)

you seem to have no logging from inside the jail, is jk_socketd 
configured and running? (or alternatively is syslog configured to open 
an extra socket inside the jail?)

the current development version, furthermore, has some new options for 
jk_chrootsh, that are not yet documented in the man pages.

if set the option 'skip_injail_passwd_check' does not look at the 
<jail>/etc/passwd anymore

the option 'injail_shell' is then used to specify the shell that will be 
used for the user.

hope this helps,

        Olivier