Hi again,
I installed jailkit-2.3 on RHEL 5 this time and as with RHEL 4 I had to
add libnss_files.so.2 to /home/sftproot/lib64. Unfortunately, this time
when I try sftp I get the message "Connection closed". When I try to
scp I get the message: "Couldn't open /dev/null: No such file or
directorylost connection".
In /var/log/messages I get:
Mar 29 21:01:16 Saguenay jk_chrootsh[13325]: now entering jail
/home/grid/sftproot for user pds (2039)
Mar 29 21:01:16 Saguenay jk_lsh[13325]: jk_lsh version 2.3, started
Mar 29 21:01:16 Saguenay jk_lsh[13325]: executing command
'/usr/libexec/openssh/sftp-server' for user pds (2039)
And later:
Mar 29 21:18:30 Saguenay jk_chrootsh[13376]: now entering jail
/home/grid/sftproot for user pds (2039)
Mar 29 21:18:30 Saguenay jk_lsh[13376]: jk_lsh version 2.3, started
Mar 29 21:18:30 Saguenay jk_lsh[13376]: executing command '/usr/bin/scp
-t ~' for user pds (2039)
So we seem to be authenticating the user OK, but then something goes
wrong. I tried strace and ldd on sftp-server, but the necessary
libraries seem to be in place. Any other ideas on how to track this
down?
Thanks,
Norbert
-----Original Message-----
From: Driedger,Norbert [Ontario]
Sent: March 6, 2007 9:49 AM
To: 'address@hidden'
Subject: RE: [Jailkit-users] "lost connection" in simple scp/sftp jail
onRHEL 4
Yes, that was it! I had no libnss*.so files. Actually, rather than
copy them all in, all I needed was libnss_files-2.3.4.so and of course
the symbolic link libnss_files.so.2 in /home/sftproot/lib64.
Thanks very much!
Norbert
-----Original Message-----
From: address@hidden
[mailto:address@hidden On
Behalf Of Olivier Sessink
Sent: March 5, 2007 6:05 PM
To: address@hidden
Subject: Re: [Jailkit-users] "lost connection" in simple scp/sftp jail
onRHEL 4
Driedger,Norbert [Ontario] wrote:
Hello,
Last year I had good success setting up jailed users with jailkit-1.3
on
a system running RHEL 3. Now I tried the same using jailkit-2.3 on
RHEL
4 and it's not working. I get the following in /var/log/messages when
I
try to scp to the jailed user:
Mar 5 15:30:03 pontiac2 sshd(pam_unix)[5442]: session opened for user
pds by (uid=0)
Mar 5 15:30:03 pontiac2 jk_chrootsh[5443]: now entering jail
/home/sftproot for user pds (2039)
Mar 5 20:30:03 pontiac2 jk_lsh[5443]: jk_lsh version 2.3, started
Mar 5 20:30:03 pontiac2 jk_lsh[5443]: cannot find user name for uid
2039: Success
[..]
This feels like something simple, like a permissions problem or
something like that, but everything I've looked at seems OK. I
checked
/home/sftproot/etc/passwd and it looks OK. Where is it looking for a
user name and not finding it?
it is searching for the user using libnss. Can you check if all the
/libnss*.so files that are on your real system are available in the
jail? Can you post your /etc/passwd and <jail>/etc/passwd for user pds ?
Is your system running nscd? Does it make a difference if you stop
nscd?
regards,
Olivier
_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users
_______________________________________________
Jailkit-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/jailkit-users