[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Question about jk_lsh usage
|
From: |
Olivier Sessink |
|
Subject: |
Re: [Jailkit-users] Question about jk_lsh usage |
|
Date: |
Fri, 08 May 2015 08:24:39 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 |
On 05/05/2015 06:06 PM, Paco Willers wrote:
> Hi,
>
>
> I can't get jk_lsh to work, and I am probably doing something wrong.
> As a test I wish a jailed user to see the results of the pwd command
> after which the connection is closed. In real life I would like to
> automatically execute a different command with some arguments, but
> let's use pwd as an example.
>
> I added the pwd command to /opt/myjail/etc/jailkit/jk_lsh.ini as follows:
>
> [DEFAULT]
> paths = /bin
> executables = /bin/pwd
>
> Then I edited the user's shell in /opt/myjail/etc/passwd as follows:
>
> myuser:x:1001:1001:,,,:/home/myuser:/usr/sbin/jk_lsh -c /bin/pwd
what happens is that your login systems now looks for an executable
named "jk_lsh -c /bin/pwd". You cannot pass arguments to the login shell
in your passwd file. This is not how the login system and/or jk_lsh is
designed to work. You can make it work in a different way:
in your passwd file you should just have
myuser:x:1001:1001:,,,:/home/myuser:/usr/sbin/jk_lsh
now you can change your password by:
ssh address@hidden /bin/pwd
Olivier
--
Bluefish website http://bluefish.openoffice.nl/
Blog http://oli4444.wordpress.com/