WU-FTPD, Solaris 8, anon user, chroot() question

From: Mansel P Bell (Mansel_P_Bell@raytheon.com)
Date: 11/16/01 

To: focus-sun@securityfocus.com
From: "Mansel P Bell" <Mansel_P_Bell@raytheon.com>
Subject: WU-FTPD, Solaris 8, anon user, chroot() question
Date: Fri, 16 Nov 2001 12:24:13 -0600
Message-ID: <OFCAFE20A0.8E752828-ON86256B06.006517F4@mck.us.ray.com>

Hello,

I am working on a anonymous-only wu-ftpd design and
need some help with logging via syslog from within
an anonymous user's chroot()ed home directory.

Configuration info:
------------------
- Solaris 8, 07/01 platform
- Running wuftpd v2.6.1
- Custom-compiled wuftpd (not using a vanilla Solaris package)
- Running wuftpd as a standalone server
- Configured with several anon classes tied to different IPs
- Successfully chroot()ed the Solaris 8 syslogd server:
  --> running from $CHROOT/usr/sbin/syslogd
  --> logging to $CHROOT/var/adm/messages
- Successfully chroot()ed the wuftpd server:
  --> running from $CHROOT/sbin/in.ftpd
  --> getting anon ftp user info from $CHROOT/etc/passwd
  --> anon ftp user home of $CHROOT/home
  --> each anon class has home of $CHROOT/home/anon{1..N}
  --> all syslog() calls from the parent in.ftpd instance
      log fine to $CHROOT/var/adm/messages

Problem:
-------
Once an anonymous user logs on, a new child process is
forked, and the user is chroot()ed according to his/her
anon class, all logging ceases for the child process
b/c $CHROOT/home/anon{1..N}/var/run/syslog_door does not
exist...the dreaded "syslog_door" problem all over again.

Does anyone know how to deal with Solaris doors in this
situation, short of rebuilding a version of syslog.o that
uses /dev/log instead?

Does anyone otherwise have any ideas on how I can circumvent
this problem in my design?

Any help is sincerely appreciated.

-Mansel

Relevant Pages

  • Re: syslogd quesstion
    ... Perhaps Solaris isn't using a gnu syslogd? ... syslog differently? ... I'm an AIX admin by trade, and a Linux admin by hobby. ... >> I'm pretty sure that there is no way to set up the format without ...
    (RedHat)
  • Re: syslogd quesstion
    ... Perhaps Solaris isn't using a gnu syslogd? ... syslog differently? ... Fedora Core. ... >> I'm pretty sure that there is no way to set up the format without ...
    (Fedora)
  • Re: Simple question on sendmail log files for Solaris 10
    ... > and warning files get stored? ... Sendmail logs to syslog, so the location of your log files is determined ... I haven't worked with Solaris 10, ...
    (comp.mail.sendmail)
  • Re: syslog
    ... Solaris box, is there any permissioning I have to setup with the syslog ... configuration to allow the cisco to syslog to my Solaris box? ... What facility does the Cisco box use? ...
    (comp.unix.solaris)
  • SUMMARY: forwarded syslog messages are missing originating hostname
    ... I am running Solaris 9 with the latest_recommended. ... to send their syslog messages to a central server, ... as a relay server to forward all syslog messages to a third server. ... originating servers hostname and state that they are only from the relay ...
    (SunManagers)