Re: Chroot Environment crazy

From: jpm (jperezme_at_jazzfree.com)
Date: 11/23/03

  • Next message: Per Hedeland: "Re: X11 forwarding in OpenSSH question" 
    Date: Sun, 23 Nov 2003 17:52:52 +0100

    I have added this lines to session.c before to compile it. It works with
    aix.

    +1228 do_setusercontext(struct passwd *pw)
     +1229 {
     +1230
     +1231 /* CHROOT patch start */
     +1232
     +1233 char *user_dir;
     +1234 char *new_root;
     +1235
     +1236 user_dir = xstrdup(pw->pw_dir);
     +1237 new_root = user_dir + 1;
     +1238
     +1239 while((new_root = strchr(new_root, '.')) != NULL) {
     +1240 new_root--;
     +1241 if(strncmp(new_root, "/./", 3) == 0) {
     +1242 *new_root = '\0';
     +1243 new_root += 2;
     +1244 debug("chrooting to user directory %s", user_dir);
     +1245 if(chroot(user_dir) != 0)
     +1246 fatal("Couldn't chroot to user directory %s", user_dir);
     +1247 pw->pw_dir = new_root;
     +1248 if (chdir("/") < 0)
     +1249 fatal("Couldn't cd to / after chroot to user directory
    %s: %s", user_dir, strerror(errno));
     +1250 break;
     +1251 }
     +1252 new_root += 2;
     +1253 fatal("Couldn't chroot%s", user_dir);
     +1254 }
     +1255
     +1256 /* CHROOT patch end */
     +1257
     +1258 #ifndef HAVE_CYGWIN
     +1259 if (getuid() == 0 || geteuid() == 0)
     +1260 #endif /* HAVE_CYGWIN */
     +1261 {
     +1262

    User home is /home/user/./

    > > I have compiled openssh 3.7.1p2 on Aix 4.3.3 with gcc 3.2.1.
    > > All works fine and chroot environment(users only can connect with sftp
    in
    > > their jail home) seems to be work fine, but from sftp client if i make a
    > > file transfer or i create a new folder inside user home it become crazy.
    > > EG:
    >
    > Oh, my. Which chroot patches or technique are you using? Not the
    > shell-script based one, I hope? And how did you create the chroot
    > environment?
    >
    > > 1.- User home /home/user (chroot environment and from sftp client this
    > > folder is / )
    > > 2.- I'm inside /home/user/htdocs (for user is /htdocs/)
    > > 3.- If i make a folder called "folder", it create
    > /home/user/htdocsfolder,
    > > instead /home/user/htdocs/folder
    > > 4.- The same occur if it is a file name.
    > >
    > > My sftp client is the last filezilla on windows machine.
    > > Regards.
    >
    > *sigh*. OK this sounds like a lot of somewhat shakey tools slung together.
    > Can you, instead, use WebDAV with SSL encryption to transfer files? I know
    > it's not as amazingly cool as SSH in a number of ways, but it's use is
    built
    > right into Win2K and WinXP, and clients are available in Linux as well
    (such
    > as DAVExplorer).
    >
    >

  • Next message: Per Hedeland: "Re: X11 forwarding in OpenSSH question"