search for: chrooting

Rely on currying, and avoid extra helper functions. No behaviour changes. --- daemon/inspect_fs_unix.ml | 20 ++++++++++---------- daemon/inspect_fs_windows.ml | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml index 59e26a05e..3ad119306 100644 --- a/daemon/inspect_fs_unix.ml +++ b/daemon/inspect_fs_unix.ml @@ -68,7

...2.3.0p1/acconfig.h openssh-2.3.0p1-chroot/acconfig.h --- openssh-2.3.0p1/acconfig.h Wed Oct 18 14:11:44 2000 +++ openssh-2.3.0p1-chroot/acconfig.h Wed Jan 3 19:23:48 2001 @@ -199,6 +199,9 @@ /* Define if you want to allow MD5 passwords */ #undef HAVE_MD5_PASSWORDS +/* Define if you want to use chrooting when a magic token is found */ +#undef CHROOT + /* Define if you want to disable shadow passwords */ #undef DISABLE_SHADOW Only in openssh-2.3.0p1-chroot/: acconfig.h~ diff -u openssh-2.3.0p1/config.h.in openssh-2.3.0p1-chroot/config.h.in --- openssh-2.3.0p1/config.h.in Mon Nov 6 03:25:18 2000...

I'm setting up a chroot environment on a shared web server to allow users to modify their web roots within a secure chroot, but am having a problem. Right now when I log in with test accounts I get this... Last login: Thu Jul 14 09:04:14 2011 from .... id: cannot find name for group ID 507 id: cannot find name for user ID 506 [I have no name!@webserver ~]$ I've verified that the UID /

Le Jeudi 11 Avril 2002 21:09, m.ibarra at cdcixis-na.com a ?crit : > I was curious to know if you had any luck in getting openssh's sftp > server properly configured to allow chrooted sftp logins? I have had > no success and need something quickly. Dear Mike, Unfortunately, I did not succeed to have it work. I got in contact with James Dennis <jdennis at law.harvard.edu>, who

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The chroot(2) man page describes a sysctl called 'kern.chroot_allow_open_directories' which controls whether a process can chroot() and is already subject to the chroot() syscall. It seems that this sysctl can be trivially changed from within a chroot'd process (ie: if that process has superuser privileges). Is this sysctl meant to

...non-root get a more friendly installation and no less security. * People who want not to use chroot even when running as root will lose. The only real reason I can think of to do that is that chroot might be broken on your machine, e.g. because name resolution doesn't work after chrooting. If we want to allow people the choice even when running as root we could change 'use chroot' from just being binary to being 'yes', 'no', 'if-possible', or something similar. Another alternative is to * Leave the default as 'yes' * If not running as r...

I have two snv_126 systems. I''m trying to zfs send a recursive snapshot from one system to another: # zfs send -v -R tww/opt/chroots at backup-20091225 |\ ssh backupserver "zfs receive -F -d -u -v tww" ... found clone origin tww/opt/chroots/ab at ab-1.0 receiving incremental stream of tww/opt/chroots/ab-1.0 at backup-20091225 into tww/opt/chroots/ab-1.0 at

Hi All, I'm migrating a CentOS 6 bind instance (chrooted) to a CentOS 7 box and am curious of people's opinions on chrooting vs selinux as a way of securing bind. The bind-chroot on CentOS 7 also comes with a script (/usr/libexec/setup-named-chroot.sh) that sets up the much maligned systemd and, through bind mounts, creates and extra level of chroot hierarchy giving: /var/named/chroot/var/named/chroot/var/named which...

I just downloaded the bind-chroot rpm and looked into it with Archive manager (so I am lazy), and no files, just the chroot tree. I am assuming there is some script that Archive manager does not show, or I am just missing it, because the ROOTDIR= did get added to /etc/sysconfig/named (and the one in the bind rpm is without this line). Just interesting that if you chroot, you are expected to

Hi, I have trouble setting up chrooted SFTP for our user. I got the basic SFTP chroot working, user is chrooted to its home directory, I've added /home/userb/etc directory with dummy passwd, group and localtime files. The problem is that instead of only accessing its own files, I need the user to be able to remove another users files. I have web application which runs as different user, the

Hello, I know this chroot issue has been brought up many times before on this list. I saw that the contribibuted chroot-patch was removed from the contrib directory because it always was out of date. The main reason was of course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users

Hello, I am trying to run rsync under my own userid on a high-numbered port. The problem is that, when I use the --daemon option, I get an error saying that a chroot() call failed. My config file does *not* have any chroot call in it. How can I avoid a chroot() invocation when running as a normal non-root user? Thanks in advance for any advice! -- Daniel Ortmann, LSI Logic, 3425 40th Av NW,

On Tue, 14 Jul 1998, cfb wrote: > The main problem seems to be with the way that debian starts bind using > the script /etc/init.d/bind. I thought it would be really neat to just > change the #!/bin/sh at the top of the script to something like : > #!/usr/sbin/chroot /chroot-dns/ /bin/sh > or > #!/usr/sbin/chroot /chroot-dns/ /chroot-dns/bin/sh try changing

I have an question, why you guys do not let chroot be owned by the user ? It would be a good way to chroot the users Cause like I want to chroot user in /chroot/%u But they can not write in this directory... i need to set another dir to them to be able to write, even when /chroot/ is onewd by root i want to be able to do this user1 be able to write in /chroot/user1 but not able to go

I'm stuck on a problem with rsync... We've got a chrooted shell with rsync and all the needed libs inside (and not much else). We're using rsync over ssh to send the files into this chrooted session. The rsync binary in the chrooted session is SUID root so that it can create the files with the correct UID/GID. When the following is run, it creates all the files as root.staff, not

First, I'm trying to following along on a document on "SecurityFocus" on "Securing MySQL: step-by-step". I'm on step 3.8 "Test the configuration". I have my CHROOT directory structure setup and the chrootuid is failing (haven't figured that one out, yet). So, I simply tried a 'chroot /chroot/mysql' and got: chroot: cannot run command

As I can seen, there is the bind-chroot glue package, but is there a postfix-chroot.rpm glue ? I have looked for it, but I think there is not. If there is not, what is your opinion about creating one ? Thanks -- Vilela -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hello Xen-Users, I am running a Debian GNU/Linux Devel-Station (P2/366 MHz, 512MByte) and use currently chroots which give some problems from time to time. I have following configuration: ----8<------------------------------------------------------------------ /dev/sda1 / 7700 GByte # Master System /dev/sda2 swap 256 MByte # Master System /dev/sda3 /var 512 MByte # Master System

Hi All, thanks for the replies so far.. I will try to address as many of them as I can in a group reply: Xabier Oneca -- xOneca wrote: Just to confirm, are you sure the scripts' path in config file is relative to the chroot directory? - Yes, I am working under the new path names in my xml file. The Web, Admin, and Log directories all work as planned. The shell files are in the same

Hi, I need to make a custom code change in sftp-server module to copy the received file outside the chroot-setup. I am trying to chroot repeatedly to get physical root directory and the copy received file to a directory outside chrooted directory. The children processes are owned by the sftp-user and so, sftp child process does not have permission to escape out of chroot. Is there a simple way