similar to: Dovecot chrooting

Hi, I have written code which enables chroot environments for users. A new sshd onfiguration item ChrootUsers containts a list of users which has chroot environment.So if the user is not in the list it get's his normal environment. For users that are in the chrootusers list there homedir becomes / . Can you please apply this patch? With kind regards, Jeroen Nijhof -------------- next

The following is a patch I've been working on to support a "ChrootUser" option in the sshd_config file. I was looking for a way to offer sftp access and at the same time restict interactive shell access. This patch is a necessary first step (IMO). It applies clean with 'patch -l'. Also attached is a shell script that helps to build a chrooted home dir on a RedHat 7.2

hello all i run dovecot as my imap server on my university and squirrel as webmail. But squirrel returns an error: ERROR : Connection dropped by imap-server CAPABILITY i tail my /var/log/dovecot and this is the output with whatever user i try to log in and view mails: dovecot: Nov 13 17:51:27 Fatal: chdir(/home/epp719) failed with uid 2975: Permission denied dovecot: Nov 13 17:51:27 Error:

Hello out there! I've searched this list up and down in order to find a clue about restricting sftp or scp to a defined path or to a chroot jail. It seems there has been development on some patches but I can't find further information. Is there any support or planned support for restricting sftp or scp to a certain path? If there is already support for this, does anybody have a howto

This patch adds a new option to sshd, chroot_users. It has the effect of chroot()ing incoming ssh users to their home directory. Note: this option does not work if UsePrivilegeSeparation is enabled. Patch is based on OpenSSH 3.4p1. *** servconf.h@@\main\1 Tue Oct 1 17:25:32 2002 --- servconf.h Wed Oct 2 06:17:48 2002 *************** *** 131,136 **** --- 131,137 ---- char

I'm setting up a chroot environment on a shared web server to allow users to modify their web roots within a secure chroot, but am having a problem. Right now when I log in with test accounts I get this... Last login: Thu Jul 14 09:04:14 2011 from .... id: cannot find name for group ID 507 id: cannot find name for user ID 506 [I have no name!@webserver ~]$ I've verified that the UID /

Greetings! I am working on a patch that will support a "ChrootUsers" option in the v3.4p1 config file. I am wondering if there are already plans to support a chroot option on the go? Regards, _________________________________________ Open Text Corporation - HMS Division. John Furman Network Security Officer jfurman at opentext.com www.opentext.com/hms Voc: 519.888.7111 x2361 Fax:

http://bugzilla.mindrot.org/show_bug.cgi?id=177 mlists.20.jardel at spamgourmet.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mlists.20.jardel at spamgourmet | |.com ------- Additional Comments From

I have a RedHat 6.0 x86 server which is serving a number of minor things, which I wish to add shell access to. I'm currently running sshd and am quite happy with it, the exceptiong being that I am unable to make sshd perform a chroot for shell account users. I have been reading man pages and howto's, many of which discuss sshd or chroot, but never the two together. Is this not an

*This message was transferred with a trial version of CommuniGate(tm) Pro* When we last deployed OpenSSH (v. 3.4p1), we used a chroot patch supplied by John Furman. Does anyone know if that is still being maintained, and if so, where one may get it? If not, do any of the other chroot patches use the same configuration syntax? Specifically, it adds ChrootDir and ChrootUser to sshd_config.

HEllo, i am running samba 3.0.14a with this smb.conf file: [global] netbios name = redhat workgroup = net2day server string = PDC [on Redhat :: Samba server %v] security = user encrypt passwords = yes socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 hosts allow = 192.168.0.0/24 127.0.0.1 interfaces = lo eth0 bind interfaces only = yes local master = yes os level = 65 domain master = yes

Hi, As per the subject line - if I look up setting up chroot jails for SFTP over SSH2 I'm led to various Web sites and patches and also to a CentOS wiki page dated 2005, but what's the 'best' or 'correct' way to set this up for Centos 4.5 and 5? Thanks

> > The main problem seems to be with the way that debian starts bind > > using > > the script /etc/init.d/bind. I thought it would be really neat to > > just > > change the #!/bin/sh at the top of the script to something like : > > #!/usr/sbin/chroot /chroot-dns/ /bin/sh > > or > > #!/usr/sbin/chroot /chroot-dns/

Hello! Could somebody give some feedback on this configuration: - OpenBSD box with local ssh users. - /home directory mounted with nosuid,noexec. - postfix dropping mail in /home/username/mail/INBOX, with the UID/GID of the user. - dovecot: valid_chroot_dirs = /home default_mail_env = mbox:/home/%u/mail/:INBOX=/home/%u/mail/INBOX Are there any obvious ways for a local user to help

Hi, All. I've got a feeling it's a simple matter and it was discussed on this list (i've searched the archive) but still all answers i've found didn't solve this problem. We want to move from UW-IMAP to dovecot, when users INBOX is /var/mail/USER_NAME and his folders are ~USER_NAME/mail/. In addition the host is an FTP server that uses chrooting in order to prevent users from

Greetings, I have installed Dovecot under FreeBSD 5_3 It is pretty impressive. I got SSL working with no problem for both imap and pop3. Besides that I do still want to chroot Dovecot. I noticed that there are some options in the dovecot.conf that are intended for this. Unfortunately online resources on how to do that can't be found on google. Although I'm running the server as user

On Tue, 14 Jul 1998, cfb wrote: > The main problem seems to be with the way that debian starts bind using > the script /etc/init.d/bind. I thought it would be really neat to just > change the #!/bin/sh at the top of the script to something like : > #!/usr/sbin/chroot /chroot-dns/ /bin/sh > or > #!/usr/sbin/chroot /chroot-dns/ /chroot-dns/bin/sh try changing

After supermin has finished running, the initramfs files sit around occupying swappable memory but serving no further purpose. This saves a little memory, at the cost of about 1ms of extra boot time. --- init/init.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-) diff --git a/init/init.c b/init/init.c index 733d66e..5ac53e9 100644 ---

Hi, I'm using qmail + dspam + dovecot-lda. A typical .qmail file : | /usr/bin/dspam --client --deliver=stdout --user "$EXT@$USER" | /usr/bin/preline -f /usr/lib/dovecot/dovecot-lda -d "$EXT@$USER" -a "$EXT@$USER" -m "$EXT2" When dspam segfault or is killed, preline receive an empty content and only pass to dovecot-lda two headers ( Return-Path and

Folks, I've been tasked to find a solution that will create file-transfer-only accounts that are jailed or chrooted to a specific directory. (Not an uncommon task, I think.) Using the OpenSSH server and the OpenSSH scp client program, I can achieve the goal of having a file transfer only account jailed to a specified directory, by using the "scpjail" script (attached) as a