Displaying 20 results from an estimated 40000 matches similar to: "Updated chroot patch"
2002 Apr 01
1
chroot.diff
Hello,
I'm not sure if this is the list to mail, but I have updated chroot.diff for openssh 3.1. I thought more people are most likely using this and figured some people may lack the ability to update it themselves as certain functions were modified enough to require new function prototypes etc... I'd be happy to modify this again for future releases if you'd like.
As I'm not on
2002 Apr 12
3
Chrooted sftp, did you getting it working?
Le Jeudi 11 Avril 2002 21:09, m.ibarra at cdcixis-na.com a ?crit :
> I was curious to know if you had any luck in getting openssh's sftp
> server properly configured to allow chrooted sftp logins? I have had
> no success and need something quickly.
Dear Mike,
Unfortunately, I did not succeed to have it work.
I got in contact with James Dennis <jdennis at law.harvard.edu>, who
2002 May 21
0
Chroot (theres that word again...)
Hey everyone,
It appears my last patch doesn't work entirely. Looks like I forgot to edit sshd.c for the priv seperation scheme (which is really cool by the way). Heres the new patch for chrooting system users (does not attempt to chroot the priv seperation user as ssh does that on it's own already).
-James
PS. Once again, I'm not on the openssh mailing list so if you have any
2003 Feb 10
0
Chroot with pam
Hey everyone,
As many of you may know, I maintain a patch to OpenSSH to chroot users
(http://chrootssh.sourceforge.net). It has been decided by the OpenSSH
developer's that such a patch should not be in the source because chroot
should occur outside of OpenSSH (which I agree with, but still need to
chroot users). Pam is capable of chrooting users and I am planning to
experiment with it
2002 May 28
5
chroot patch
Hello everyone,
In response to emails such as the one below I have started a sourceforge site for this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either.
Please check out
2001 Aug 31
3
handling of 'use chroot'
At the moment, if you start an rsyncd that's not running as root using
default settings it will have some trouble. rsyncd tries to use
chroot by default, but this will always fail if it's not started by
root. It does emit an error message in this case, but I wonder if
some people find this a bit confusing until they discover the setting.
I have in the past.
It might be better that if
2007 Sep 22
1
chroot support for ssh and sftp
List,
I'm current running an older, patched version of OpenSSH with chroot
support (OpenSSH_4.2-chrootsshp1). It's the chrootssh patch that James
Dennis has been providing. I checked back lately and found that even
with the portable OpenSSH source currently at 4.7p1, James doesn't have
anything newer than 4.5p1. I'd like to upgrade so I tried my hand at
implementing the patch
2001 Nov 17
4
Updated chroot patch
Howdy folks,
The chroot patch in the contrib directory had gotten stale and didn't apply
cleanly, so I've updated it... The attached patch works fine with 3.0p1.
Is there any reason this patch stays in the contrib directory rather than
being applied to the source? I find it incredibly useful.
Thanks for your hard work on OpenSSH!
Bret
PS: Please cc me with any responses as I'm
2001 Jul 20
0
Updated chroot patch
This is the patch part of contrib/chroot.diff updated to be appliable
against openssh-2.9p2. Tested on FreeBSD (various 3.x and 4.x) without
PAM or UseLogin.
Also, as part of deployment (replacing emergency-withdrawal of Telnet
access) I've chosen to get sftp on the relevant boxes. The deployment
had a scriptlet doing the config/make/etc and after the "make install"
would change
2002 Apr 05
1
Chroot of SCP and SFTP-server
Hi,
I was thinking about the difficulties and complexities of using chroot in
scp or sftp-server, in order to limit the user in which files they can
access.
I've seen a lot of arguments about how it is pointless to try and secure scp
or sftp (also from a logging perspective) because if we allow SSH access,
the user can simply provide their own scp or sftp binary, that does not do
the
2003 Feb 10
0
Possible Allow* bug?
Hey,
After discussing the limit of MAX_ALLOW_USERS I've been trying to use
AllowGroups instead. In the config file I have the AllowUsers lines
before the AllowGroups lines (I have tried both ways) and it appears
that the presence on the AllowGroups directives seems to blow away any
Allow* directives I have set. I'm not sure how to check further for bugs
so I figured I'd contact
2003 Jan 23
1
patched tarballs
Hello everyone,
As some of you may know, I maintain a patch that puts a '.' chroot hack
into OpenSSH. Unfortunately users seem to have had trouble applying the
patch. This is because I use gnu's patch and diff and many systems come
with a patch and diff that doesn't seem to understand -u or -N.
Anyway... the point of this email is to ask if anyone had any objections
to me
2011 Jul 14
0
Chroot issue with username to uid
I'm setting up a chroot environment on a shared web server to allow users to
modify their web roots within a secure chroot, but am having a problem.
Right now when I log in with test accounts I get this...
Last login: Thu Jul 14 09:04:14 2011 from ....
id: cannot find name for group ID 507
id: cannot find name for user ID 506
[I have no name!@webserver ~]$
I've verified that the UID /
2013 Feb 15
2
bind-chroot rpm only builds chroot tree?
I just downloaded the bind-chroot rpm and looked into it with Archive
manager (so I am lazy), and no files, just the chroot tree. I am
assuming there is some script that Archive manager does not show, or I
am just missing it, because the ROOTDIR= did get added to
/etc/sysconfig/named (and the one in the bind rpm is without this line).
Just interesting that if you chroot, you are expected to
2003 Aug 16
0
sftp-server (secure) chroot patch, comment fix
Accidently removed XXX comment. New patch below.
Regards
Magnus
--- openssh-3.6.1p2/sftp-server.c.org 2003-08-11 22:07:47.098650000 +0200
+++ openssh-3.6.1p2/sftp-server.c 2003-08-16 19:07:14.273582000 +0200
@@ -24,15 +24,24 @@
#include "includes.h"
RCSID("$OpenBSD: sftp-server.c,v 1.41 2003/03/26 04:02:51 deraadt Exp $");
+#define CHROOT
#include "buffer.h"
2017 Oct 17
1
[PATCH] daemon: simplify usage of Chroot.f
Rely on currying, and avoid extra helper functions.
No behaviour changes.
---
daemon/inspect_fs_unix.ml | 20 ++++++++++----------
daemon/inspect_fs_windows.ml | 2 +-
2 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/daemon/inspect_fs_unix.ml b/daemon/inspect_fs_unix.ml
index 59e26a05e..3ad119306 100644
--- a/daemon/inspect_fs_unix.ml
+++ b/daemon/inspect_fs_unix.ml
@@ -68,7
2003 Sep 30
1
[PATCH] sftp-server (secure) chroot patch, 3.7.1p2 update
Hello all,
Here is an updated patch. I published the original patch published on
august 16.
--- openssh-3.7.1p2/sftp-server.c.org 2003-08-22 01:34:41.000000000
+0200
+++ openssh-3.7.1p2/sftp-server.c 2003-09-30 17:22:43.730402000 +0200
@@ -24,6 +24,7 @@
#include \"includes.h\"
RCSID(\"$OpenBSD: sftp-server.c,v 1.43 2003/06/25 22:39:36 miod Exp
$\");
+#define CHROOT
2003 Aug 16
0
sftp-server (secure) chroot patch?
Hello,
I know this chroot issue has been brought up many times before on this list. I saw that the contribibuted chroot-patch was removed from the contrib directory because it always was out of date. The main reason was of course was that sftp-server has to be run as root to be able to do the chroot() call? Most of you are against chroot (since it isnt in the src) but I believe a lot of users
2003 Dec 26
1
[Bug 779] Chroot environment for sftp client crazy
http://bugzilla.mindrot.org/show_bug.cgi?id=779
Summary: Chroot environment for sftp client crazy
Product: Portable OpenSSH
Version: 3.7.1p2
Platform: Other
URL: http://aixpanish.com
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sftp-server
AssignedTo:
2015 Sep 10
0
bind chroot, bind mounts and selinux
I went through the chroot/selinux review when Centos6 came out. I went
with selinux and no chroot.
I don't have too much of an issue with systemd; I am learning it as I go.
I am putting up a Samba4 AD with Bind-DLZ backend. The Samba wiki
explicitly calls out no chroot and kind of explains why.
so I come out on the selinux side.
On 09/09/2015 09:09 PM, Tom Robinson wrote:
> Hi All,