Displaying 20 results from an estimated 1000 matches similar to: "Feature request"
2008 May 25
1
OpenSSH + chroot + SELinux = broke
Hello,
First, a big thank you to the OpenSSH devs.
_ /Problem Summary:/
_ Chroot and SELinux don't get along. This affects both the new
(official) ChrootDirectory feature, as well as the older (3rd party)
patch at http://chrootssh.sourceforge.net/.
_ /History and repro:/
_ On March 21, 2008, Alexandre Rossi posted to this list with the
subject: "*ChrootDirectory
2003 Dec 31
2
chroot + ssh concerns
Hello,
I'm new to the list, but hopefully I've done enough digging around that
I don't get yelled at too terribly ;)
We're looking to implement a chrooted environment for allowing users to
scp files from servers. That's basically the only functionality that
we need in this case. We're looking to chroot the user and/or remove
any chance that the account can login via
2004 Dec 20
3
chroot-ing users coming in via SSH and/or SFTP?
A client wants me to set up a mechanism whereby his customers can drop files
securely into directories on his FreeBSD server; he also wants them to be
able to retrieve files if needed. The server is already running OpenSSH,
and he himself is using Windows clients (TeraTerm and WinSCP) to access it,
so the logical thing to do seems to be to have his clients send and receive
files via SFTP or SCP.
2002 Jun 27
1
jailing transfer-only accounts
hello,
we need to transfer files in a secure way with different partners and
clients.
at the momet we're using commercial ssh because we found it the only way to
transfer files in a jailed environment and without offering a login shell.
we'd like to use openssh but found only some patches and wrapper scripts but
nothing "official" to do what we need.
i could image (and read on
2010 Oct 24
4
Determine if a given fs is a btrfs fs
Hi,
I''ve some btrfs fs which are encrypted with loopaes.
I decrypt them in a script during bootup. Now I want to determine if the decrypted fs
is a btrfs fs. If not I missspelled the password and I can handle that error in my
script.
Thanks for any help!
Felix
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to
2002 May 28
5
chroot patch
Hello everyone,
In response to emails such as the one below I have started a sourceforge site for this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either.
Please check out
2003 Jul 28
1
[Bug 177] chroot tools for OpenSSH 3.1p1
http://bugzilla.mindrot.org/show_bug.cgi?id=177
russell at flora.ca changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |russell at flora.ca
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the
2010 Jul 20
4
File cloning across subvolumes with BTRFS_IOC_CLONE ioctl
It seems that the BTRFS_IOC_CLONE ioctl fails when trying to do a
cross-subvolume clone of a file. Chris Mason suggested in the past ([1])
that this should be possible. Am I missing something?
[1] http://kerneltrap.org/mailarchive/linux-btrfs/2010/6/10/6884911
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to
2008 May 01
2
openssh-5.0p1: sftp transfer logging doesn't appear to work with chroot environment
Hi all,
I am running Debian Etch. I've compiled openssh-5.0p1 with pam
support. I'd like to use a chrooted sftp environment for my users and
also log their sftp file transfers. Currently file transfer logging
stops working when I implement a jail. Logging from within the chroot
seems like a useful feature. I hope it makes it in sooner rather than
later.
Here's the contents of my
2012 Jan 23
2
[LLVMdev] Possible bug in the dragonegg
Hi Duncan,
>> #include<stdio.h>
>> #include<string.h>
>>
>> int main(int argc, char** argv){
>>
>> char a[8] = "aaaaaaa";
>> char b[8] = "bbbbbbb";
>>
>> char *c = (char*) malloc(sizeof(char)*(strlen(a)+strlen(b)+1));
>> memcpy(c, a, strlen(a));
>> memcpy(c + strlen(a), b, strlen(b) + 1);
>>
2010 Jul 10
1
internal-sftp and logging not working with Fedora and chroot using 5.5?
Hope ya'all can help!
Been reading and reading, and adjusting... to no avail.
We need to have chroot'd SFTP activities logged on a file server and for
whatever reason, I simply cannot get it to log with users that are chroot'd
(this is necessary for auditing and HIPAA - so it is pretty important)
I have tried with Fedora 11/12 and even an older Fedora 8 server, the same
results:
1.
2004 Aug 06
1
Funky password mount point error for liveice and ic ecast - PLZ HL P!
Pete - Thanks for the hack, I've gone in an adjusted the necessary
lines(Even though my C is REALLY rusty, cut and paste to the rescue), I
re-compiled the source, so hopefully things will work once I get home to
test. You mentioned that I shouldnt use this for a Public Production
server, is there any other security measures I can take to override this
exploit? I had planned on running it
2007 Oct 02
3
scp -t . - possible idea for additional parameter
How difficult would it be to add an additional parameter to the -t that would *lock* the user at that directory level. say -T instead of -t...
By locking, I mean translating /path/to/file as ./path/to/file, or ../../../path/../../../path/to/file as ./path/to/file.
Basically set a root point as the current home directory, then build the pathing based on that, any "../" would become
2012 Jan 24
0
[LLVMdev] Possible bug in the dragonegg
Hi Pablo, I can reproduce this with the supplied IR. It is related to the use
of __memcpy_chk. As far as I can see it is a bug in lli or the LLVM code
generators. Can you please open a bugreport, attaching the LLVM IR.
Ciao, Duncan.
On 23/01/12 17:00, Pablo Barrio wrote:
> Hi Duncan,
>>> #include<stdio.h>
>>> #include<string.h>
>>>
>>> int
2012 Jul 18
2
[LLVMdev] [NVPTX] PTXAS - Unimplemented feature: labels as initial values
Dear NVPTX community,
PTXAS fails to compile the ptx code generated by NVPTX. Is it an issue of
backend or an issue of PTXAS or a known reasonable restriction?
Thanks,
- Dima.
> cat test.ll
; ModuleID = '__kernelgen_main_module'
target datalayout = "e-p:64:64-i64:64:64-f64:64:64-n1:8:16:32:64"
target triple = "ptx64-unknown-unknown"
%struct.__st_parameter_dt.0.4
2012 Apr 01
19
cross-subvolume cp --reflink
Glück Auf!
I know its been discussed more then ones, but as a user I really would like to see the patch for allowing this in the kernel.
Some users tested this patch successfully for weeks or months in 2 or 3 kernel versions since then, true?
I''d say by creating a snapshot, it''s nothing else in the end. More then one file or tree sharing the same data on disc, or am I wrong?
2012 Jan 23
0
[LLVMdev] Possible bug in the dragonegg
Hi Pablo,
> I came across something that seems to be a bug in the dragonegg option that
> emits LLVM IR. ¿Can anybody reproduce the error, or see what's wrong?
I can't reproduce this on x86-64 linux with latest LLVM+dragonegg+gcc-4.6.
¿Should I
> post it somewhere else in case it's really a bug? Thanks ahead!
>
> With this simple program:
> *
> #include
2007 Sep 17
2
No subject
Hi, when trying to install openssh I get the following errors. Any
idea of why?
This is on a mac 10.4.10 system, and with the 4.7p1 version.
Appreciate any tips.
Thanks,
Anil
if test ! -z ""; then \
/usr/bin/perl ./fixprogs ssh_prng_cmds ; \
fi
(cd openbsd-compat && make)
make[1]: Nothing to be done for `all'.
gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized
2008 Jun 07
2
Chroot'ed SSH
Hi,
Is anyone chrooting users that connect through SSH?
I looked for it on Google and I basically saw several methods:
- OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that
probably could be rebuilt under CentOS 5)
- There seem to be several patches for OpenSSH 4.x to do the chroot,
the most popular seems to be http://chrootssh.sf.net/
- There appears to be a pam_chroot
- There are
2008 Apr 03
1
Omission in sshd_config man page
[Not subscribed to this list, so please respond directly if you need to speak to me]
In man5/sshd_config.5, a permissible keyword in a 'Match' block is missing. It currently lists only:
AllowTcpForwarding, Banner, ForceCommand, GatewayPorts, GSSApiAuthentication, KbdInteractiveAuthentication, KerberosAuthentication, PasswordAuthentication, PermitOpen, PermitRootLogin,