similar to: Feature request

Hello, First, a big thank you to the OpenSSH devs. _ /Problem Summary:/ _ Chroot and SELinux don't get along. This affects both the new (official) ChrootDirectory feature, as well as the older (3rd party) patch at http://chrootssh.sourceforge.net/. _ /History and repro:/ _ On March 21, 2008, Alexandre Rossi posted to this list with the subject: "*ChrootDirectory

Hello, I'm new to the list, but hopefully I've done enough digging around that I don't get yelled at too terribly ;) We're looking to implement a chrooted environment for allowing users to scp files from servers. That's basically the only functionality that we need in this case. We're looking to chroot the user and/or remove any chance that the account can login via

A client wants me to set up a mechanism whereby his customers can drop files securely into directories on his FreeBSD server; he also wants them to be able to retrieve files if needed. The server is already running OpenSSH, and he himself is using Windows clients (TeraTerm and WinSCP) to access it, so the logical thing to do seems to be to have his clients send and receive files via SFTP or SCP.

hello, we need to transfer files in a secure way with different partners and clients. at the momet we're using commercial ssh because we found it the only way to transfer files in a jailed environment and without offering a login shell. we'd like to use openssh but found only some patches and wrapper scripts but nothing "official" to do what we need. i could image (and read on

Hi, I''ve some btrfs fs which are encrypted with loopaes. I decrypt them in a script during bootup. Now I want to determine if the decrypted fs is a btrfs fs. If not I missspelled the password and I can handle that error in my script. Thanks for any help! Felix -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to

Hello everyone, In response to emails such as the one below I have started a sourceforge site for this patch. If your chuckling to yourself at the thought of a sourceforge site over a patch, well, I did too when I first thought of it. I don't have the bandwidth requirements at home to host it and Harvard Law School doesn't want to host the patch for me either. Please check out

http://bugzilla.mindrot.org/show_bug.cgi?id=177 russell at flora.ca changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |russell at flora.ca ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the

It seems that the BTRFS_IOC_CLONE ioctl fails when trying to do a cross-subvolume clone of a file. Chris Mason suggested in the past ([1]) that this should be possible. Am I missing something? [1] http://kerneltrap.org/mailarchive/linux-btrfs/2010/6/10/6884911 -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to

Hi all, I am running Debian Etch. I've compiled openssh-5.0p1 with pam support. I'd like to use a chrooted sftp environment for my users and also log their sftp file transfers. Currently file transfer logging stops working when I implement a jail. Logging from within the chroot seems like a useful feature. I hope it makes it in sooner rather than later. Here's the contents of my

Hi Duncan, >> #include<stdio.h> >> #include<string.h> >> >> int main(int argc, char** argv){ >> >> char a[8] = "aaaaaaa"; >> char b[8] = "bbbbbbb"; >> >> char *c = (char*) malloc(sizeof(char)*(strlen(a)+strlen(b)+1)); >> memcpy(c, a, strlen(a)); >> memcpy(c + strlen(a), b, strlen(b) + 1); >>

Hope ya'all can help! Been reading and reading, and adjusting... to no avail. We need to have chroot'd SFTP activities logged on a file server and for whatever reason, I simply cannot get it to log with users that are chroot'd (this is necessary for auditing and HIPAA - so it is pretty important) I have tried with Fedora 11/12 and even an older Fedora 8 server, the same results: 1.

Pete - Thanks for the hack, I've gone in an adjusted the necessary lines(Even though my C is REALLY rusty, cut and paste to the rescue), I re-compiled the source, so hopefully things will work once I get home to test. You mentioned that I shouldnt use this for a Public Production server, is there any other security measures I can take to override this exploit? I had planned on running it

How difficult would it be to add an additional parameter to the -t that would *lock* the user at that directory level. say -T instead of -t... By locking, I mean translating /path/to/file as ./path/to/file, or ../../../path/../../../path/to/file as ./path/to/file. Basically set a root point as the current home directory, then build the pathing based on that, any "../" would become

Hi Pablo, I can reproduce this with the supplied IR. It is related to the use of __memcpy_chk. As far as I can see it is a bug in lli or the LLVM code generators. Can you please open a bugreport, attaching the LLVM IR. Ciao, Duncan. On 23/01/12 17:00, Pablo Barrio wrote: > Hi Duncan, >>> #include<stdio.h> >>> #include<string.h> >>> >>> int

Dear NVPTX community, PTXAS fails to compile the ptx code generated by NVPTX. Is it an issue of backend or an issue of PTXAS or a known reasonable restriction? Thanks, - Dima. > cat test.ll ; ModuleID = '__kernelgen_main_module' target datalayout = "e-p:64:64-i64:64:64-f64:64:64-n1:8:16:32:64" target triple = "ptx64-unknown-unknown" %struct.__st_parameter_dt.0.4

Glück Auf! I know its been discussed more then ones, but as a user I really would like to see the patch for allowing this in the kernel. Some users tested this patch successfully for weeks or months in 2 or 3 kernel versions since then, true? I''d say by creating a snapshot, it''s nothing else in the end. More then one file or tree sharing the same data on disc, or am I wrong?

Hi Pablo, > I came across something that seems to be a bug in the dragonegg option that > emits LLVM IR. ¿Can anybody reproduce the error, or see what's wrong? I can't reproduce this on x86-64 linux with latest LLVM+dragonegg+gcc-4.6. ¿Should I > post it somewhere else in case it's really a bug? Thanks ahead! > > With this simple program: > * > #include

Hi, when trying to install openssh I get the following errors. Any idea of why? This is on a mac 10.4.10 system, and with the 4.7p1 version. Appreciate any tips. Thanks, Anil if test ! -z ""; then \ /usr/bin/perl ./fixprogs ssh_prng_cmds ; \ fi (cd openbsd-compat && make) make[1]: Nothing to be done for `all'. gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized

Hi, Is anyone chrooting users that connect through SSH? I looked for it on Google and I basically saw several methods: - OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that probably could be rebuilt under CentOS 5) - There seem to be several patches for OpenSSH 4.x to do the chroot, the most popular seems to be http://chrootssh.sf.net/ - There appears to be a pam_chroot - There are

[Not subscribed to this list, so please respond directly if you need to speak to me] In man5/sshd_config.5, a permissible keyword in a 'Match' block is missing. It currently lists only: AllowTcpForwarding, Banner, ForceCommand, GatewayPorts, GSSApiAuthentication, KbdInteractiveAuthentication, KerberosAuthentication, PasswordAuthentication, PermitOpen, PermitRootLogin,