HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPconfig Jaikit / SSH Chroot not working (Lenny) (http://www.howtoforge.com/forums/showthread.php?t=32209)

edge 6th March 2009 21:30

ISPconfig Jaikit / SSH Chroot not working (Lenny)
 
Not sure where I did go wrong, but I did install Jaikit (according to The Perfect Server - Debian Lenny (Debian 5.0) [ISPConfig 3] - Page 4 - step 15 - Install Jailkit) before I installed ISPconfig 3

Whatever option I try for a Shell-User (none / Jailkit / SSH CHroot), they can cd into other directorys, and read the data.

Is it me who made a mistake, or does it not work on Lenny?

till 6th March 2009 23:27

Jailkit works for me fine on lenny, there are no known bugs. SSH-Chroot will only work if you patch your SSH daemon like it was nescessary for ispconfig 2.

edge 7th March 2009 09:18

Hi Falko,

I'm 100% sure that I did install it according to the howto.

Also the directory /etc/jailkit and the needed files do exist, and jk_sockeetd.ini does point to the "jailed" user directory
Quote:

[/var/clients/client1/web1/dev/log]
base=512
peak=2048
interval=10
When I login with the created shell-user I get this back as prompt.
Quote:

$USER@www.somedomain.nl:~$
Is the $USER correct, or should it say the user name?

Also.. Is there an other way of checking that Jailkit is installed correct?

edge 7th March 2009 09:34

I've created a new domain / user, and now jailkit is working fine!
The 1st domain / user that I tested it with was the main host name of the server. I guess that this was kind of mixing things up.

All is working fine for the new user.

However! I do still see the deleted test user accounts in "/var/clients/client1/web1/home"

falko 7th March 2009 15:30

I see you've posted this in the bugtracker, so we will check it.

oncletom 23rd April 2009 10:06

Hi, I think I have a similar problem.

I created a client, then a website and at least, at shell account with a Jailkit chroot.
Its dir is `/var/www/clients/client1/web1`. When I login, I'm located in `/var/www/clients/client1/web1/home/[clientname]`. I can browse the whole filesystem (according to the user permissions at least).

A last thing, I let the username empty because a shell login with [clientname] was fine. Could it be related? No chroot created because of no username given?

PS: I've installed Jailkit before ISPConfig ;-)

till 23rd April 2009 10:24

Are you really sure that you can broser the complete filesystem? Please login with that user and then execute:

cd /

and post the output of:

ls -la

oncletom 23rd April 2009 10:46

Quote:

Originally Posted by till (Post 183772)
Are you really sure that you can broser the complete filesystem? Please login with that user and then execute:

cd /

and post the output of:

ls -la

Hello :)

Thanks for your prompt reply. Here is the output:
Quote:

web1@ns206144:~$ cd /
web1@ns206144:/$ ls -la
total 84
drwxr-xr-x 21 root root 4096 avr 19 19:25 .
drwxr-xr-x 21 root root 4096 avr 19 19:25 ..
drwxr-xr-x 2 root root 4096 fév 12 14:46 bin
drwxr-xr-x 2 root root 4096 avr 19 19:23 boot
drwxr-xr-x 12 root root 14080 avr 23 06:25 dev
drwxr-xr-x 95 root root 4096 avr 23 10:38 etc
drwxr-xr-x 3 root root 4096 fév 9 12:53 home
drwxr-xr-x 11 root root 4096 avr 23 10:35 lib
lrwxrwxrwx 1 root root 4 avr 19 19:23 lib64 -> /lib
drwx------ 2 root root 16384 avr 19 19:15 lost+found
drwxr-xr-x 3 root root 4096 fév 9 11:23 media
drwxr-xr-x 2 root root 4096 déc 4 10:21 mnt
drwxr-xr-x 2 root root 4096 fév 9 11:23 opt
dr-xr-xr-x 170 root root 0 avr 19 22:27 proc
drwxr-xr-x 5 root root 4096 avr 21 19:20 root
drwxr-xr-x 2 root root 4096 avr 21 19:57 sbin
drwxr-xr-x 2 root root 4096 sep 16 2008 selinux
drwxr-xr-x 2 root root 4096 fév 9 11:23 srv
drwxr-xr-x 12 root root 0 avr 19 22:27 sys
drwxrwxrwt 5 root root 4096 avr 23 10:45 tmp
drwxr-xr-x 11 root root 4096 avr 19 21:45 usr
drwxr-xr-x 15 root root 4096 avr 19 22:12 var
Is it the expected result?

till 23rd April 2009 10:48

Ok, the user is really not chrooted. Did you get any errors in the log files (see monitoring module) as you created the jailed user? Please try to create a different new jailed user and check if this gets jailed.

oncletom 24th April 2009 10:47

Quote:

Originally Posted by till (Post 183785)
Ok, the user is really not chrooted. Did you get any errors in the log files (see monitoring module) as you created the jailed user? Please try to create a different new jailed user and check if this gets jailed.

I'll check for that. I'll keep you in touch thanks.


All times are GMT +2. The time now is 17:02.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.