HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Jailkit user cannot login (http://www.howtoforge.com/forums/showthread.php?t=60361)

wwweiss 29th January 2013 12:55
Jailkit user cannot login
 
Hi,
I installed a new server with ISPConfig (Ubuntu 12.04) as discribed in the howto. The only thing I changed was to user Jailkit 2.15 instead of 2.14.
So far everything seems to work, but if a add a jailed SSH-user in ISPconfig this user cannot login.
In auth.log I can see these errors:

jk_chrootsh[8665]: path /var/www/clients/client2/web1/./ is not owned by user 5004
jk_chrootsh[8665]: path /var/www/clients/client2/web1/./ is not owned by group 5005

All configuration seems to be like it should.
If I add a jailed user without ISPconfig I get it to work, but with small differences in the home-path.

ISPconfig adds this line to /etc/paswd:

testerssh:x:5004:5005::/var/www/clients/client2/web1/./:/usr/sbin/jk_chrootsh

and this to the jailed passwd:

testerssh:x:5004:5005:::/bin/bash

Adding a user without ISPconfig makes a home-directory for the user inside the jail. So I changed the both lines above to:

testerssh:x:5004:5005::/var/www/clients/client2/web1/./web:/usr/sbin/jk_chrootsh

and

testerssh:x:5004:5005::/web:/bin/bash

With this change it works. Of course the users starts in den web-directory after login.

Is there a problem with ISPconfig or with Jailkit 2.15 and how can I fix that?
Has anyone else these problems?

till 29th January 2013 13:19
Which ISPConfig version do you use?

And did you change the jailkit user path in ispconfig? By default the path of a jailkit user is /var/www/clients/client2/web1/./home/username and not /var/www/clients/client2/web1/./

wwweiss 29th January 2013 13:43
Hi Till,

thanks for this quick response.
I have ISPConfig 3.0.4.6, just isntalled it two days ago, but I cannot remember that I changed anything with the path-default.
If I add a new shell user, I do not change anything under "options", there I have for Dir the value "/var/www/clients/client2/web1"
If I try to change this to ...web1/./home/testerssh I get an error message "No ./ in path allowed".
Yesterday I tried "/var/www/clients/client2/web1/web" but then the jail was also created inside the web directory (as I expected).
I think there ist a config-file where I should change the path value. Can you help?

till 29th January 2013 13:50
Ok, jailed users in 3.0.4.6 work fine, so thats not the issue here. My guess is that you changed one of the paths under System > server config ond the jailkit tab. The jailkit chroot home has to be "/home/[username]"

wwweiss 29th January 2013 13:59
This was the problem - sometimes things are so easy;)
I still cannot remember that I changed that, but that doesn't matter, because now I now where it is :)

wwweiss 29th January 2013 17:07
Hi,

I thought everything is working now, but after I deleted all users and websites to have a blank install I found that the passwd-file inside the jail still does not get the correct home path for the user. I get this:

maxssh:x:5004:5005:::/bin/bash

but should get

maxssh:x:5004:5005::/home/maxssh:/bin/bash

Maybe something is wrong with my Jailkit installation or is it again a simple setup misstake?
I would appreciate any further help.


All times are GMT +2. The time now is 14:36.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.