View Single Post
Old 6th March 2013, 15:27
markc markc is offline
Join Date: Dec 2012
Posts: 57
Thanks: 6
Thanked 9 Times in 9 Posts

till: You should be able to add it in the jailkit settings under System > server config as additional dependency.

Thank you, spot on advice. This works on Ubuntu 12.10 so that id shows the user/group names instead of just the uid/gid which causes ssh to not work back out from the server (hence git, scp and rsync as well)...
cd /etc/jailkit
cp jk_init.ini jk_init.ini.orig
sed -i 's/lib64/lib\/x86_64-linux-gnu/g' jk_init.ini
diff -u jk_init.ini.orig jk_init.ini
--- jk_init.ini.orig    2013-03-06 22:35:04.502405510 +1100
+++ jk_init.ini 2013-03-06 23:16:06.070051327 +1100
@@ -2,12 +2,12 @@
 # this section probably needs adjustment on 64bit systems
 # or non-Linux systems
 comment = common files for all jails that need user/group information
-libraries = /lib/, /lib64/, /lib/libnss*.so.2, /lib64/libnss*.so.2
+libraries = /lib/, /lib/x86_64-linux-gnu/, /lib/libnss*.so.2, /lib/x86_64-linux-gnu/libnss*.so.2
 regularfiles = /etc/nsswitch.conf, /etc/
 comment = common files for all jails that need any internet connectivity
-libraries = /lib/, /lib64/
+libraries = /lib/, /lib/x86_64-linux-gnu/
 regularfiles = /etc/resolv.conf, /etc/host.conf, /etc/hosts, /etc/protocols
@@ -47,7 +47,7 @@
 comment = ssh secure ftp
-executables = /usr/lib/sftp-server, /usr/libexec/openssh/sftp-server, /usr/lib/misc/sftp-server, /usr/libexec/sftp-server
+executables = /usr/lib/sftp-server, /usr/libexec/openssh/sftp-server, /usr/lib/misc/sftp-server, /usr/libexec/sftp-server, /usr/lib/openssh/sftp-server
 includesections = netbasics, uidbasics
 devices = /dev/urandom, /dev/null
And FWIW the System -> Server Config -> Jailkit chroot app section currently has basicshell editors extendedshell netutils ssh sftp scp groups jk_lsh but extendedshell already includes basicshell editors so they could be removed. Of course I added git as well.

Woops, no, I take that back, git is still missing from the jailkit chroot even though I added git to the Server Config section for jailkit. SSH works back out from the server though.
Reply With Quote