View Single Post
  #25  
Old 25th March 2007, 20:43
jonwatson jonwatson is offline
Senior Member
 
Join Date: Feb 2007
Posts: 176
Thanks: 15
Thanked 3 Times in 3 Posts
Default

Quote:
Originally Posted by till
Chrooting SSH users is really easy, I dont know why it works not for you on your system. The only thin you have to do is to compile a SSH daoemon with chroot SSH support and then enable chrooting in ISPConfig. I've done this on many servers and it always worked prefectly for me.
I agree that I seem to be having more problems than some, but I now have three ISPConfig boxes which exhibit the same symptoms. CHROOTing doesn't work on any of them.

I followed Falko's tutorial (was it Falkos?) on installing the CHROOT environment in Debian. There were no obvious errors during the install and it seemed to go as planned.

I then enabled the chroot setting in the /home/admispconfig/ispconfig/lib/ispconfig.inc.php file by setting it to 1.

When I create new users, their passwd entry looks like this:

Code:
username:x:10009:10004:Working User:/var/www/web4/user/username/./:/bin/bash
(I've munged the username) but the '.' part is there which seems to be correct.

The CHROOT scripts seem to be copied over correctly as I see etc, bin, lib directories in the site's home directory.

Yes, whenever a user attempts to log in, they are punted with the error that /bin/bash cannot be found.

The bin directory in the site's home dir contains:
Code:
drwxr-xr-x   2 root             root    4096 Mar 24 11:01 .
drwxr-xr-x  12 munged.com web11   4096 Mar 25 11:41 ..
-rwxr-xr-x   1 root             root  625228 Mar 25 11:35 bash
-rwxr-xr-x   1 root             root   75948 Mar 25 11:35 ls
-rwxr-xr-x   1 root             root   20888 Mar 25 11:35 mkdir
-rwxr-xr-x   1 root             root   55340 Mar 25 11:36 mv
-rwsr-xr-x   1 root             root   30764 Mar 25 11:36 ping
-rwxr-xr-x   1 root             root   13848 Mar 25 11:36 pwd
-rwxr-xr-x   1 root             root   30712 Mar 25 11:36 rm
-rwxr-xr-x   1 root             root  163852 Mar 25 11:36 tar
So...I'm lost. Everything seems to be set up OK - but user's can't log in.

That's what I need help troubleshooting. There must be some reason why user accounts can't find /bin/bash once chrooted.

I am *extremely* motivated to fix this as I really can't fathom how I'm going to move my entire infrastructure off of ISPConfig.

Last edited by jonwatson; 25th March 2007 at 20:48.
Reply With Quote