Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Feature Requests

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 9th March 2007, 02:27
LeoLinux LeoLinux is offline
Senior Member
 
Join Date: Jul 2006
Location: Ellwangen
Posts: 119
Thanks: 16
Thanked 0 Times in 0 Posts
Send a message via ICQ to LeoLinux
Default chrooted users

it would also be nice if users which I create under ISPconfig would be automatically chrooted from the beginning.


Thx
Reply With Quote
Sponsored Links
  #2  
Old 9th March 2007, 09:41
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

chrooted what? ssh, ftp, mail, other?
Reply With Quote
  #3  
Old 11th March 2007, 12:40
LeoLinux LeoLinux is offline
Senior Member
 
Join Date: Jul 2006
Location: Ellwangen
Posts: 119
Thanks: 16
Thanked 0 Times in 0 Posts
Send a message via ICQ to LeoLinux
Default

sorry - I'm talking about ssh. I know there is a how to for debian users but it's not working out if you create new users via ispconfig - they still createt like usual users without the chroot privilegs. You have to change each user by hand.

Leander
Reply With Quote
  #4  
Old 11th March 2007, 12:56
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts
Default

Quote:
Originally Posted by LeoLinux
sorry - I'm talking about ssh. I know there is a how to for debian users but it's not working out if you create new users via ispconfig - they still createt like usual users without the chroot privilegs. You have to change each user by hand.

Leander
It is working out oif the box I guess you did not enable chrooting in ISPConfig in the file /home/admispconfig/ispconfig/config.inc.php. ISPConfig is not able to guess if your SSH daemon supports chrooting and as all SSH demons does not support it by default, it is disabled by default.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 11th March 2007, 16:06
LeoLinux LeoLinux is offline
Senior Member
 
Join Date: Jul 2006
Location: Ellwangen
Posts: 119
Thanks: 16
Thanked 0 Times in 0 Posts
Send a message via ICQ to LeoLinux
Default

Hi Till,

I just did this HowTo to enable the chroot on my ssh daemon.

http://www.howtoforge.com/chrooted_ssh_howto_debian

^^it's working for the testuser but not for ISP ones.

I didn't find the file where you told me to enable this option for ISPconfig cosutumers.

Code:
server1:~# ls -lach /home/admispconfig/ispconfig/
total 276K
drwxr-xr-x   8 admispconfig admispconfig 4.0K Mar 11 13:45 .
drwxr-xr-x   4 admispconfig admispconfig 4.0K Feb  6 20:40 ..
-rw-r--r--   1 admispconfig admispconfig   14 Mar  9 23:52 adminmail.txt
drwxrwx---   2 admispconfig mysql        4.0K Feb  6 20:40 backup
drwxr-xr-x   4 admispconfig admispconfig 4.0K Feb  6 20:40 files
-rw-r--r--   1 admispconfig admispconfig 226K Mar 11 13:45 ispconfig.log
drwxr-xr-x   6 admispconfig admispconfig 4.0K Feb  6 20:40 lib
-rw-r--r--   1 root         root          862 Feb  6 20:40 sysconf.txt
drwxr-xr-x   6 admispconfig admispconfig 4.0K Mar 10 00:00 temp
drwxr-xr-x   9 admispconfig admispconfig 4.0K Feb  6 23:47 tools
-rw-r--r--   1 root         root          166 Feb  6 20:40 users
drwxr-xr-x  20 admispconfig admispconfig 4.0K Feb  6 23:44 web
server1:~#
Thx!

;-)

Leander
Reply With Quote
  #6  
Old 11th March 2007, 16:44
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts
Default

The howtos is not especually for ISPConfig, but the general setup is ok.If you did not enable it in ISPConfig yet, it can not work.

The file is:

/home/admispconfig/ispconfig/lib/config.inc.php

There rae several threads here in the forum about enabling chrooting. just search for the words "chroot ssh".

By the way, if you dont know the location of a file, just run:

locate name_of_thefile
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
LeoLinux (15th April 2007)
  #7  
Old 11th March 2007, 17:06
LeoLinux LeoLinux is offline
Senior Member
 
Join Date: Jul 2006
Location: Ellwangen
Posts: 119
Thanks: 16
Thanked 0 Times in 0 Posts
Send a message via ICQ to LeoLinux
Default

ok I found and changed it from 0 to 1.

anyway thank you !


Leander
Reply With Quote
  #8  
Old 24th March 2007, 19:25
vogelor vogelor is offline
ISPConfig Developer
 
Join Date: Jan 2007
Location: Wernau, Germany
Posts: 219
Thanks: 42
Thanked 34 Times in 24 Posts
Default

@till
please keep in mind that the create_chroot script will NOT WORK with the soon comming etch version. i posted a working script here in the forum. please use this. if you like:
i also have a script enabling mysql and unzip for the chrooted user (especially mysql will NOT work without a little "trick". if you like this idea post here and i send you "my" script ;-)

Olli
__________________
Der neue Luxus heißt Zeit, nicht Geld!

Firma : http://www.muv.com, http://www.computerandservice.de
Privat : http://www.vogelor.de
Reply With Quote
The Following User Says Thank You to vogelor For This Useful Post:
LeoLinux (11th August 2007)
  #9  
Old 27th March 2007, 16:21
LeoLinux LeoLinux is offline
Senior Member
 
Join Date: Jul 2006
Location: Ellwangen
Posts: 119
Thanks: 16
Thanked 0 Times in 0 Posts
Send a message via ICQ to LeoLinux
Default

yes, sounds cool! post it!! ;-)

Leander
Reply With Quote
  #10  
Old 27th March 2007, 16:52
vogelor vogelor is offline
ISPConfig Developer
 
Join Date: Jan 2007
Location: Wernau, Germany
Posts: 219
Thanks: 42
Thanked 34 Times in 24 Posts
 
Default

Here we go ;-)
works at debian etch
Attached Files
File Type: txt create_chroot_env.sh.txt (3.1 KB, 966 views)
__________________
Der neue Luxus heißt Zeit, nicht Geld!

Firma : http://www.muv.com, http://www.computerandservice.de
Privat : http://www.vogelor.de
Reply With Quote
The Following 3 Users Say Thank You to vogelor For This Useful Post:
falko (28th March 2007), LeoLinux (15th April 2007), mbria (3rd December 2007)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Junk mail and spamassassin... sthompson Installation/Configuration 4 27th December 2006 17:11
Email (all) local users! edge Feature Requests 2 20th November 2006 14:26
Recovering unlinked mysql databases and users... Dave Lane Installation/Configuration 2 10th May 2006 20:45
Another Problem: Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP bluegrass Installation/Configuration 24 8th March 2006 02:41
Ability to add components for users webstergd Feature Requests 1 20th December 2005 11:25


All times are GMT +2. The time now is 09:00.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.