[scponly] RE: FW: scponly Digest, Vol 6, Issue 6
Hammad
scponly at brisksolutions.com
Mon Jun 23 13:36:21 EDT 2003
Very good Thanks, that did it.
I ran few tests, scp and sftp working fine. I also tried doing 'ssh' (cuz its
not suppose to let you in). It spits out this error message:
[root at spider root]# ssh scptest at mars
scptest at mars's password:
/usr/X11R6/binxauth: timeout in locking authority file /home/scptest/.Xauthority
Is it normal? I even 'touch .Xauthority' in /home/scptest and tried to ssh IN,
now it sits there.
Also, since you are using this for a while. I like it if you can give me some
security tips because My server will be sitting on the NET.
Thanks again for your HELP. Really appreciate it.
-Hammad
Quoting Bill Cronin <bill at bock.com>:
| Hammad,
| Sorry, I shouldn't have tried to help from memory.
|
| I looked at the setup_chroot.sh.in file. I think this is a template for
| the creation of setup_chroot.sh. Anyway, look over that file. There's a
| @PROG_PW@ substitution variable in there that controls what program is used
| for the passwd command. This is not passed to the program at all for 7.3
| so
| it's blank in the resulting setup_chroot.sh script. You'll need to find
| instances of @PROG_PW@ and substitute in the results of 'which passwd' on
| your system. Attached is my version of setup_chroot.sh.
|
| Hope this helps.
|
| -Bill
|
| > -----Original Message-----
| > From: Hammad [mailto:scponly at brisksolutions.com]
| > Sent: Monday, June 23, 2003 10:46 AM
| > To: bill at bock.com; scponly at lists.ccs.neu.edu
| > Subject: RE: FW: scponly Digest, Vol 6, Issue 6
| >
| >
| >
| > Okay, I'll try changing adduser to useradd. I noticed that
| > too myself but didn't
| > change it because redhat 7.3 has a 'adduser' command
| > symbolically linked to
| > 'useradd'.
| >
| > After changing all occurances of 'adduser' to 'useradd',
| > still getting the same
| > error.
| >
| > [root at mars scponly-3.8]# ./setup_chroot.sh
| > this script requires the program useradd or pw to add your
| > chrooted scponly user.
| >
| > This is the line where its failing, not sure why
| >
| > --------------------------------------------------------
| > USE_PW=0;
| > if [ x/usr/sbin/useradd = x ]; then
| > USE_PW=1;
| > else
| > if [ x = x ]; then
| > echo "this script requires the program useradd or pw
| > to add your"
| > fail "chrooted scponly user."
| > fi
| > fi
| > --------------------------------------------------------
| >
| > --
| > Hammad
| > |
| > |
| > |
| > | Quoting Bill Cronin <bill at bock.com>:
| > |
| > | | Hammad,
| > | | My bad. It's not "change pw to passwd", it's "change adduser to
| > | useradd".
| > | | The principal of the problem is the same - the script is
| > looking for a
| > | | program that has a different name in RedHat. Sorry for
| > the bum steer.
| > | |
| > | | -Bill
| > | |
| > | | > -----Original Message-----
| > | | > From: Hammad [mailto:hammad at brisksolutions.com]
| > | | > Sent: Saturday, June 21, 2003 1:51 AM
| > | | > To: bill at bock.com; scponly at lists.ccs.neu.edu
| > | | > Subject: Re: FW: scponly Digest, Vol 6, Issue 6
| > | | >
| > | | >
| > | | > There is not passwd command in that script. Attached is the
| > | | > setup script I am
| > | | > using not sure where the problem lies.
| > | | >
| > | | > Thanks for your help.
| > | | >
| > | | > --
| > | | >
| > | | > Hammad
| > | | >
| > | | >
| > | | > Quoting Bill Cronin <bill at bock.com>:
| > | | >
| > | | > | Modify the setup_chroot.sh that gets created to look for
| > | | > passwd as the
| > | | > | password program rather than pw. I think pw must be the
| > | | > BSD version of
| > | | > | Linux passwd program.
| > | | > |
| > | | > | You'll need to do some other stuff as well (copy in library
| > | | > files to /lib)
| > | | > | in order to resolve dependencies for the programs in /bin
| > | | > in your jail.
| > | | > | Just run ldd against all the programs in /bin to make
| > sure all the
| > | | > | necessary
| > | | > | files are in the /lib directory. I can't remember what
| > | | > else I did exactly.
| > | | > | The makefile to make the shell script is pretty BSD specific.
| > | | > |
| > | | > | -Bill
| > | | > |
| > | | > | -----Original Message-----
| > | | > | From: scponly-bounces at lists.ccs.neu.edu
| > | | > | [mailto:scponly-bounces at lists.ccs.neu.edu]On Behalf Of
| > | | > | scponly-request at lists.ccs.neu.edu
| > | | > | Sent: Friday, June 20, 2003 12:00 PM
| > | | > | To: scponly at lists.ccs.neu.edu
| > | | > | Subject: scponly Digest, Vol 6, Issue 6
| > | | > |
| > | | > |
| > | | > | Send scponly mailing list submissions to
| > | | > | scponly at lists.ccs.neu.edu
| > | | > |
| > | | > | To subscribe or unsubscribe via the World Wide Web, visit
| > | | > | https://lists.ccs.neu.edu/bin/listinfo/scponly
| > | | > | or, via email, send a message with subject or body 'help' to
| > | | > | scponly-request at lists.ccs.neu.edu
| > | | > |
| > | | > | You can reach the person managing the list at
| > | | > | scponly-owner at lists.ccs.neu.edu
| > | | > |
| > | | > | When replying, please edit your Subject line so it is
| > more specific
| > | | > | than "Re: Contents of scponly digest..."
| > | | > |
| > | | > |
| > | | > | Today's Topics:
| > | | > |
| > | | > | 1. setup_chroot.sh problem (Hammad)
| > | | > |
| > | | > |
| > | | > |
| > | | >
| > ----------------------------------------------------------------------
| > | | > |
| > | | > | Date: Fri, 20 Jun 2003 02:00:18 -0400
| > | | > | From: Hammad <hammad at brisksolutions.com>
| > | | > | To: scponly at lists.ccs.neu.edu
| > | | > | Subject: [scponly] setup_chroot.sh problem
| > | | > | Message-ID: <1056088818.3ef2a2f293140 at mail.brisksolutions.com>
| > | | > | Content-Type: text/plain; charset=ISO-8859-1
| > | | > | MIME-Version: 1.0
| > | | > | Content-Transfer-Encoding: 8bit
| > | | > | Precedence: list
| > | | > | Message: 1
| > | | > |
| > | | > | Hi:
| > | | > |
| > | | > | This is my first time installing scponly. Seems like a good
| > | | > product. I need
| > | | > | some help though. I am running redhat 7.3, downloaded the
| > | | > newest version of
| > | | > | scponly 3.8. configure, make, make install all went
| > fine but when I
| > | | > | run ./setup_chroot.sh. It spits out the following message.
| > | | > Any help will be
| > | | > | appreciated.
| > | | > |
| > | | > | Before I ran ./setup_chroot.sh, I have a test user
| > already created
| > | | > | in /etc/passwd, both scponly and scponlyc added to
| > /etc/shells. I do
| > | | > | have 'useradd' in /usr/sbin.
| > | | > |
| > | | > | [root at mars scponly-3.8]# ./setup_chroot.sh
| > | | > | this script requires the program useradd or pw to add your
| > | | > | chrooted scponly user.
| > | | > |
| > | | > |
| > | | > | --
| > | | > | Hammad
| > | | > |
| > | | > |
| > | | > |
| > | | > |
| > | | > | ------------------------------
| > | | > |
| > | | > | _______________________________________________
| > | | > | scponly mailing list
| > | | > | scponly at lists.ccs.neu.edu
| > | | > | https://lists.ccs.neu.edu/bin/listinfo/scponly
| > | | > |
| > | | > |
| > | | > | End of scponly Digest, Vol 6, Issue 6
| > | | > | *************************************
| > | | > |
| > | | > |
| > | | >
| > | | >
| > | |
| > | |
| > |
| > |
|
More information about the scponly
mailing list