[scponly] Scponly - chroot

wbr oblyr joe at sublimation.org
Mon May 26 18:18:39 EDT 2003 

hey jeff,

this is really a documentation problem.  a few details that you may have
missed from the docs:

- scponly and scponlyc are the same program (try diffing them).  scponlyc,
however, will perform a chroot(), which is the same feature as the program
chroot.  i didnt feel that this alone warranted a seperate manpage.

- chroot() is portable.  freebsd's jail is not.

the problem you are seeing with winscp and groups is a bit of a annoyance.
it will not prevent something from working.  you can correct it with a
number of solutions, which are enumerated in the archives for this list.

aside from the popup warning about the groups, is it "working"?  is it
chrooting to the correct directory?

joe




 ----

PGP KEY: http://www.sublimation.org/contact.html
PGP Key fingerprint = EC4B 0DA5 B4F6 BDDD 9176 55D6 3A6A 7D63 158F 22D2


On Mon, 26 May 2003, Jeff MacDonald wrote:

> I'm running FreeBSD 4.8, sorry for lack of details.
>
> Client is WinScp 2 on WinXP
>
> Jeff.
>
> >> -----Original Message-----
> >> From: Lupe Christoph [mailto:lupe at lupe-christoph.de]
> >> Sent: Monday, May 26, 2003 4:35 PM
> >> To: Jeff MacDonald
> >> Cc: scponly at lists.ccs.neu.edu
> >> Subject: Re: [scponly] Scponly - chroot
> >>
> >>
> >> On Monday, 2003-05-26 at 14:45:31 -0400, Jeff MacDonald wrote:
> >> > Oddly enough, I have a man page for scponly, but not scponlyc.
> >>
> >> If you look closely, you'll find scponlyc described in that
> >> manpage as
> >> well.
> >>
> >> > Anyway, I set the shell for a test user to scponlyc, and when I try
> >> > to login with WinSCP2 I barfs about not being able to get
> >> group listings
> >> > and some other stuff.
> >>
> >> IIRC somebody on this list reported problems with WinSCP and groups
> >> under RedHat. My fuzzy memory tell me the command "groups" is a shell
> >> script, and your chroot environment does not have a shell. I believe
> >> WinSCP (never used that myself) has a switch that lets it skip this
> >> groups command.
> >>
> >> Hope this is useful.
> >>
> >> > I assume that means to use scponlyc, I have to use jail ?
> >>
> >> Nope. You maybe you should not assume we do telepathy. For
> >> instance, you
> >> could divulge your platform. We now know the client is WinSCP, but we
> >> still don't know what that server is running. RedHat is a
> >> guess fed by
> >> my faulty memory.
> >>
> >>
> >> Lupe Christoph
> >> --
> >> | lupe at lupe-christoph.de       |
> >> http://www.lupe-christoph.de/ |
> >> | "Violence is the resort of
> >> the violent" Lu Tze                         |
> >> | "Thief of Time", Terry Pratchett
> >>             |
> >>
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>

More information about the scponly mailing list