[scponly] Close to all functionality with Solaris 9 Sparc and OpenSSH

Fri Sep 12 16:34:10 EDT 2003

I've been trying to get this to work all day, and I figured I'd make some notes along the way as to what I had to do to get it to work.  If you have questions about this, please post it to the list, as there are much better experts at this stuff than me :-)
And as always, you mileage may vary.

In order to get it to work in Solaris 9 Sparc with gcc 3.3 (Sunfreeware)...

Before you run configure:  (I use bash)

PATH=$PATH:/usr/local/bin:/usr/ccs/bin
(This is pretty common for all software, so probably best to assume the user already knows this)

-------------------------------------------------------
I'm using /usr/ccs/bin/make so maybe gmake doesn't have this next problem?

Once the configure is made, 
vi Makefile
:%s/:=/=

I don't know what an   :=   (Pascal? :-) is and neither does my make, so I just swapped them with  =  and it was happy

--------------------------------------------------------
install-sh didn't get set executable, so that failed.

chmod u+x install-sh  fixed that right up.
-----------------------------------------------------

LIB_LIST=`/usr/bin/ldd $BINARIES 2> /dev/null | /usr/bin/cut -f2 -d\> | /usr/bin/cut -f1 -d\( | /usr/bin/grep "^ " | /usr/bin/sort -u`

needs to be changed to 

LIB_LIST=`/usr/bin/ldd $BINARIES 2> /dev/null | /usr/bin/cut -f2 -d\> | /usr/bin/cut -f1 -d\( | /usr/bin/grep " " | /usr/bin/sort -u`

------------------------------------------------

I then changed /bin/sh to /usr/bin/bash because it looked as if some of the first grep statement wasn't processing correctly because of the ^cd$ in there, changing the shell to bash fixed that.  This probably would have fixed the above error, but I didn't go back and break it.

--------------------------------------------
I don't know why it wasn't finding my useradd.  It was right were it was looking, but oh well....

#if [ x/usr/sbin/useradd = x ]; then
        USE_PW=1;
#else
#    if [ x = x ]; then
#       echo "this script requires the program useradd or pw to add your"
#       fail "chrooted scponly user."
#    fi
#fi

---------------------------------------------------

"setup_chroot.sh" line 116 of 181 
        ./install-sh -c -C $bin $targetdir$bin
changed to
        ./install-sh -c $bin $targetdir$bin

---------------------------------------------------

LDSOFOUND=0
if [ -f /usr/libexec/ld.so ]; then
        LIB_LIST="$LIB_LIST /usr/libexec/ld.so"
        LDSOFOUND=1
fi

I added:
if [ -f /usr/lib/ld.so ]; then
        LIB_LIST="$LIB_LIST /usr/lib/ld.so"
        LDSOFOUND=1
fi

------------------------------------------------
Not using NIS, I assume if I was, then this would be found
#/bin/ls /lib/libnss_compat* 2>&1 > /dev/null
#if [ $? -eq 0 ]; then
#       LIB_LIST="$LIB_LIST /lib/libnss_compat* /lib/ld.so"
#fi

------------------------------------------------------

It didn't want to use the right useradd parameters, probably when I forced it to find useradd above?  So on line 153, I just set USE_PW=0 to use the right param string.

-------------------------------------------------------
I had to manually copy /usr/lib/ld.so to $HOME/usr/lib

-------------------------------------------------------

So I got sftp working.  No problems there.  Doing a directory the UID shows up and not the username.  I only mention this because scp doesn't work and exits with the error: 
unknown user 1155

(My test userid)

Happy to help out if I can, but all I can say is that I surprised even myself making the above changes and getting it to work!

Cheers!

--Brett