[scponly] scponly 4.6 ./configure under OpenBSD3.9

jp provision jp at pro-vision.net
Mon Aug 28 15:01:24 EDT 2006 

I've tried that exact configure line and neither scp nor sftp work
chrooted.

--
Josh Phillips
Principal
ProVision Technology Solutions
phone: 321.415.1595, ext. 101
email: josh at pro-vision.net
web: http://www.pro-vision.net
aim: joshuamphillips
msn: josh at pro-vision.net
yahoo: joshlamerritt
____________________
This e-mail is intended solely for the person or entity to which it is
addressed may contain confidential and/or privileged information. Any
review, dissemination, copying, printing or other use of this e-mail by
persons or entities other than the addressee is prohibited. If you have
received this email in error, please contact the sender immediately and
delete this material from any computer. 

> -----Original Message-----
> From: scponly-bounces at lists.ccs.neu.edu 
> [mailto:scponly-bounces at lists.ccs.neu.edu] On Behalf Of Paul Hyder
> Sent: Monday, August 28, 2006 2:58 PM
> To: G 0kita
> Cc: scponly at lists.ccs.neu.edu
> Subject: Re: [scponly] scponly 4.6 ./configure under OpenBSD3.9
> 
> It is hard to tell what you need but if your initial goal is 
> to have scponly 4.6 work with scp and sftp in a chrooted 
> environment then you probably want a configure line:
> 
>      ./configure --enable-chrooted-binary --enable-scp-compat
> 
> instead of the one shown below.  [scp is no longer enabled by 
> default but sftp is]
> 	Paul Hyder
> 	NOAA Earth System Research Laboratory, Global Systems Division
> 	Boulder, CO
> 
> 
> G 0kita wrote:
> > Hey everybody, here's a post I sent last week.  I'd love to include 
> > the config.log, but I'm tired of waiting for moderator approval.  
> > There're snippits of it at the end of the message.
> > 
> > On 8/22/06, <goo13c at gmail.com> wrote:
> >>
> >> Hi all.  I've noticed a number of posts lately about scponly 4.6 
> >> under OpenBSD 3.9.  I believe the problem is related to 
> the configure script!
> >> configure, make and make install run without errors, but 
> inspection 
> >> of the config.log and the errors thrown by the 
> setup_chroot.sh show 
> >> that the binaries required for scp and sftp to run properly aren't 
> >> being copied properly.
> >> If you check the other posts, you'll notice the errors thrown:
> >> <snip>
> >> Username to install [scponly]
> >> home directory you wish to set for this user 
> [/home/scponly] name of 
> >> the writeable subdirectory [incoming]
> >> install: 0: No such file or directory
> >> install: 1: No such file or directory
> >> install: Ref: No such file or directory <snip> This is because 
> >> BINARIES ends up 'yes /bin/pwd /usr/bin/groups /usr/bin/id 
> /bin/echo'
> >> and LIB_LIST ends up '0 1 Ref /usr/libexec/ld.so'
> >> Notice that 'yes' up there in BINARIES?  That's because in 
> >> config.h#define PROG_SFTP_SERVER "yes".
> >> And isn't that a mighty short list of binaries?
> >> Problem is that confdefs.h doesn't complete properly in 
> the configure 
> >> script, but doesn't throw any errors.  I've included the 
> config.log 
> >> at the end of the post.
> >> The jail won't work properly without the missing binaries 
> - which I 
> >> believe are:
> >> ~/etc/pwd.db
> >> ~/usr/libexec/ sftp-server, ld.so
> >> ~/usr/bin/ scp, groups, id
> >> ~/usr/sbin/ chown, chgrp
> >> ~/bin/ ls, rm, ln, mv, chmod, mkdir, rmdir, pwd, echo ~/usr/lib/ 
> >> libc.so.34.1, libcrypto.so.11.0 although this list is the 
> ones that 
> >> scponly 4.2 used under OpenBSD 3.6.
> >> I don't have time right now to modify and diff the 
> configure, but if 
> >> you need me to test out a new configure script, toss me an email!
> >>
> >> G0kita
> >>
> > 
> > 
> > config.log
> > <snip>
> >  $ ./configure --enable-chrooted-binary --with-sftp-server
> > 
> > ## --------- ##
> > ## Platform. ##
> > ## --------- ##
> > 
> > hostname = somehost.somewhere
> > uname -m = i386
> > uname -r = 3.9
> > uname -s = OpenBSD
> > uname -v = GENERIC#0
> > 
> > /usr/bin/uname -p = Intel Pentium III ("GenuineIntel" 686-class)
> > /bin/uname -X     = unknown
> > 
> > /bin/arch              = unknown
> > /usr/bin/arch -k       = OpenBSD.i386
> > /usr/convex/getsysinfo = unknown
> > hostinfo               = unknown
> > /bin/machine           = unknown
> > /usr/bin/oslevel       = unknown
> > /bin/universe          = unknown
> > 
> > PATH: /usr/bin
> > PATH: /bin
> > PATH: /usr/sbin
> > PATH: /sbin
> > PATH: /usr/X11R6/bin
> > PATH: /usr/local/bin
> > <snip>
> > configure:1494: checking for gcc
> > configure:1510: found /usr/bin/gcc
> > configure:1520: result: gcc
> > configure:1764: checking for C compiler version
> > configure:1767: gcc --version </dev/null >&5 gcc (GCC) 3.3.5 
> > (propolice) <snip>
> > configure:2239: gcc -c -g -O2  conftest.c >&5
> > conftest.c:2: error: syntax error before "me"
> > configure:2245: $? = 1
> > configure: failed program was:
> > | #ifndef __cplusplus
> > |   choke me
> > | #endif
> > <snip>
> > configure:4318: gcc -E  conftest.c
> > configure:4324: $? = 0
> > configure:4356: gcc -E  conftest.c
> > conftest.c:21:28: ac_nonexistent.h: No such file or directory
> > configure:4362: $? = 1
> > configure: failed program was:
> > | /* confdefs.h.  */
> > |
> > | #define PACKAGE_NAME "scponly"
> > | #define PACKAGE_TARNAME "scponly"
> > | #define PACKAGE_VERSION "4.6"
> > | #define PACKAGE_STRING "scponly 4.6"
> > | #define PACKAGE_BUGREPORT "joe at sublimation.org"
> > | #define HOST_OS $host_os
> > | #define RESTRICTIVE_FILENAMES 1
> > | #define ENABLE_WILDCARDS 1
> > | #define GFTP_COMPAT 1
> > | #define ENABLE_SFTP 1
> > | #define CHROOTED_NAME "scponlyc"
> > | #define CHROOT_CHECKDIR 1
> > | #define PROG_PWD "/bin/pwd"
> > | #define PROG_GROUPS "/usr/bin/groups"
> > | #define PROG_ID "/usr/bin/id"
> > | #define PROG_ECHO "/bin/echo"
> > | #define PROG_SFTP_SERVER "yes"
> > | /* end confdefs.h.  */
> > | #include <ac_nonexistent.h>
> > configure:4401: result: gcc -E
> > configure:4425: gcc -E  conftest.c
> > configure:4431: $? = 0
> > configure:4463: gcc -E  conftest.c
> > conftest.c:21:28: ac_nonexistent.h: No such file or directory
> > configure:4469: $? = 1
> > configure: failed program was:
> > | /* confdefs.h.  */
> > |
> > | #define PACKAGE_NAME "scponly"
> > | #define PACKAGE_TARNAME "scponly"
> > | #define PACKAGE_VERSION "4.6"
> > | #define PACKAGE_STRING "scponly 4.6"
> > | #define PACKAGE_BUGREPORT "joe at sublimation.org"
> > | #define HOST_OS $host_os
> > | #define RESTRICTIVE_FILENAMES 1
> > | #define ENABLE_WILDCARDS 1
> > | #define GFTP_COMPAT 1
> > | #define ENABLE_SFTP 1
> > | #define CHROOTED_NAME "scponlyc"
> > | #define CHROOT_CHECKDIR 1
> > | #define PROG_PWD "/bin/pwd"
> > | #define PROG_GROUPS "/usr/bin/groups"
> > | #define PROG_ID "/usr/bin/id"
> > | #define PROG_ECHO "/bin/echo"
> > | #define PROG_SFTP_SERVER "yes"
> > | /* end confdefs.h.  */
> > | #include <ac_nonexistent.h>
> > 
> > 
> > and then it does the failure again a few times.
> > 
> > 
> > 
> ----------------------------------------------------------------------
> > --
> > 
> > _______________________________________________
> > scponly mailing list
> > scponly at lists.ccs.neu.edu
> > https://lists.ccs.neu.edu/bin/listinfo/scponly
> 
> 
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
>

More information about the scponly mailing list