[scponly] scp blues

[Daniel Webb]

I'm having a hell of a time getting scponly to work in chroot mode.

I have installed all the libraries given by ldd, and also everything starting
with libnss*, and still got the "unknown user" error with scponly debug turned
up.  So somehow, scp in the chroot isn't finding the user.  The /etc/passwd
file is correct in the real root and the chroot.

In frustration, I copied the entire /lib, /usr/lib, /bin, /usr/bin, /etc trees
to the chroot.  Now I get:

>scp -P10005 365days.pdf bobo at ani:
Password:
scponly[27621]: chrooted binary in place, will chroot()
scponly[27621]: 3 arguments in total.
scponly[27621]:         arg 0 is scponlyc
scponly[27621]:         arg 1 is -c
scponly[27621]:         arg 2 is scp -t /home/main/test.pdf
scponly[27621]: opened log at LOG_AUTHPRIV, opts 0x00000029
scponly[27621]: retrieved home directory of
"/home/sbs/store000/bobo//home/main" for user "bobo"
scponly[27621]: chrooting to dir: "/home/sbs/store000/bobo"
scponly[27621]: chdiring to dir: "/home/main"
scponly[27621]: setting uid to 1030
scponly[27621]: processing request: "scp -t /home/main/test.pdf"
scponly[27621]: Unable to find "LOG_SFTP" in the environment
scponly[27621]: Found "USER" and setting it to "bobo"
scponly[27621]: Unable to find "SFTP_UMASK" in the environment
scponly[27621]: Unable to find "SFTP_PERMIT_CHMOD" in the environment
scponly[27621]: Unable to find "SFTP_PERMIT_CHOWN" in the environment
scponly[27621]: Unable to find "SFTP_LOG_LEVEL" in the environment
scponly[27621]: Unable to find "SFTP_LOG_FACILITY" in the environment
scponly[27621]: Found "HOME" and setting it to
"/home/sbs/store000/bobo//home/main"
scponly[27621]: Environment contains "USER=bobo"
scponly[27621]: Environment contains "HOME=/home/sbs/store000/bobo//home/main"
scponly[27621]: set HOME environment variable to / username: bobo(1030),
IP/port: ::ffff:192.168.0.100 41264 10005
scponly[27621]: running: /usr/bin/scp -t /home/main/test.pdf (username:
bobo(1030), IP/port: ::ffff:192.168.0.100 41264 10005)
scponly[27621]: failed: /usr/bin/scp -t /home/main/test.pdf with error No such
file or directory(2) (username: bobo(1030), IP/port: ::ffff:192.168.0.100
41264 10005)
free(): invalid pointer 0x804dae0!
lost connection

If I change the passwd shell for bobo, I can cd to the directory in question,
so it exists and bobo has permissions to it.  I wish it specified which file
or directory there was "no such" of.  

I have also tried:
>scp -P10005 365days.pdf bobo at ani:/home/main/test.pdf

with the same results.

Other tests:

>scp -P10005 365days.pdf bobo at ani:/test.pdf
Password:
scp: /test.pdf: Permission denied

>scp -P10005 365days.pdf bobo at ani:/home/test.pdf
Password:
scp: /home/test.pdf: Permission denied

Which is correct since bobo doesn't have write permissions to those
directories.

I'm using Debian Sarge Linux with 2.6.15.1 kernel.