[scponly] won't someone _please_ think of the archives ? (scponly + unison + chroot)

Lupe Christoph lupe at lupe-christoph.de
Tue Oct 10 01:22:18 EDT 2006 

On Monday, 2006-10-09 at 19:24:49 -0400, Ensel Sharon wrote:

> I got the debug log:

> Oct  9 16:19:28 hostname sshd[21707]: Accepted keyboard-interactive/pam
> for username from 192.168.0.1 port 60207 ssh2
> Oct  9 16:19:29 hostname scponly[21711]: chrooted binary in place, will
> chroot()
> Oct  9 16:19:29 hostname scponly[21711]: 3 arguments in total.
> Oct  9 16:19:29 hostname scponly[21711]:        arg 0 is scponlyc
> Oct  9 16:19:29 hostname scponly[21711]:        arg 1 is -c
> Oct  9 16:19:29 hostname scponly[21711]:        arg 2 is unison -server
> Oct  9 16:19:29 hostname scponly[21711]: opened log at LOG_AUTHPRIV, opts
> 0x00000009
> Oct  9 16:19:29 hostname scponly[21711]: retrieved home directory of
> "/home//username" for user "username"
> Oct  9 16:19:29 hostname scponly[21711]: chrooting to dir: "/home"
> Oct  9 16:19:29 hostname scponly[21711]: chdiring to dir: "/username"
> Oct  9 16:19:29 hostname scponly[21711]: setting uid to username
> Oct  9 16:19:29 hostname scponly[21711]: processing request: "unison
> -server"
> Oct  9 16:19:29 hostname scponly[21711]: Found "HOME" and setting it to
> "/home//username"
> Oct  9 16:19:29 hostname scponly[21711]: Environment contains
> "HOME=/home//username"
> Oct  9 16:19:29 hostname scponly[21711]: set HOME environment variable to
> /username (username: username(username), IP/port: 192.168.0.1 60207 22)
> Oct  9 16:19:29 hostname scponly[21711]: running: /usr/local/bin/unison
> -server (username: username(username), IP/port: 192.168.0.1 60207 22)


> I think the problem is where HOME env var is set to only /username ...

No, that is correct. The path outside the chroot environment is
/home/username. It chdir'd to /home, so inside the chroot that path must
be stripped, which it did.

If you install a shell inside the chroot environment, call "chroot
/home", and do an "ls /", you will see /username. If you *must* have
/home/username for some reason, create a symlink /home -> . .

HTH,
Lupe Christoph
-- 
| You know we're sitting on four million pounds of fuel, one nuclear     |
| weapon and a thing that has 270,000 moving parts built by the lowest   |
| bidder. Makes you feel good, doesn't it?                               |
| Rockhound in "Armageddon", 1998, about the Space Shuttle               |

More information about the scponly mailing list