[scponly] won't someone _please_ think of the archives ? (scponly
+ unison + chroot)
Paul Hyder
Paul.Hyder at noaa.gov
Fri Sep 29 14:30:36 EDT 2006
For "/home//incoming" there is a chroot to /home followed by a chdir to
/incoming. (For "/home" it is a chroot to home followed by a chdir to /)
You shouldn't need to change the jail or duplicate anything.
It does make the top level password file more difficult to maintain.
Should be worth testing, with debuglevel set to 1 to verify that the
Unison HOME variable is being correctly set.
Paul Hyder
Ensel Sharon wrote:
>
> On Fri, 29 Sep 2006, Paul Hyder wrote:
>
>> If what you need is a writeable home directory, have you tried changing
>> the path in the top level password file (with the "//" syntax) to have the
>> user's home directory be the writeable ~/incoming? (I don't know enough
>> about your specific jail configuration, would this work for you or is
>> being in ~ instead of ~/incoming important?)
>
>
> My architecture is built so that the supporting dirs/files of the chroot
> only exist in one place.
>
> Each user on the system has the _exact same_ home directory:
>
> /home
>
> Each user uses the exact same chroot components:
>
> /home/etc
> /home/bin
> /home/usr/bin (and so on)
>
> and each user is not allowed to read or write in /home - all they can do
> is traverse through it (a+x) to get to their particular incoming
> directory.
>
> So if I set their home directory to:
>
> /home//incoming, my setup above will continue working ? Or will I need to
> put the chroot components into each /home//incoming - one copy for
> everyone ?
>
>
>
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
More information about the scponly
mailing list