[scponly] sftp-server not found
Kaleb Pederson
kaleb.pederson at gmail.com
Fri May 29 14:20:58 EDT 2009
On Fri, May 29, 2009 at 10:50 AM, Christopher Barry
<christopher.barry at qlogic.com> wrote:
> May 29 13:17:21 test-sftp scponly[7783]: running: /usr/lib/sftp-server -l VERBOSE -f AUTH (username: tuser(10001), IP/port: 10.32.4
> .86 2574 22)
> May 29 13:17:21 test-sftp scponly[7783]: about to exec "/usr/lib/sftp-server" (username: tuser(10001), IP/port: 10.32.4.86 2574 22)
Once 'sftp-server' has been recognized as a valid command, the path
provided is ignored and replaced with the path present at compile
time. At least, that's what's supposed to happen.
You can confirm what will actually be used by looking for
PROG_SFTP_SERVER in config.h.
The "about to exec" path is the one actually used. The other is
provided by the sftp client and likely just output directly in the
debug output.
> /usr/lib/sftp-server is a symlink to the real binary in the main system, but both are the same binary in the chrooted filesystem. At what point in the log above does the execution flip from the main filesystem to the chrooted binaries?
I'm not sure I understand. /usr/lib/sftp-server should match what
PROG_SFTP_SERVER is set to and must exist and be executable within the
chroot. I'm not sure if a symlink would be sufficient and the path
the symlink uses must not extend outside of the chroot.
I hope that gives you a place to start looking.
--Kaleb
More information about the scponly
mailing list