[scponly] ANN: chwurz , a tool to create and manage scponlyc chroots
Kaleb Pederson
kaleb.pederson at gmail.com
Mon Jan 9 15:49:42 EST 2012
Hi,
First, Thanks! I'm planning on removing the builtin chroot support as
I can't manage it for all the different OSs. A good tool will help,
which is part of why I haven't done that yet.
I don't know lua, so I can't say for sure that I've interpreted
everything correctly, but here's a few thoughts:
* It looks like it's hard coded to look for a path of
/usr/sbin/scponlyc, but it could be installed anywhere.
* The libs and their locations vary drastically per os/distribution.
Consider 64-bit OSs: /lib64.
* The hard-coded skeleton is likely going to be a pain to manage when
new releases come out
* Not all machines will be using /etc/passwd to manager their users (ldap, etc.)
* .ssh/authorized_keys is only a default and is configurable via
sshd_config (when using OpenSSH)
* Some admins won't want the users password, encrypted or not, ever
showing up in a process list
As I said, I may have misinterpreted some of what you're doing in Lua.
You might want to take a look at my cplibdeps python script (which
should be in the archives). It parses the output of ldd in order to
determine which libraries are needed. Of course, since it does parse
ldd output it's liable not to work on certain OSs.
Thanks again.
--Kaleb
On Mon, Jan 9, 2012 at 12:34 PM, startx <startx at plentyfact.org> wrote:
> hello.
>
> i have written a little tool to manage scponlyc chroots called chwurz :
>
> http://projects.plentyfact.org/projects/chwurz/wiki
>
> all options and examples :
>
> http://projects.plentyfact.org/projects/chwurz/wiki/Manpage
>
> it should work fine on debian and ubuntu and is written in lua.
>
> please test it and feedback, all feedback/rants/praise is welcome.
>
> startx
>
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly
More information about the scponly
mailing list