[scponly] not chrooting from script
Lars Hermerschmidt
lars.hermerschmidt at ias.rwth-aachen.de
Sun Dec 18 10:31:55 EST 2005
Lupe Christoph schrieb:
> On Friday, 2005-12-16 at 09:02:33 +0100, Lars Hermerschmidt wrote:
>
>
>>i use the debian scponlyc package 4.0-1 and also tried the one from
>>testing release (forgot the version) and both show a quite ugly
>>behaviour when i call scponlyc from a script that i wrote as login
>>shell. My perl script presents a menu to users who log in through ssh
>>and if the user tries to execute a command it simply passes it to
>>scponlyc like this:
>> system("/usr/sbin/scponlyc -c \"$args\"");
>>BUT scponlyc did no chroot and the logging don't realy told me why. So i
>>tried around and finaly found that with
>> system("export PATH=\$PATH:/usr/sbin; scponlyc -c \"$args\"");
>>scponly does chroot.
>
>
>>To me this sounds like a bug.
>
>
> The bug is that scponlyc is a very peculiar kind of shell. One that does
> not work like a sheel, but only like a login shell.
So its not written for things i'm using it for?
>
>
>>When i use scponly directly as login shell and do a ssh login i got no
>>real sensful information. Wouldn't it be nice to give the admin a chance
>>to put a menu there like i did?
>
>
> Actually, no. What would scp, sftp, rsync et al do with your menu?
Nothing, the menu is only presented if the user logs in without the -c
parameter. If someone uses scp for example scponly is called like this:
scponly -c scp -k /dir/where/file/goes/to
So they woulned interfere.
>
> Lupe Christoph
greetings Lars
More information about the scponly
mailing list