[scponly] Cannot login after upgrade to 4.2 on FreeBSD 6.0
Hideyuki KURASHINA
rushani at bl.mmtr.or.jp
Tue Dec 27 11:57:40 EST 2005
Joe,
>>> On Wed, 28 Dec 2005 00:43:20 +0900 (JST), Hideyuki KURASHINA <rushani at bl.mmtr.or.jp> said:
> I confirmed scp, sftp, WinSCP (both SCP and SFTP mode) work if chroot
> is not enabled. If chroot enabled, /var/log/auth.log says
>
> Dec 28 00:07:39 tpx40 scponly[7786]: chroot dir writable by group/other: /home/scponly
>
> while the directory actually not writable by group & other as follows.
>
> # ls -ld /home/scponly
> drwxr-xr-x 8 root wheel 512 Dec 28 00:05 /home/scponly/
To make scponly (chroot enabled) work, following patch needed?
--- scponly.c.orig Thu Dec 22 08:12:22 2005
+++ scponly.c Wed Dec 28 01:51:26 2005
@@ -257,7 +257,7 @@
syslog (LOG_ERR, "chroot dir not owned by root: %s", chrootdir);
exit(EXIT_FAILURE);
}
- if (0 != (homedirstat.st_mode | (S_IWOTH & S_IWGRP)))
+ if (0 == (homedirstat.st_mode | (S_IWOTH & S_IWGRP)))
{
syslog (LOG_ERR, "chroot dir writable by group/other: %s", chrootdir);
exit(EXIT_FAILURE);
Hope this hepls,
-- rushani
More information about the scponly
mailing list