[scponly] Chroot on Mac Os X
nicola moretti
moretti at personal-system.com
Tue Feb 15 06:33:35 EST 2005
I'm using scponly for "read only" chrooted sftp, so you may need
something more than my setup (scponly, at least), but anyway...
This is what works for me (Mac OS X 10.3):
/System/Library/Frameworks/ApplicationServices.framework
/System/Library/Frameworks/CoreFoundation.framework
/System/Library/Frameworks/CoreServices.framework
/System/Library/Frameworks/IOKit.framework
/System/Library/Frameworks/Kerberos.framework
/System/Library/Frameworks/Security.framework
/System/Library/Frameworks/SystemConfiguration.framework
/System/Library/PrivateFrameworks/Bom.framework
/System/Library/PrivateFrameworks/DiskArbitration.framework
(The "*_profile" and "*_debug" libraries inside the frameworks are not
needed, so you may want to delete all of them; also, the "Headers"
folders are unnecessary too.)
/usr/lib/dyld
/usr/lib/libbsm.dylib
/usr/lib/libcrypto.0.9.7.dylib
/usr/lib/libicucore.A.dylib
/usr/lib/libcups.2.dylib
/usr/lib/libncurses.5.dylib
/usr/lib/libssl.0.9.7.dylib
/usr/lib/libSystem.B.dylib
/usr/lib/libresolv.9.dylib
/usr/lib/libz.1.dylib
/usr/lib/system/libmathCommon.A.dylib
/usr/libexec/sftp-server
/usr/local/sbin/scponlyc
(AFAIK, you don't need scp)
/bin/echo
/bin/ls
(not so sure about these last ones...)
And a hint: if/when you have a crash because of missing libs, keep an
eye on the logs and use 'otool -l' on the "offending" element to see
what it needs.
hope this helps
nicola
Il giorno 15/feb/05, alle 03:07, Valeriano Della Longa ha scritto:
> Hi, i'm tring to chroot scponly on my mac os x machine, but i've
> obtained poor results.
> Someone has did it here? And please tell me if i need to chroot
> sftp-server and scp too into the same jail dir of scponlyc.
> Thanks a lot.
More information about the scponly
mailing list