[scponly] unable to rsync with rsync-enabled scponlyc - even without -e ssh

Thu Oct 27 18:15:56 EDT 2005

user wrote:
> Hello,
> 
> On Thu, 27 Oct 2005, Paul Hyder wrote:
> 
> 
>>>So, I am back to square one ... basically, I can't rsync to a scponlyc
>>>shell user.
>>>
>>>Thanks for any comments or help.
>>
>>Have you tried turning on the debug syslog output to get more detail of
>>what scponly is doing?  (Changing the value in the debuglevel file to 1,
>>it's usually in /usr/local/etc/scponly unless your install is relocated.)
> 
> 
> 
> Here is what I have - on the client side:
> 
> #rsync -av ./ssher good at ufs2:/good
> Password:
> rsync: connection unexpectedly closed (0 bytes received so far) [sender]
> rsync error: error in rsync protocol data stream (code 12) at io.c(365)
> 
> and on the server side:
> 
> # cat /var/log/debug.log 
> Oct 27 15:43:07 ufs2 [10155]: 3 arguments in total.
> Oct 27 15:43:07 ufs2 [10155]:   arg 0 is scponlyc
> Oct 27 15:43:07 ufs2 [10155]:   arg 1 is -c
> Oct 27 15:43:07 ufs2 [10155]:   arg 2 is rsync --server -vlogDtpr . /good
> Oct 27 15:43:07 ufs2 [10155]: opened log at LOG_AUTHPRIV, opts 0x00000009
> Oct 27 15:43:07 ufs2 [10155]: retrieved home directory of "/home" for user
> "good"
> Oct 27 15:43:07 ufs2 [10155]: chrooting to dir: "/home"
> Oct 27 15:43:07 ufs2 [10155]: setting uid to 1002
> Oct 27 15:43:07 ufs2 [10155]: processing request: "rsync --server
> -vlogDtpr . /good"
> 
> 
> and that's it.  The debug does not seem to indicate any problems.  Also,
> to rule out permission problems, I chmodded /home/good to 0777 prior to
> this test.
> 
> So it chroots to /home, and tries to put the file in /good - which is all
> correct ... it just bombs out.  Both systems (client and server) are
> identical installs of FreeBSD, with identical rsync installs.
> 
> Also, as you know from previous emails, scp works fine:
> 
> On the client side:
> 
> #scp ./zero good at ufs2:/good
> 
> And on the server:
> 
> Oct 27 15:49:44 ufs2 [10183]: 3 arguments in total.
> Oct 27 15:49:44 ufs2 [10183]:   arg 0 is scponlyc
> Oct 27 15:49:44 ufs2 [10183]:   arg 1 is -c
> Oct 27 15:49:44 ufs2 [10183]:   arg 2 is scp -t /good
> Oct 27 15:49:44 ufs2 [10183]: opened log at LOG_AUTHPRIV, opts 0x00000009
> Oct 27 15:49:44 ufs2 [10183]: retrieved home directory of "/home" for user
> "good"
> Oct 27 15:49:44 ufs2 [10183]: chrooting to dir: "/home"
> Oct 27 15:49:44 ufs2 [10183]: setting uid to 1002
> Oct 27 15:49:44 ufs2 [10183]: processing request: "scp -t /good"
> 
> 
> Thanks.
> 

Couple of things to check, there should have been a "running" message
but it is a LOG_INFO in syslog and would be there even without the
debuglevel set.  Do you see that?  There might also be a LOG_ERR
failed message that could also have gone to another file.  You should
at least have the "running" message.
    Paul Hyder

FYI: This is starting to sound like a jail that is very close but
missing something.