[scponly] Chrooting scponly in Gentoo

Paul Hyder Paul.Hyder at noaa.gov
Thu Mar 9 12:18:34 EST 2006 

The message means that the jailed home directory is not owned by root.
The home directory has to be owned by root and be write restricted.
If incoming transfers are permitted, there should be a writeable
sub directory or mounted directory for the user to use.
    Paul Hyder
    NOAA Earth System Research Laboratory, Global Systems Division
    Boulder, CO

TSD Techs wrote:
> Hello,
> 
> I am confused as to how I am supposed to chroot my users into their home 
> directories when using scponly.
> 
> I am using Gentoo and have tried using scponly 4.3 and 4.6. I am able to log 
> in fine using non-chrooted scponly, but am having problems using chrooted 
> scponly, I get the below error in /var/log/messages
> 
> Mar  8 11:03:34 www sshd[8796]: Accepted password for testuser from 
> xx.xxx.xx.xx port 4564 ssh2
> Mar  8 11:03:34 www sshd[8811]: subsystem request for sftp
> Mar  8 11:03:34 www scponly[8812]: chroot dir not owned by 
> root: /home/testuser
> 
>>From what I can tell I may need to setup a chroot jail and change permissions 
> on the users home directory? I am a little confused by this. I have read 
> through the building jails text file and it doesn't look like that is the 
> cause of hte permission problem (although it may be the next problem once I 
> get past this one). I have also tried running the setup_chroot.sh file and I 
> get this output:
> 
> grep: config.h: No such file or directory
> 
> your scponly build is not configured for chrooted operation.
> please reconfigure as follows, then rebuild and reinstall:
> 
> ./configure --enable-chrooted-binary (... other options)
> 
> However the --enable-chrooted-binary option was run when I compiled scponly, 
> and the binary exists and it does allow me to start logging in but kicks out 
> the permission error.
> 
> I can't seem to find anything regarding how to deal with this permissions 
> issue. Could someone please point me in the right direction?
> 
> Thanks!
> 
> 
> 
> _______________________________________________
> scponly mailing list
> scponly at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/scponly

More information about the scponly mailing list