[scponly] Eroor Permission Denied(13)
Kaleb Pederson
kaleb.pederson at gmail.com
Thu Oct 18 22:56:55 EDT 2007
On Thursday 18 October 2007, Ed Bradley wrote:
[snip]
> Oct 18 12:35:11 linux57 scponly[9676]: running: /usr/local/bin/sftp-server
> (username: idscan(1004), IP/port: 172.16.0.40 33240 22)
> Oct 18 12:35:11 linux57 scponly[9676]: failed: /usr/local/bin/sftp-server
> with error Permission denied(13) (username: idscan(1004), IP/port:
> 172.16.0.40 33240 22)
>
> Now for some reason the scponly is returning a time 4 hours later then
> system time.
>
> The file that permission is denied for is /usr/local/bin/sftp-server
> which is outside the chroot, not the
> /home/scponly/idscan/usr/localbin/sftp-server/sftp-server.
The sftp-server that is within the chroot is the one that is executed by
scponly. It doesn't have any way to get to the other one once it has
chrooted, so that's the only one it can get to.
You'll want to make sure that the user account has full permissions up through
the path to that file and that the filesystem that it's on is not mounted
noexec (although it's good to have the users files on a filesystem mounted
noexec).
--Kaleb
More information about the scponly
mailing list