BSD Help
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
User Name:
Password:
Remember me
Go Back   Dev Shed ForumsOperating SystemsBSD Help
Reload this Page

problem: scp with chrooted user

Discuss problem: scp with chrooted user in the BSD Help forum on Dev Shed.
problem: scp with chrooted user BSD Help forum discussing all BSD based operating systems including FreeBSD, OpenBSD, NetBSD, and more. BSD refers to the distribution of UNIX originally developed by the University of California at Berkeley.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread Dev Shed Forums Sponsor:
  #1  
Old May 11th, 2004, 06:40 PM
hudo hudo is offline
Contributing User
Dev Shed Newbie (0 - 499 posts)
  
Join Date: Sep 2003
Posts: 97 hudo User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 2 h 23 m 19 sec
Reputation Power: 6
problem: scp with chrooted user
Hello,

I have chrooted a normal user (with login right) and like to use scp.
Login works quite well with ssh, some programm like vi work also,
just scp isn't working
(and whoami answers with:
/usr/bin/whoami[5]: /usr/bin/id: restricted )

I use a script for chrooting:
--------------------------------
#!/bin/bash
sudo chroot /home/udo /bin/bash
--------------------------------

I copied (at the beginning) the whole /etc tree into the chrooted
environment: /home/udo/etc

/home/udo/bin/ exists (with bash)
/home/udo/root/.ssh exists
/home/udo/tmp exists

/home/udo/var:
drwxr-xr-x 6 root wheel 512 May 7 09:03 ./
drwxr-xr-x 12 udo udo 512 May 11 22:29 ../
drwxr-xr-x 3 root wheel 512 Mar 29 2003 empty/
drwxr-xr-x 2 root wheel 512 May 7 09:05 mail/
drwxr-xr-x 2 root wheel 512 May 7 09:37 run/
drwxr-xr-x 3 root wheel 512 May 6 19:20 tmp/

/home/udo/usr/lib:
drwxr-xr-x 2 udo udo 512 May 6 19:39 ./
drwxr-xr-x 6 root wheel 512 May 6 19:41 ../
-r--r--r-- 1 root bin 132237 May 6 14:36 libasn1.so.3.0
-r--r--r-- 1 root bin 624001 May 6 14:36 libc.so.29.0
-r--r--r-- 1 root bin 1001279 May 6 14:36 libcrypto.so.9.0
-r--r--r-- 1 root bin 261165 May 6 14:36 libcurses.so.9.0
-r--r--r-- 1 root bin 42411 May 6 14:36 libdes.so.8.0
-r--r--r-- 1 root bin 12973 May 6 14:36 libkafs.so.11.0
-r--r--r-- 1 root bin 114456 May 6 14:36 libkrb.so.11.0
-r--r--r-- 1 root bin 256673 May 6 14:36 libkrb5.so.5.0
-r--r--r-- 1 root bin 55094 May 6 14:36 libz.so.2.0

/home/udo/usr/libexec:
drwxr-xr-x 2 root wheel 512 May 6 20:16 ./
drwxr-xr-x 6 root wheel 512 May 6 19:41 ../
-r-xr-xr-x 1 root bin 61440 May 6 14:36 ld.so*
-r-xr-xr-x 1 root bin 32768 May 6 19:37 sftp-server*
-r-xr-xr-x 1 root bin 131072 May 6 19:37 ssh-keysign*
-r-xr-xr-x 1 root bin 90112 May 6 20:16 telnetd*

/home/udo/usr/libdata:
drwxr-xr-x 3 root wheel 512 May 6 19:41 ./
drwxr-xr-x 6 root wheel 512 May 6 19:41 ../
drwxr-xr-x 2 root wheel 512 May 6 19:41 ssh/


/home/udo/dev:
drwxr-xr-x 2 root wheel 512 May 6 19:49 ./
drwxr-xr-x 12 udo udo 512 May 11 22:24 ../
crw-rw-rw- 1 root wheel 70, 0 May 6 19:49 crypto
crw-rw-rw- 1 root wheel 2, 2 May 6 14:38 null
crw-rw-rw- 1 root wheel 1, 0 May 6 14:39 tty
crw-rw---- 1 root wheel 8, 0 May 6 14:39 tty00
crw-rw---- 1 root wheel 8, 1 May 6 14:40 tty01
crw-rw---- 1 root wheel 8, 2 May 6 14:40 tty02
crw------- 1 root wheel 12, 0 May 6 14:40 ttyC0
crw------- 1 root wheel 12, 1 May 6 14:40 ttyC1
crw------- 1 root wheel 12, 2 May 6 14:40 ttyC2
crw-rw-rw- 1 root wheel 5, 0 May 6 14:41 ttyp0
crw-rw-rw- 1 root wheel 5, 1 May 6 14:41 ttyp1
crw-rw-rw- 1 root wheel 5, 2 May 6 14:41 ttyp2
crw-rw-rw- 1 root wheel 2, 12 May 6 14:38 zero


/home/udo/usr/bin:
drwxr-xr-x 2 root wheel 512 May 6 20:26 ./
drwxr-xr-x 6 root wheel 512 May 6 19:41 ../
-r-xr-xr-x 1 root bin 90112 May 6 14:35 cp*
-r-xr-xr-x 1 root bin 270336 May 6 14:35 csh*
-r-xr-xr-x 1 root bin 77824 May 6 19:22 df*
-r-xr-xr-x 1 root bin 8192 May 6 14:35 env*
-r-xr-xr-x 1 root bin 102400 May 6 14:35 ftp*
-r-xr-xr-x 1 root wheel 73728 May 6 20:26 grep*
-r-xr-xr-x 1 root bin 116 May 6 14:35 groups*
-r-xr-xr-x 1 root bin 12288 May 6 14:35 id*
-r-xr-xr-x 1 root bin 126976 May 6 19:09 kdump*
-r-xr-xr-x 1 root bin 73728 May 6 19:06 ktrace*
-r-xr-xr-x 1 root bin 73728 May 6 14:35 less*
-r-xr-xr-x 1 root bin 172032 May 6 14:35 ls*
-r-xr-xr-x 1 root bin 77824 May 6 14:35 mkdir*
-r-xr-xr-x 1 root bin 163840 May 6 14:35 mv*
-r-xr-xr-x 1 root bin 237568 May 6 14:35 ncftp*
-r-xr-xr-x 1 root bin 73728 May 6 14:35 pwd*
-r-xr-xr-x 1 root bin 163840 May 6 14:35 rm*
-r-xr-xr-x 1 root bin 69632 May 6 14:35 rmdir*
-r-xr-xr-x 1 root bin 32768 May 6 14:35 scp*
-r-xr-xr-x 1 root bin 315392 May 6 14:35 sh*
-r-xr-xr-x 1 root bin 221184 May 6 14:35 slogin*
-r-xr-xr-x 1 root bin 221184 May 6 14:35 ssh*
-r-xr-xr-x 1 root bin 16384 May 6 14:35 su*
-r-xr-xr-x 1 root bin 286720 May 6 14:35 vi*
-r-xr-xr-x 1 root bin 112 May 6 14:35 whoami*

Here is the output (extract) of

ktrace scp xyz udo@localhost:zzz
Host key verification failed.
lost connection

---------------------------------------------
19184 ktrace RET ktrace 0
19184 ktrace CALL execve(0xcfbfd640,0xcfbfdb3c,0xcfbfdb4c)
19184 ktrace NAMI "/usr/bin/scp"
19184 scp EMUL "native"
19184 scp RET execve 0
19184 scp CALL open(0x10e5,0,0)
19184 scp NAMI "/usr/libexec/ld.so"
19184 scp RET open 3
19184 scp CALL read(0x3,0xcfbfd9a4,0x20)
19184 scp GIO fd 3 read 32 bytes
"\M-@\M^F\^A\v\0\M-P\0\0\0 \0\0\0\0\0\0\0\0\0\0 \0\0\0\0\0\0\0\0\0\0\0"
19184 scp RET read 32/0x20
19184 scp CALL mmap(0,0xf000,0x5,0x2,0x3,0,0,0)
19184 scp RET mmap 1073778688/0x40009000
19184 scp CALL mmap(0x40016000,0x2000,0x7,0x12,0x3,0,0xd000,0)
19184 scp RET mmap 1073831936/0x40016000
19184 scp CALL issetugid
19184 scp RET issetugid 0
19184 scp CALL __sysctl(0xcfbfd814,0x2,0x40017a08,0xcfbfd810,0,0)
19184 scp RET __sysctl 0
19184 scp CALL mmap(0,0x8000,0x3,0x1004,0xffffffff,0,0,0)
19184 scp RET mmap 1073840128/0x40018000
19184 scp CALL open(0x4000ab74,0,0)
19184 scp NAMI "/var/run/ld.so.hints"
19184 scp RET open 4
19184 scp CALL mmap(0,0x1000,0x1,0x4,0x4,0,0,0)
19184 scp RET mmap 1073872896/0x40020000
19184 scp CALL open(0x400209a3,0,0)
19184 scp NAMI "/usr/lib/libc.so.29.0"
19184 scp RET open 5

__sysctl(0xcfbfd94c,0x2,0x400de6e8,0xcfbfd948,0,0)
19184 scp RET __sysctl 0
19184 scp CALL readlink(0x40068606,0xcfbfd8a4,0x3f)
19184 scp NAMI "/etc/malloc.conf"
19184 scp RET readlink -1 errno 2 No such file or directory
19184 scp CALL issetugid
19184 scp RET issetugid 0
19184 scp CALL mmap(0,0x1000,0x3,0x1002,0xffffffff,0,0,0)
19184 scp RET mmap 1073872896/0x40020000
19184 scp CALL break(0x870c)
19184 scp RET break 0
19184 scp CALL break(0x870c)
19184 scp RET break 0
19184 scp CALL break(0xa000)
19184 scp RET break 0
19184 scp CALL break(0xa000)
19184 scp RET break 0
19184 scp CALL break(0xb000)
19184 scp RET break 0
19184 scp CALL mmap(0,0x1000,0x3,0x1002,0xffffffff,0,0,0)
19184 scp RET mmap 1074655232/0x400df000
19184 scp CALL mprotect(0x400df000,0x1000,0x1)
19184 scp RET mprotect 0
19184 scp CALL mprotect(0x400df000,0x1000,0x3)
19184 scp RET mprotect 0
19184 scp CALL mprotect(0x400df000,0x1000,0x1)
19184 scp RET mprotect 0
19184 scp CALL break(0xb000)
19184 scp RET break 0
19184 scp CALL break(0xc000)
19184 scp RET break 0
19184 scp CALL getuid
19184 scp RET getuid 0
19184 scp CALL break(0xc000)
19184 scp RET break 0
19184 scp CALL break(0xd000)
19184 scp RET break 0
19184 scp CALL open(0x40059577,0,0)
19184 scp NAMI "/etc/spwd.db"
19184 scp RET open 3
19184 scp CALL fcntl(0x3,0x2,0x1)
19184 scp RET fcntl 0
19184 scp CALL fstat(0x3,0xcfbfd808)
19184 scp RET fstat 0
19184 scp CALL read(0x3,0xc000,0x104)
19184 scp GIO fd 3 read 260 bytes


19184 scp GIO fd 3 read 8 bytes

19184 scp RET pread 4096/0x1000
19184 scp CALL break(0x11000)
19184 scp RET break 0
19184 scp CALL break(0x12000)
19184 scp RET break 0
19184 scp CALL pread(0x3,0x11000,0x1000,0,0x4000,0)
19184 scp GIO fd 3 read 4088 bytes


19184 scp GIO fd 3 read 8 bytes
"\0\0\0001sshd"
19184 scp RET pread 4096/0x1000
19184 scp CALL close(0x3)
19184 scp RET close 0
19184 scp CALL ioctl(0x2,TIOCGETA,0xcfbfd928)
19184 scp RET ioctl 0
19184 scp CALL sigaction(0xd,0xcfbfd94c,0xcfbfd940)
19184 scp RET sigaction 0
19184 scp CALL pipe(0xcfbfd8e0)
19184 scp RET pipe 0
19184 scp CALL pipe(0xcfbfd8d8)
19184 scp RET pipe 0
19184 scp CALL pipe(0xcfbfd8d0)
19184 scp RET pipe 0
19184 scp CALL close(0x3)
19184 scp RET close 0
19184 scp CALL close(0x4)
19184 scp RET close 0
19184 scp CALL fork
19184 scp RET fork 25836/0x64ec
19184 scp CALL close(0x5)
19184 scp RET close 0
19184 scp CALL close(0x8)
19184 scp RET close 0
19184 scp CALL read(0x7,0xcfbfd113,0x1)
19184 scp RET read 0
19184 scp CALL write(0x2,0x44d7,0x10)
19184 scp GIO fd 2 wrote 16 bytes
"lost connection
"
19184 scp RET write 16/0x10
19184 scp CALL munmap(0x400df000,0x1000)
19184 scp RET munmap 0
19184 scp CALL exit(0x1)
-------------------------------------------------------

/etc/malloc.conf does not exist in /etc but scp seems to work without this file, if scp is used outside the chrooted environment.

Please help
Reply With Quote
Reply

Viewing: Dev Shed ForumsOperating SystemsBSD Help > problem: scp with chrooted user

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 3 hosted by Hostway
Stay green...Green IT