[Jailkit-users] Jailkit confusion

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jailkit-users] Jailkit confusion

From:	Paul Mitchell
Subject:	[Jailkit-users] Jailkit confusion
Date:	Fri, 23 Oct 2009 15:42:22 -0400 (EDT)
User-agent:	Alpine 2.00 (LRH 1167 2008-08-23)

Hello,
 I'm trying to move a user into jailkit, restricted to sftp connections.

I've actually moved myself in as a test case, and from another server

I can sftp sucessfully (note I'm running command line sftp on a Solarisclient to reach my server with jailkit, which is redhat linux):


-bash-3.00$ sftp elndz01m
Connecting to elndz01m...
The authenticity of host 'elndz01m
RSA key fingerprint is
Are you sure you want to continue connecting (yes/no)? yes

Failed to add the host to the list of known hosts(/export/home/pmitchel/.ssh/known_hosts).


address@hidden's password:
sftp> ls
.
..
.bash_history
pmitchel
sftp>

My entry in the /etc/passwd file is:

pmitchel:x:11xxx:11xxx:PaulMitchell:/home/jail/./home/pmitchel:/usr/sbin/jk_chrootsh


(note: I x'd out a few numbers for paranoidal sake!^)

Here's the user I'm trying to ge in:

grep faxian /etc/passwd

faxian:x:16xxxx:16xxxx:FaxianYang:/home/jail/./home/faxian:/usr/sbin/jk_chrootsh


my /etc/jailkit/jk_lsh.ini looks like:
 cat /etc/jailkit/jk_lsh.ini
## example for a user
[DEFAULT]
paths= /usr/lib/
executables= /usr/lib/sftp-server
allow_word_expansion = 0
umask = 002
#
## example for a user
[faxian]
paths= /usr/lib/
executables= /usr/lib/sftp-server
allow_word_expansion = 0
umask = 002

## example for a user
[pmitchel]
paths= /usr/lib/
executables= /usr/lib/sftp-server
allow_word_expansion = 0
umask = 002
#
##example for a group, there should be only 1 space inbetween the words!
#[group users]
#paths = /usr/bin
#executables = /usr/bin/cvs
#allow_word_expansion = 0
#environment= HELIX_PATH=/opt/RealPlayer/, TMP=/tmp/

[group admission]
paths= /usr/bin, /usr/lib/

executables= /usr/bin/scp, /usr/lib/sftp-server,/usr/lib/openssh/sftp-server, /usr/libexec/sftp-server

address@hidden jailkit]#

Curiously, I get the following errors:

Oct 21 14:34:14 elndz01m rpc.idmapd[8656]: nss_getpwnam: name'address@hidden' does not map into domain 'localdomain'Oct 21 15:25:50 elndz01m jk_chrootsh[30657]: now entering jail /home/jailfor user faxian (164890)Oct 21 15:48:09 elndz01m jk_chrootsh[30715]: now entering jail /home/jailfor user faxian (164890)Oct 21 15:48:18 elndz01m jk_chrootsh[30723]: now entering jail /home/jailfor user faxian (164890)Oct 22 11:23:59 elndz01m jk_chrootsh[2090]: now entering jail /home/jailfor user faxian (164890)Oct 22 11:25:09 elndz01m jk_chrootsh[2100]: now entering jail /home/jailfor user faxian (164890)Oct 23 12:02:27 elndz01m jk_chrootsh[6948]: now entering jail /home/jailfor user faxian (164890)Oct 23 12:03:00 elndz01m jk_chrootsh[6958]: now entering jail /home/jailfor user faxian (164890)Oct 23 12:03:37 elndz01m jk_chrootsh[6969]: now entering jail /home/jailfor user faxian (164890)Oct 23 12:07:30 elndz01m jk_chrootsh[7049]: now entering jail /home/jailfor user faxian (164890)Oct 23 16:07:30 elndz01m jk_lsh[7049]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 13:42:03 elndz01m jk_chrootsh[7472]: now entering jail /home/jailfor user faxian (164890)Oct 23 17:42:03 elndz01m jk_lsh[7472]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 13:42:39 elndz01m jk_chrootsh[7480]: now entering jail /home/jailfor user faxian (164890)Oct 23 17:42:39 elndz01m jk_lsh[7480]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 13:43:54 elndz01m jk_chrootsh[7490]: now entering jail /home/jailfor user faxian (164890)Oct 23 17:43:54 elndz01m jk_lsh[7490]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 13:45:21 elndz01m jk_chrootsh[7502]: now entering jail /home/jailfor user faxian (164890)Oct 23 17:45:21 elndz01m jk_lsh[7502]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 14:20:29 elndz01m jk_chrootsh[7617]: now entering jail /home/jailfor user faxian (164890)Oct 23 18:20:29 elndz01m jk_lsh[7617]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 14:21:14 elndz01m jk_chrootsh[7628]: now entering jail /home/jailfor user faxian (164890)Oct 23 18:21:14 elndz01m jk_lsh[7628]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.iniOct 23 15:08:08 elndz01m jk_chrootsh[7833]: now entering jail /home/jailfor user faxian (164890)Oct 23 19:08:08 elndz01m jk_lsh[7833]: did neither find a section'faxian', nor 'group faxian' nor 'DEFAULT' in configfile/etc/jailkit/jk_lsh.ini


I'm confused, I have both a DEFAULT and faxian entry in the file.

Any ideas?

Thanks,

Paul Mitchell

==============================================================================
        Paul Mitchell
        Enterprise Systems
        email: address@hidden
        NOTE: new location: 440 Franklin, cubby 1213
        NOTE: new desk phone: 919 962-2521 (Is here!^)
==============================================================================

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] ERROR: failed to execute shel, Martin Fuxa, 2009/10/22
- Re: [Jailkit-users] ERROR: failed to execute shel, Olivier Sessink, 2009/10/23
  - [Jailkit-users] Jailkit confusion, Paul Mitchell <=
    - Re: [Jailkit-users] Jailkit confusion, Paul Mitchell, 2009/10/23
- [Jailkit-users] Re: ERROR: failed to execute shel - SOLVED, Martin Fuxa, 2009/10/26

Prev by Date: Re: [Jailkit-users] ERROR: failed to execute shel
Next by Date: Re: [Jailkit-users] Jailkit confusion
Previous by thread: Re: [Jailkit-users] ERROR: failed to execute shel
Next by thread: Re: [Jailkit-users] Jailkit confusion
Index(es):
- Date
- Thread