|
From: | Daniel Lo Nigro |
Subject: | Re: [Jailkit-users] `git clone` allowing access to files outside chroot |
Date: | Fri, 12 Jul 2013 08:37:33 +1000 |
The issue is with the way you are using the SSH command. It's trying to ssh in as 'daniel', not as the test user (unless you've set that up in your ssh config). I'm guessing 'daniel' isn't jailed, where the 'test' user is.-ChrisOn Thu, Jul 11, 2013 at 9:41 AM, Daniel Lo Nigro <address@hidden> wrote:
_______________________________________________Hello!Firstly, thanks for Jailkit. I stumbled on it while searching for how to create a chroot jail. Wish I had found it earlier, it's a very handy tool!I'm using Debian Testing. Here's what I've done for my setup:jk_init -v -j /home/jail basicshell editors extendedshell netutils ssh sftp scp git
jk_jailuser -m -j /home/jail/ -s /bin/bash testConnecting via SSH and SFTP are both fine, and the user is jailed as expected. There is a Git repository at /home/test/git/example in the jail. When I try to clone this Git repository, it fails:address@hidden:/tmp$ git clone ssh://example.com/home/test/git/example .Cloning into '.'...fatal: '/home/test/git/example' does not appear to be a git repositoryfatal: Could not read from remote repository.Please make sure you have the correct access rights and the repository exists.However, if I use the full path (/home/jail/...), it works:address@hidden:/tmp$ git clone ssh://example.com/home/jail/home/test/git/example .Cloning into '.'...remote: Counting objects: 6, done.remote: Compressing objects: 100% (2/2), done.remote: Total 6 (delta 0), reused 0 (delta 0)Receiving objects: 100% (6/6), done.This leads me to believe that Git isn't being jailed for some reason. Any ideas on how to fix my configuration so that SSH login shells and SFTP are jailed, and Git is also jailed?Thanks!
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users
--
Chris Tankersley
http://ctankersley.com
_______________________________________________
Jailkit-users mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/jailkit-users
[Prev in Thread] | Current Thread | [Next in Thread] |