2010-07-29 17:42:25 |
Rafal-maj-it |
description |
scponlyc does not work (can not build chroot for it)
Don't know workarounds for scponlyc, other then using INSECURE scponly mod - therefore marking this as security bug.
Trying to follow say:
http://ubuntuforums.org/showthread.php?t=451510
scponlyc (the CHROOTED version of scponly) does not work on new user, its needed to build dir for chroot.
Using the described script does not work:
cd /usr/share/doc/scponly/setup_chroot
sudo gunzip setup_chroot.sh.gz
that script complains that scponlyc is not setup (while it IS set up correctly with that YES option
after skipping that warning, all is created, but it does not work
it can not find the lib
running: /usr/lib/sftp-server
failed: /usr/lib/sftp-server with error No such file or directory(2)
copying that /usr/lib/sftp-server into chroot is not sufficient to fix this.
So I assume the make-chroot-script is not valid there.
Then it should be removed or upgraded.
Don't know workarounds for scponlyc, other then using INSECURE scponly mod - therefore marking this as security bug.
Or for using sftp from ssh (will that work?) and not using scponly at all (but then, is it as good solution?) |
scponlyc does not work (can not build chroot for it)
Don't know workarounds for scponlyc, other then using INSECURE scponly mode - therefore marking this as security bug.
scponly 4.8-4 on Ubuntu Lucid 64bit
Trying to follow say:
http://ubuntuforums.org/showthread.php?t=451510
scponlyc (the CHROOTED version of scponly) does not work on new user, its needed to build dir for chroot.
Using the described script does not work:
cd /usr/share/doc/scponly/setup_chroot
sudo gunzip setup_chroot.sh.gz
that script complains that scponlyc is not setup (while it IS set up correctly with that YES option
after skipping that warning, all is created, but it does not work
it can not find the lib
running: /usr/lib/sftp-server
failed: /usr/lib/sftp-server with error No such file or directory(2)
copying that /usr/lib/sftp-server into chroot is not sufficient to fix this.
So I assume the make-chroot-script is not valid there.
Then it should be removed or upgraded.
Don't know workarounds for scponlyc, other then using INSECURE scponly mod - therefore marking this as security bug.
Or for using sftp from ssh (will that work?) and not using scponly at all (but then, is it as good solution?)
|
|