http://bugzilla.novell.com/show_bug.cgi?id=518238
User anicka@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=518238#c1
Anna Bernathova changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |CLOSED
Resolution| |INVALID
--- Comment #1 from Anna Bernathova 2009-08-17 11:10:48 MDT ---
I believe that our wiki is wrong: The chroot directory IMHO does not have to be
owned by root. Just skip the "chown root.root /home/$USERNAME;" and all goes
fine. (You should also use ie. ChrootDirectory /home/%u instead of %h because
the string substituted for %h is got from by getpwnam() and this function gets
it from /etc/passwd, so you will end up in "/" instead of home.)
I cannot find any security reason for making root owner of the chroot directory
- while "/" is written in passwd and so you have no way to force system daemons
to run your binaries, all should be OK.
I will consult it with other people to make sure I am not wrong and if not, I
will fix the wiki entry. But I think you can safely follow my advice.
As this is a matter of permission settings, not an openssh bug, I am closing
this as invalid.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
