Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] SSH, SCP, JAIL and "You don't exist, go away!"
  • From: timo <timo.raty@xxxxxxxxxx>
  • Date: Thu, 4 Sep 2003 08:02:08 +0300
  • Message-id: <200309040802.08471.timo.raty@xxxxxxxxxx>
On Wednesday 03 September 2003 11:38 pm, Peter Wiersig wrote:
> Duncan Carter wrote:
> > I'm thinking that it requires a verification program that I don't
> > have installed in the chroot. Am I right/wrong?
>
> Yes, you're right. Does /etc/passwd and /etc/shadow exist in the
> chroot-Environment? It sound like they don't.

I understood that he (Duncan) had these (copied?) in(to) the chrooted
environment. I think these questions/answer point to the right direction
but there is probably some piece of executable not working/found.

Depending on where your system is connected you might try to duplicate
at least the /bin directory contents in the chrooted environment. If it does
not start working add more standard stuff from the non-chrooted environment.
If it starts working this way you know that it is some executable (such as
/bin/login, /bin/bash, /sbin/mingetty etc) or config from /etc. THEN be sure
to remove stuff so that you only have the absolutely necessary remaining
AND you understand what and why it is there (under the chroot environment).

NOTE that this is really bad advice if you can not do this in a secure place,
putting too much stuff under the chroot environment probably more or less
sacrifies its purpose (the security).

guessing,

timo


< Previous Next >
Follow Ups