Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [chroot]

A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children.

413 questions
2
votes
2 answers

Apache Error Log - "Web Path" instead of Filesystem Path

I'm running Apache on Linux and I'm using OpenSSH to provide SFTP access to some customers so they can upload their pages and also look at their respective site logs (access & error). I'm using the new feature in OpenSSH to chroot their SFTP access…
Craconia
2
votes
2 answers

Is Chrooting apache/mysql/php a standard practice of securing web servers containing sensitive data?

Is Chrooting apache/mysql/php a standard practice of securing web servers containing sensitive data (is it necessary)?
Joshua Enfield
  • 3,454
  • 8
  • 42
  • 59
2
votes
1 answer

chroot'ing SSH home directories, shell problem

I am trying to chroot my SSH users to their home directories and it seems to work.. in a strange way. Here is what I have in my sshd_config: Match group restricthome ChrootDirectory %h The permissions on the user directories looks like…
Hamza
  • 153
  • 4
2
votes
2 answers

How to run tomcat6 on ubuntu as root?

I've got an existing software package that runs on Ubuntu that uses a chroot jail and so needs to be run as root. I want to exec this from a java web application running within Tomcat6 on Ubuntu, so presumably I have to run Tomcat6 as root instead…
Hawkeye
  • 2,699
  • 9
  • 30
  • 35
2
votes
2 answers

Is MySecureShell a good way to manage SFTP user with chroot on a Centos Server?

I need to setup my Centos 5.4 server for SFTP with chrooted access only (or equivalent). The regular solution using RSSH find here : http://www.cyberciti.biz/tips/howto-linux-unix-rssh-chroot-jail-setup.html seems over-killing to me if we want to…
benjisail
  • 1,331
  • 5
  • 19
  • 32
2
votes
1 answer

Is there an available repository to update OpenSSH to 4.8+ on Centos 5.4?

I need OpenSSH 4.8+ in order to do setup a clean chrooted SFTP on my Centos 5.4 with Remi and EPEL repositories. Is there a repository for Centos which contain an updated OpenSSH? Thanks! Extra info : I want OpenSSH 4.8+ in order to not install an…
benjisail
  • 1,331
  • 5
  • 19
  • 32
2
votes
2 answers

scponly worked but didn't chroot the home folder, the user can still browse the entire server

So I followed the "Chroot and Debian" tutorial in http://sublimation.org/scponly/wiki/index.php/FAQ Then when I log into user "upload" via ssh I have no access to the command line (this is what I wanted). But then when I SFTP into the upload user I…
Mint
  • 476
  • 2
  • 9
  • 23
2
votes
1 answer

Use netns to bind programs to specific IP addresses

I have an IP address on my server, say, 192.168.0.3, I want to share in a net namespace, so to run apps there which will only be able to communicate to the internet using that 192.168.0.3. I can "kind" of get it working with the macvlan device…
Avenger
  • 21
  • 2
2
votes
0 answers

Setting up virtual users with vsftpd

I'm trying to set up virtual users for an FTP server in a Linux box, but I'm not sure if the server I've picked up (vsftpd) can do what I need. My requirements are: The FTP accounts are inside a real Linux user's home directory, let's call it…
PaulJ
  • 151
  • 5
1
vote
0 answers

KSH/Bash History for jailed SSH users

How can I keep a history of activities for chroot'd SSH (not SFTP) users? I've tried: created a .sh_history in their home with the proper permissions created a custom $HISTFILE in .profile and in its jailed /etc/profile exported HISTFILE after…
Dumb admin
  • 127
  • 12
1
vote
1 answer

Restricting SFTP users (OpenSSH-based) to a custom port only

I understand that there have been tons of other threads on the Internet on allowing OpenSSH SFTP connections on a custom port. I've hit them, not all, but a lot. And have not been able to make it work in my specific case :) Here's what I've been…
Tung Nguyen
  • 113
  • 1
  • 4
1
vote
0 answers

How do I remove a kernel package from an image chroot if it's the kernel running on my build host?

I am trying to build a custom image using diskimage-builder, and amongst other things, that tool updates all the packages within the image to the latest version, including the kernel. It also uses package-cleanup to remove any old kernels. However,…
Drulgaard
  • 11
  • 1
1
vote
2 answers

Configure cron jobs for the chrooted user

I've configured chrooted SSH user on CentOS 7. Mounted /proc, /dev, /dev/pts to the user and installed required packages. And now I want to allow cron jobs for this user. How can I solve the task? Server: [root@localhost admin]# grep sftpuser…
kurgulus
  • 11
  • 2
1
vote
1 answer

Jailkit/Chroot - Allow Less and More

I have the need to add the LESS and MORE commands to a jailed-user. I've attempted the following and can't quite get it to work: # which less;which more /usr/bin/less /usr/bin/more Now that I know where the binaries are, I do the…
user2643864
  • 165
  • 1
  • 1
  • 4
1
vote
3 answers

RHEL 5.4 & Chrooted SFTP

According to release notes, RHEL 5.4 included an update to setup chrooted SFTP accounts natively. But from what I am seeing, it is all or nothing--This means that even root is chrooted if you go this route. Has anybody used this successfully? How…
Josh Brower
  • 1,669
  • 3
  • 18
  • 29
1 2 3
27 28