Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [chroot]

A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children.

413 questions
1
vote
1 answer

chroot not able to start service - not found. What is missing?

I would like to run a service inside a chroot in a NetBSD 9.1 amd64 system. The service runs if invoked from OS. The service in question is dendrite-monolith-server. I just copied the file for ease of use to start sitting inside the chroot in…
Luis
  • 283
  • 5
  • 10
1
vote
0 answers

Annoying sftp chroot again (Ubuntu 20.04)

I think I understand all of the moving parts of not allowing a chrooted user over sftp to write to their own home directory (/home/username), but instead to write to an enclosed directory (/home/username/hooray). I also understand that I can then…
user603157
  • 11
  • 1
1
vote
2 answers

OpenSSH + Active Directory: allow sftp for a group while disallowing everyone else

My objective is to allow a given Active Directory group members to use OpenSSH SFTP in chroot, and deny access to SSH for them and all others that aren't members of that group, while still allowing local (non-AD) system accounts. I've already…
Daichi42
  • 55
  • 1
  • 2
  • 6
1
vote
1 answer

Performing an OpenSCAP Remediation via a chroot session -- "Can't perform remediation in offline mode" Error

I am attempting to perform an OpenSCAP remediation through a chroot session. My command is structured as follows: oscap-chroot /mnt/chroot_fs \ xccdf eval \ --remediate \ --results results.xml \ --report report.html…
TJ Zimmerman
  • 251
  • 6
  • 18
1
vote
0 answers

Install Linux on a second disk from an already running Linux (RHEL 7.8) instance

I am trying to mount a second disk on a running Linux (RHEL 7.8) AWS instance, install a customized bootable Linux environment to it, and then change that disk to an AMI so we can boot new Linux instances from it. Since this is in the cloud, I don't…
ALittleStitiousPuppet
  • 11
  • 1
1
vote
1 answer

How to specify user home in sshd config?

I have my sftp users chrooted into /var/www and I would like for them to be automatically moved into their directory. I found this answer which helped me a lot: Chroot SFTP - Possible to allow user to write to current (chroot) directory. But I want…
leonheess
  • 144
  • 3
  • 12
1
vote
1 answer

PHP-FPM chroot - one pool for all nginx virtualhosts

Now we have multiple virtualhots (nginx) under one php-fpm pool. We would like to use it same way with chroot. Chroot directive is absolute path /var/www, but chdir should be /[domain]/httpdocs Is it possible to pass some variable (for example…
andrew
  • 285
  • 1
  • 2
  • 10
0
votes
0 answers

Running docker from within a chroot

I am trying to build a distro for RaspberryPi which ships with an aarch64 chroot running docker. For this to work, I need docker to run within a chroot. I am basing of rasbian, which is distributed only in arm32v7. I have gotten as far as starting…
GuySoft
  • 435
  • 1
  • 4
  • 12
0
votes
1 answer

Why does internal-sftp verbose logging not include rename, move and delete operations?

I have configured a CentOS 7.7 installation to use the internal-sftp subsystem and to chroot a specific user in to a particular folder. I want to enable logging, so I configured sshd like this: Subsystem sftp internal-sftp Match User username …
jamieburchell
  • 135
  • 1
  • 7
0
votes
0 answers

Allow SCP/SSH to a chrooted environment only?

Is there a way to do this without installing a package like rssh or scponly, as they seem woefully out of date and full of security problems? Is there any newer tool I could use? ssh is an optional requirement, just being able to scp would be good…
Paul
  • 253
  • 3
  • 8
0
votes
1 answer

Execute half of the %post section of a kickstart in a nochroot environment and the other half in a chroot environment

I am trying to execute a script that performs certain security configurations on my recently installed system. Much of the script refers to files starting with / as the base directory which presents a problem as copying the script from my isolinux…
peachykeen
  • 115
  • 1
  • 5
0
votes
1 answer

LocalForwarding on a SSH connection from my desktop client to a CHROOTED user in an LXD container

I currently have a proxified web host setup for local development, yet I'm trying to make it a proper (documented) setup so I can deploy it on practically any VPS hosting. Currently everything else but the chrooted user setup is working. Apache…
Elias
  • 1
  • 2
0
votes
0 answers

Issue Hardlink/Junction not working when chroot all users to c:/share dir in Windows OpenSSH Server 2019

Issue Hardlink/Junction not working when chroot all users to c:/share dir in Windows OpenSSH Server 2019. Link Created mklink /d E "E:" mklink /d F "F:" Entry in sshd_config file ChrootDirectory c:/share Now When I connect to my Server via SCP using…
user524121
  • 1
0
votes
2 answers

Publish network services using Systemd machinectl

TL;DR: How to expose network services to the host through machinectl/nspawn containers? I'm trying to make things perfectfor my setup, i.e. installing my services in separated chroot instances. To start them, I want to comply with SystemD…
moutonjr
  • 498
  • 5
  • 10
0
votes
2 answers

vsftpd with chroot_local_user requires client certificate

When setting up my FTPS server I want to enable chroot_local_user. When disabled everything works fine. If I enable this however, WinSCP fails to connect and claims I need a client certificate to connect. Filezilla fails outright. If I explicitly…
ThaChillera
  • 35
  • 1
  • 7
1 2 3
27 28