Highest Voted 'chroot' Questions - Server Fault Stack Exchange

13

votes

1 answer

Why use lxc instead of chroot?

One ubuntu server hosts 3 apps all on separate domains. Each app has its own developers. App developers belong to linux "sftp" group. chroot allows password sftp access for each app developer. /home/app1/prod /home/app2/prod /home/app3/prod In…

asked Oct 03 '13 at 16:24

csi

1,555
7
23
42

12

votes

4 answers

Why running named(bind) in chroot is so important for security? Or maybe it is not?

I'm playing with bind and started wondering why this software is, for example, in CentOS running in chroot. Don't misunderstand me, I know what bind is and what chroot (jail) is for. But my main question is that is bind running whithout chroot so…

linux security bind chroot

asked Dec 05 '13 at 14:27

B14D3

5,188
15
64
83

11

votes

4 answers

Unmounting root filesystem without rebooting the server

I have a server that I can access through SSH. There is no KVM available and there's only one root partition for the whole server. I have deleted some files that I shouldn't have and want to recover them with extundelete (…

linux chroot

asked Aug 13 '11 at 13:53

Thomas Wang

324
1
3
9

10

votes

3 answers

RedHat: is it possible to install packages in a kind of mock environment to build RPMs

Is there a tool that allows to install the dependecies of an RPM .spec into an isolated environment? I won't install such dependencies globally on the system and I am not able to do so since I have not root privileges. The reason I want to build a…

linux chroot rhel6 rpm

asked Jan 04 '13 at 20:16

try-catch-finally

204
4
15

9

votes

4 answers

When is it appropriate / prudent to use chroot?

I hear about needing to chroot BIND all the time. Fair enough. But what about other programs? What are the "rules" (either personal or widely accepted/established) for deciding which programs should be jailed? -M

linux chroot security

asked Dec 23 '09 at 23:24

Mike B

11,871
42
107
168

9

votes

3 answers

Chroot SFTP - Possible to allow user to write to current (chroot) directory

I currently have a WORKING SFTP login, using a private key for login and the user is chroot'ed into their home directory. Goal: Keep the user chroot but allow WRITE access to the relative chroot directory, without having to specific any path or cd…

linux ssh sftp chroot

asked May 04 '18 at 18:47

emmdee

2,187
12
36
60

9

votes

1 answer

How to disallow the Docker Daemon to mount host's root file system into the container

I have the following Container Setup. On a bare metal server two Docker Daemons are installed and running. Main Docker Daemon Runs my application containers exposing 80/443 to the outside world. Plugin Docker Daemon Runs some containers provided…

linux docker selinux chroot apparmor

asked Oct 03 '16 at 16:03

Vad1mo

268
2
15

9

votes

5 answers

How secure is SSH ForceCommand on a jump host?

I have the following setup in my network: Internet <--> Bastion <--> Local Network I have several users and each user is assigned to a specific machine. Or in other words: Each user must have only access to one of those servers. E.g.: User1 -->…

ssh chroot

asked Oct 26 '14 at 17:56

Dr.Elch

191
1
1
3

9

votes

1 answer

Why is chroot system call not available to non root user?

I was reading description about setuid on wikipedia http://en.wikipedia.org/wiki/Setuid I was unable to understand how chroot is related to setuid as mention in following paragraph from wikipedia The presence of setuid executables explains why the…

chroot setuid

asked Apr 17 '14 at 07:35

Mr Coder

195
1
8

9

votes

4 answers

Webserver: chrooted PHP gives mysql.sock error when attempting to reach mysql

I have configured an Ubuntu webserver with Nginx + PHP5-FPM. I have created a chrooted environment (using jailkit) that I'm tossing my developers into, from where they can develop their test applications. Chroot jail: /home/jail Nginx and PHP5-FPM…

linux ubuntu mysql php chroot

asked Jan 31 '11 at 22:55

Jon L.

318
2
9

8

votes

3 answers

"500 OOPS: vsftpd: refusing to run with writable root inside chroot()" - login failed on Debian

I installed vsFTPd for running an FTP server on Debian 7.3 (Wheezy). I checked the vsFTPd version was 2.3.5, and I configured it like…

linux ftp debian-wheezy chroot vsftpd

asked Mar 16 '14 at 11:14

shgnInc

1,804
3
22
29

8

votes

1 answer

Trying to set up SFTP only in a chroot jail for one user

Hopefully you guys can help and see if I've done something weird here, I'm trying to log in with a user I set up, FileZilla shows me: Command: open "///@///" Command: Pass: ******** Status: Connected to /// Error: Connection closed by server…

ssh sftp ubuntu-12.04 chroot

asked Feb 12 '13 at 10:32

pzkpfw

318
2
12

7

votes

2 answers

SFTP suddenly failing for chroot accounts on Amazon Linux

Frustratingly, SFTP users suddenly stopped being able to connect to my Amazon Linux server. The /var/log/secure shows the following error: sshd[7291]: fatal: safely_chroot: stat("/chroot/uhleeka"): Permission denied…

ssh chroot amazon-linux

asked Nov 22 '16 at 00:53

uhleeka

173
1
5

7

votes

1 answer

SFTP: log to a separate file for chrooted user

I would like to log SFTP commands to a separate file however it works only for root but not for chrooted user: # cat /etc/ssh/sshd_config ... Subsystem sftp internal-sftp -l INFO Match Group user1 ChrootDirectory /chroot ForceCommand…

sftp chroot

asked Dec 27 '13 at 12:49

HTF

3,148
14
52
82

7

votes

1 answer

SFTP user can't edit or create files

Server: Ubuntu 12.04 LTS I am using openSSH and have created an SFTP user called bob who belongs to group sftponly. I have chrooted bob to his home directory which is /usr/share/nginx/www/bob/. bob is able to SFTP onto the server and view is home…

linux ssh permissions sftp chroot

asked Apr 07 '13 at 14:35

George Reith

673
2
12
22

Questions tagged [chroot]