Highest Voted 'chroot' Questions - Server Fault Stack Exchange

3

votes

1 answer

chroot, gpg-agent, and Ubuntu 18.04

For SFTP access to my server, I have created a sftp user that is limited to a working directory by chroot. Match User sftp-user AuthorizedKeysFile /home/sftp-user/.ssh/authorized_keys ChrootDirectory /var/www/domain ForceCommand…

asked Feb 20 '19 at 08:38

BurninLeo

900
3
12
30

3

votes

3 answers

Good resource for chrooting Apache2 on Debian

I need a better resource than this or this on how to secure Apache2 using chroot on a Debian system. It seems most articles deal with Apache1. I tried to follow them and adapt to Apache2, but it only had bad results.

debian apache-2.2 chroot

asked Dec 10 '09 at 18:47

pypmannetjies

129
6

3

votes

2 answers

Logging Chrooted SFTP user activity

I have been trying to log SFTP activity by Chrooted user. I have not been able to log a single line so far for any chrooted user. For regular users it works. My current settings: /etc/ssh/sshd_config: Subsystem sftp internal-sftp -f AUTH -l…

logging sftp rsyslog chroot

asked Oct 16 '17 at 07:24

Jeppe

133
1
7

3

votes

3 answers

How to hide part of path in nginx error log

It is possible to configure nginx to output in error log specified part of files path? F.e: 2017/09/16 19:59:28 [error] 10656#10656: *1702 open() "/home/user/www/favicon.ico" failed (2: No such file or directory), client: 256.256.256.256, server:…

nginx logging chroot

asked Sep 16 '17 at 19:04

aabaev

31
2

3

votes

1 answer

chroot and sftp: directory ownership changes unexpectedly

I have read and followed a few questions and tutorials on using chroot to set the initial directory in sftp. I have the correct permissions and ownership of the chroot directory. I can get new users to log in, but then they are unable to transfer…

centos6 sftp chroot

asked Sep 30 '16 at 15:06

James Pringle

151
4

3

votes

1 answer

Error using dnssec-signzone in chroot'd bind 9.8 when a zone file includes other files

Using bind 9.8.2 on RHEL 6.5, running chroot'd. I have a zone file that includes other files (it's a zone with a large number of servers in different datacenters, and there's one included file per datacenter). The zone files and the included files…

domain-name-system bind chroot dnssec

asked Mar 08 '16 at 23:10

T. Johnson

41
3

3

votes

1 answer

Should Postfix run chrooted if it already is in it a FreeBSD jail?

I'm running Postfix together with Dovecot and a few milters in a FreeBSD jail. Is there a significant security gain when I run SMTP and SMTPD daemons chrooted as well?

postfix freebsd dovecot chroot jail

asked Jan 08 '16 at 12:44

basbebe

313
2
16

3

votes

2 answers

permission denied on authorized_keys

I am attempting to set up SFTP for chrooted users, and use SSH public key authentication. In this example I'll be working with the dummy user "globocorp" who's a member of "sftpusers". This user is chrooted to /sftp/globocorp I have placed my…

linux security authentication sftp chroot

asked Nov 03 '15 at 23:09

esoterydactyl

183
1
1
7

3

votes

1 answer

VSFTPD how chroot not chrooted users in /home?

I need to chroot all local users to their home directories, but one user should have access to all user directories. If I put admin_user in chroot_list_file he has access for whole file system. I want to restrict access for him only to /home, but…

ftp chroot vsftpd

asked Jul 17 '14 at 06:47

AIK

31
1
2

3

votes

1 answer

using /bin/bash in a chroot environment - symlink or mount

A user connects via ssh. The user is also chroot-ed to their home directory. The goal is security. Since the user is chroot-ed, when they login /bin/bash is not found. Obviously the user needs shell commands. Shell access can be provided…

ssh security chroot fstab symlink

asked Jul 14 '14 at 14:26

csi

1,555
7
23
42

3

votes

1 answer

df shows too much space on tmpfs

I have a server (SLES 11 running on a VMware hypervisor if that matters) with a tmpfs partition meant for mysql temporary tables, and I run mysql chrooted. df -h gives me strange outpupt: root@db12.lab:~# df -h /usr/chroot/tmp/ Filesystem Size …

chroot tmpfs df

asked May 19 '14 at 12:39

Roman Grazhdan

334
3
15

3

votes

1 answer

openssh sftp chroot: two levels of access

I would like to achieve the following with OpenSSH's internal-sftp, chroot and Match directive: Users belonging to group sftpuser should have read and write access to /srv/sftp/{username} (or similar, certain tricks to present a nicer looking…

ssh sftp chroot

asked Apr 28 '14 at 20:22

Wuhtzu

336
2
4
8

3

votes

1 answer

build user chroot on first login

I'm using ldap for remote user authentication and I basically need to either figure out how to: a. chroot a user on machine b from machine a via nfs,(which doesn't seem possible without mounting more directories than I'm comfortable with) or…

linux ldap nfs pam chroot

asked Apr 17 '14 at 18:15

Rooster

495
2
7
21

3

votes

1 answer

Link all LXC node APT caches to the host machine's APT cache

I have a number of LXC containers (ubuntu template) which all have their own separate APT caches. /var/lib/lxc/*/rootfs/var/cache/apt/archives/ I would like to have these linked to the host machines APT cache at: /var/cache/apt/archives From what…

ubuntu apt chroot lxc

asked Aug 17 '12 at 16:51

Adam Eberlin

785
7
11

3

votes

3 answers

ubuntu bind9 AppArmor read permission denied (chroot jail)

I am trying to run bind9 with chroot jail. I followed the steps mentioned at : http://www.howtoforge.com/debian_bind9_master_slave_system I am getting the following errors in my syslog: Jul 27 16:53:49 conf002 named[3988]: starting BIND 9.7.3 -u…

ubuntu bind chroot

asked Jul 28 '12 at 00:00

Richard Whitman

137
1
4
8

Questions tagged [chroot]