[Bug 779] Chroot environment for sftp client crazy
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Dec 26 23:41:23 EST 2003
http://bugzilla.mindrot.org/show_bug.cgi?id=779
Summary: Chroot environment for sftp client crazy
Product: Portable OpenSSH
Version: 3.7.1p2
Platform: Other
URL: http://aixpanish.com
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: sftp-server
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: jperezme at jazzfree.com
Hello.
I have compiled openssh 3.7.1p2 on Aix 4.3.3 with gcc 3.2.1.
All works fine and chroot environment(users only can connect with sftp in
their jail home) seems to be work fine, but from sftp client if i make a
file transfer or i create a new folder inside user home it become crazy.
EG:
1.- User home /home/user (chroot environment and from sftp client this
folder is / )
2.- I'm inside /home/user/htdocs (for user is /htdocs/)
3.- If i make a folder called "folder", it create /home/user/htdocsfolder,
instead /home/user/htdocs/folder
4.- The same occur if it is a file name.
I have changed session.c file with this lines to chroot environment for aix:
+1228 do_setusercontext(struct passwd *pw)
+1229 {
+1230
+1231 /* CHROOT patch start */
+1232
+1233 char *user_dir;
+1234 char *new_root;
+1235
+1236 user_dir = xstrdup(pw->pw_dir);
+1237 new_root = user_dir + 1;
+1238
+1239 while((new_root = strchr(new_root, '.')) != NULL) {
+1240 new_root--;
+1241 if(strncmp(new_root, "/./", 3) == 0) {
+1242 *new_root = '\0';
+1243 new_root += 2;
+1244 debug("chrooting to user directory %s", user_dir);
+1245 if(chroot(user_dir) != 0)
+1246 fatal("Couldn't chroot to user directory %s", user_dir);
+1247 pw->pw_dir = new_root;
+1248 if (chdir("/") < 0)
+1249 fatal("Couldn't cd to / after chroot to user directory %s: %
s", user_dir, strerror(errno));
+1250 break;
+1251 }
+1252 new_root += 2;
+1253 fatal("Couldn't chroot%s", user_dir);
+1254 }
+1255
+1256 /* CHROOT patch end */
+1257
+1258 #ifndef HAVE_CYGWIN
+1259 if (getuid() == 0 || geteuid() == 0)
+1260 #endif /* HAVE_CYGWIN */
+1261 {
+1262
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list