Aw: Re: Howto log multiple sftpd instances with their chroot shared via NFS
Jochen Bern
Jochen.Bern at binect.de
Mon Sep 27 05:11:09 AEST 2021
On 24.09.21 16:37, Hildegard Meier wrote:
> More ideas appreciated, since it would be relly important for us
> to have a solution for that.
OK. This is a behavior I see (and use) on a CentOS SFTP server, but I
have no idea how portable it is to other distribs, so just give it a try:
> # egrep '^[^#]*( mand|sftp)' /etc/ssh/sshd_config
> Subsystem sftp internal-sftp
> Match group mandanten
> ForceCommand internal-sftp -l INFO -u 0077
> # ls -al ~lvinq4/dev
> insgesamt 0
> drwx--x---. 2 root mandanten 6 20. Mai 17:25 .
> drwxr-x---. 5 root mandanten 54 24. Aug 15:38 ..
As you can see, the chroots have an *empty* /dev subdir, but logging
*still works*, apparently because the chrooted process just keeps using
the system-central /dev/log it opened *before* chroot()ing.
Kind regards,
--
Jochen Bern
Systemingenieur
Binect GmbH
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3449 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20210926/7c0bfcba/attachment-0001.p7s>
More information about the openssh-unix-dev
mailing list