[prev in list] [next in list] [prev in thread] [next in thread] 

List:       rssh-discuss
Subject:    RE: RSSH logging
From:       "Marc Racette" <marc () fox2k ! net>
Date:       2007-04-22 12:25:04
Message-ID: 001401c784d9$42ba3e20$6e01a8c0 () system2k
[Download RAW message or body]

Hi Derek,

Thanks very much for your reply; the issue has been resolved.  I ran a
hash on both sftp-server files, and they were indeed different.  I
copied the system copy to the jail, and following that, I was no longer
able to connect as any chrooted user.  Looking in to the syslog, I saw
that it wasn't able to recognize the uid, and I then realized I didn't
have a /etc/passwd or group file in the jail. I copied those over, and
everything worked like a charm, including logged messages.

Now, how the jail worked before without an /etc/passwd, I have no clue,
I was under the impression it was needed and I thought that there was
one present!  Maybe this is another difference between the various
versions of sftp-server.

Anyways, thank you very much for taking the time to help me out with
this issue, I appareciate it.

Marc

-----Original Message-----
From: Derek Martin [mailto:code@pizzashack.org] 
Sent: Saturday, April 21, 2007 11:47 PM
To: Marc Racette
Cc: rssh-discuss@lists.sourceforge.net
Subject: Re: RSSH logging


On Sat, Apr 21, 2007 at 11:02:25PM -0400, Marc Racette wrote:
> I have switched back to syslog for the purposes of getting this issue 
> resolved, as it currently takes precidence over any other issues on 
> the machine.  Once this is resolved I will try to implement changes 
> with metalog.
> 
> I currently have sftp-server messages being logged to /var/log/syslog 
> for non-chrooted users.  This allows me to see their actions while in 
> an sftp session, which is exactly what I want.

So, with rssh, a non-chrooted user is working...  That suggests that
your ssh config and rssh config (at least for non-chroot users) is OK.

> However, once a chrooted user logs in, logging terminates after 
> control is passed from rssh to sftp-server.

You're seeing logs from rssh, so the jail is set up correctly. Logging
works.  This means either the copy of sftp-server that lives in the jail
is incapable of logging, or your configuration is somehow wrong.  Either
way, it seems it's not an rssh problem, but a problem with sftp.  You
might try running md5sum on both copies of the sftp-server binary, to
make sure they're both the same.  I don't think it should be necessary,
but you might also try copying your ssh config files (i.e. /etc/ssh)
into your jail.  Please be sure to try them one at a time, and report
back which one (if any) solves the problem. :)

If none of that helps, you might try posting your rssh config and your
logs from a chrooted session.

I would have suggested that rssh might somehow be interfering with your
logging options on the sftp-server command line, except it really
shouldn't, AND it works outside the jail, which would seem to rule that
out.  You'd also be getting an error message in your logs from rssh
about disallowed command line or some such...

-- 
Derek D. Martin
http://www.pizzashack.org/
GPG Key ID: 0x81CFE75D



-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
rssh-discuss mailing list
rssh-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/rssh-discuss

[prev in list] [next in list] [prev in thread] [next in thread]