AIX

AIX

Connect with fellow AIX users and experts to gain knowledge, share insights, and solve problems.


#Power
#Power
 View Only
Back to discussions
Expand all | Collapse all

openssh5.2 chroot not working under AIX 5.3TL11

  • 1.  openssh5.2 chroot not working under AIX 5.3TL11

    Posted Thu June 24, 2010 02:48 AM

    Originally posted by: Miromir


    Hi,
    I'm trying to set up chroot environment on AIX
    #AIX-Forum


  • 2.  Re: openssh5.2 chroot not working under AIX 5.3TL11

    Posted Thu June 24, 2010 02:56 AM

    Originally posted by: Miromir


    on AIX 5300-11 according to following Link: guide but so far without success.

    The system kick's my test user out with following message:
    testik@chrootsys01's password:
    Connection to chrootsys01 closed by remote host.
    Connection to chrootsys01 closed.

    On chrootsys01 I get this in log:
    Jun 24 08:50:58 chrootsys01 auth|security:info sshd290918: Accepted password for testik from 10.236.142.12 port 60591 ssh2
    Jun 24 08:50:58 chrootsys01 auth|security:crit sshd376874: fatal: bad ownership or modes for chroot directory component "/"

    My setup on chrootsys01 is as follows:
    chrootsys01:/home/chroot# lslpp -L | grep -i -E "ssh|ssl"
    gsksa.rte 7.0.4.11 C F AIX Certificate and SSL Base
    gskta.rte 7.0.4.11 C F AIX Certificate and SSL Base
    SSL)
    openssh.base.client 5.2.0.5300 C F Open Secure Shell Commands
    openssh.base.server 5.2.0.5300 C F Open Secure Shell Server
    openssh.license 5.2.0.5300 C F Open Secure Shell License
    openssh.man.en_US 5.2.0.5300 C F Open Secure Shell
    openssh.msg.en_US 5.2.0.5300 C F Open Secure Shell Messages -
    openssl.base 0.9.8.1103 C F Open Secure Socket Layer
    openssl.license 0.9.8.1103 C F Open Secure Socket License
    openssl.man.en_US 0.9.8.1103 C F Open Secure Socket Layer
    openssl 0.9.8j-1 C R Secure Sockets Layer and

    chrootsys01:/home/chroot# cat etc/passwd
    testik:!:217:1::/home/chroot/./home/testik:/usr/bin/ksh
    chrootsys01:/home/chroot# cat etc/group
    staff:!:1:testik

    chrootsys01:/home/chroot# ls -laR *
    lrwxrwxrwx 1 root system 21 Jun 23 13:41 unix -> /usr/lib/boot/unix_64

    dev:
    total 3
    drwxrwxr-x 3 root system 512 Jun 23 13:43 .
    drwxr-xr-x 7 root system 512 Jun 23 13:52 ..
    crw-rw-rw- 1 root system 2, 2 Jun 23 13:42 null
    drwxr-xr-x 2 root system 512 Jun 23 13:46 pts
    crw-rw-rw- 1 root system 1, 0 Jun 23 13:42 tty
    crw-rw-rw- 1 root system 2, 3 Jun 23 13:43 zero

    dev/pts:
    total 2
    drwxr-xr-x 2 root system 512 Jun 23 13:46 .
    drwxrwxr-x 3 root system 512 Jun 23 13:43 ..
    crw--w---- 1 root security 22, 0 Jun 23 13:46 0
    crw-rw-rw- 1 root system 22, 1 Jun 23 13:46 1
    crw-rw-rw- 1 root system 22, 2 Jun 23 13:46 2
    crw-rw-rw- 1 root system 22, 3 Jun 23 13:46 3
    crw-rw-rw- 1 root system 22, 4 Jun 23 13:46 4
    crw-rw-rw- 1 root system 22, 5 Jun 23 13:46 5
    crw-rw-rw- 1 root system 22, 6 Jun 23 13:46 6
    crw-rw-rw- 1 root system 22, 7 Jun 23 13:46 7
    crw-rw-rw- 1 root system 22, 8 Jun 23 13:46 8
    crw-rw-rw- 1 root system 22, 9 Jun 23 13:46 9

    etc:
    total 4
    drwxr-xr-x 2 root system 512 Jun 23 13:51 .
    drwxr-xr-x 7 root system 512 Jun 23 13:52 ..
    -rw-r--r-- 1 root system 193 Jun 23 13:51 group
    -rw-r--r-- 1 root system 87 Jun 23 14:23 passwd

    home:
    total 3
    drwxr-xr-x 3 root system 512 Jun 23 13:52 .
    drwxr-xr-x 7 root system 512 Jun 23 13:52 ..
    drwxr-xr-x 2 testik staff 512 Jun 23 13:52 testik

    home/testik:
    total 2
    drwxr-xr-x 2 testik staff 512 Jun 23 13:52 .
    drwxr-xr-x 3 root system 512 Jun 23 13:52 ..

    tmp:
    total 2
    drwxrwxrwt 2 root system 512 Jun 23 13:36 .
    drwxr-xr-x 7 root system 512 Jun 23 13:52 ..

    usr:
    total 5
    drwxr-xr-x 5 root system 512 Jun 23 13:36 .
    drwxr-xr-x 7 root system 512 Jun 23 13:52 ..
    drwxr-xr-x 2 root system 512 Jun 23 13:48 bin
    drwxr-xr-x 2 root system 512 Jun 23 13:41 lib
    drwxr-xr-x 2 root system 512 Jun 23 13:36 sbin

    usr/bin:
    total 1644
    drwxr-xr-x 2 root system 512 Jun 23 13:48 .
    drwxr-xr-x 5 root system 512 Jun 23 13:36 ..
    -r-xr-xr-x 1 root system 1453 Jun 23 13:39 cd
    -r-xr-xr-x 1 root system 28602 Jun 23 13:48 cp
    -r-xr-xr-x 1 root system 247718 Jun 23 13:40 ksh
    -r-xr-xr-x 1 root system 28840 Jun 23 13:39 ls
    -r-xr-xr-x 1 root system 6664 Jun 23 13:39 mkdir
    -r-xr-xr-x 1 root system 5026 Jun 23 13:39 pwd
    -r-xr-xr-x 1 root system 13418 Jun 23 13:40 rm
    -r-xr-xr-x 1 root system 13418 Jun 23 13:40 rmdir
    -r-xr-xr-x 1 root system 171341 Jun 23 13:40 scp
    -r-xr-xr-x 1 root system 317104 Jun 23 13:40 sftp

    usr/lib:
    total 18208
    drwxr-xr-x 2 root system 512 Jun 23 13:41 .
    drwxr-xr-x 5 root system 512 Jun 23 13:36 ..
    -r-xr-xr-x 1 root system 9306906 Jun 23 13:41 libc.a
    -r-xr-xr-x 1 root system 10995 Jun 23 13:41 libcrypt.a

    usr/sbin:
    total 2
    drwxr-xr-x 2 root system 512 Jun 23 13:36 .
    drwxr-xr-x 5 root system 512 Jun 23 13:36 ..

    Do you have any suggestions what modes and permissions on "/" I should use?

    Thanks in advance.
    #AIX-Forum


Related Content