ca23 chroot jail FreeBSD "su: who are you?" - The FreeBSD Forums
The FreeBSD Forums  

Go Back   The FreeBSD Forums > Base System > General
Reload this Page chroot jail FreeBSD "su: who are you?"
Register FAQ Calendar Search Today's Posts Mark Forums Read

General General questions about the FreeBSD operating system. Ask here if your question does not fit elsewhere.

Reply
 
Thread Tools Display Modes
  #1  
Old May 27th, 2009, 17:43
Dr_Death_UAE Dr_Death_UAE is offline
Junior Member
  
Join Date: Jan 2009
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Default chroot jail FreeBSD "su: who are you?"
Hello, i create chroot jail every thing fine but when i try to login with the jailed user with su i got:
Quote:
su: who are you?
from the logs:

Quote:
May 27 15:33:28 h4x0r sudo: r0x : TTY=ttyp0 ; PWD=/ ; USER=root ; COMMAND=/usr/sbin/chroot /home/jail /usr/bin/su - r0x
from visudo:
Quote:
r0x ALL=NOPASSWD: /usr/sbin/chroot, /usr/bin/su - r0x
from "/home/jail/etc/passwd":
Quote:
r0x:*:1003:1003:User &:/home/r0x:/usr/local/bin/bash
from "/etc/passwd":
Quote:
r0x:*:1003:1003:User &:/home/jail/home/r0x:/bin/chroot-shell
the "chroot-shell" include:
Quote:
#!/usr/bin/env sh
/usr/local/bin/sudo /usr/sbin/chroot /home/jail /usr/bin/su - $USER "$@"
i use the same methods with linux systems it work fine, i use pwd_mkdb to update the master.passwd on the jail:
Quote:
pwd_mkdb -d /home/jail/etc/ /home/jail/etc/master.passwd
but still the same. i read that i need to use rssh as the shell instead of bash shell.
Reply With Quote
  #2  
Old May 27th, 2009, 18:57
vivek's Avatar
vivek vivek is offline
Member
  
Join Date: Nov 2008
Location: Hyper Space
Posts: 809
Thanks: 3
Thanked 184 Times in 102 Posts
Default
You can login to jail using jexec if openssh not installed in a jail:
Code:
jls -v
jexec jailid csh
If openssh installed and normal user account created make sure that account is a part of wheel group. Again login using jexec and create user account using pw. Once done start openssh so that user can login into the account and use su -
__________________
Neither in this world nor elsewhere is there any happiness in store for him who always doubts. If you enjoyed my answer please consider donating some money to FreeBSD foundation @ http://www.freebsdfoundation.org/
Reply With Quote
  #3  
Old May 27th, 2009, 19:02
SirDice's Avatar
SirDice SirDice is offline
Moderator
  
Join Date: Nov 2008
Location: Rotterdam, Netherlands
Posts: 13,694
Thanks: 47
Thanked 2,021 Times in 1,860 Posts
Default
chroot != jail

So which one is it? A chrooted or a jailed environment?

Please see jail(8) and chroot(8) for the differences.
__________________
Senior UNIX Engineer at Unix Support Nederland
Experience is something you don't get until just after you need it.
Reply With Quote
  #4  
Old May 27th, 2009, 19:04
vivek's Avatar
vivek vivek is offline
Member
  
Join Date: Nov 2008
Location: Hyper Space
Posts: 809
Thanks: 3
Thanked 184 Times in 102 Posts
Default
OP: yes this is confusing as pointed out by SirDice. Please clarify... on freebsd there is no need to use chroot call. chroot(2) can be escaped easily; use jails.
__________________
Neither in this world nor elsewhere is there any happiness in store for him who always doubts. If you enjoyed my answer please consider donating some money to FreeBSD foundation @ http://www.freebsdfoundation.org/
Reply With Quote
  #5  
Old May 27th, 2009, 19:26
Dr_Death_UAE Dr_Death_UAE is offline
Junior Member
  
Join Date: Jan 2009
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Hello, it is chroot.
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
"freebsd-update fetch", fetching public key failed. Logan Installing & Upgrading 24 September 25th, 2012 19:10
"Cross-Compile" the FreeBSD kernel honk General 4 June 18th, 2009 01:44
FreeBSD 7.1 USB Drive installation failure:"cannot write to disk" klemes Installing & Upgrading 0 March 30th, 2009 14:03
"ping: sendto: Can't assign requested address" in Jail mbs Networking 5 February 18th, 2009 08:54
"free" command/perl script for freebsd unixdude General 10 November 20th, 2008 10:57


All times are GMT +1. The time now is 13:00.

Contact Us - FreeBSD - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.
The mark FreeBSD is a registered trademark of The FreeBSD Foundation and is used by The FreeBSD Project with the permission of The FreeBSD Foundation.
Web protection and acceleration provided by CloudFlare
0