SFTP logs for a chroot environment

Hello,

I am using NAS4Free which is based on FreeBSD and I need to get a logging running for users that have their directory chrooted and access it with sftp only. I have chroot and sftp set up and everything works fine. However I can't get syslog to run. When I disable chroot in sshd.conf, I get the log entries in /var/log/system.log
I have found and read this solved thread that has a solution for my problem, however it seems. that I am supposed to set a flag in rc.conf

Code:
syslogd_flags="-s -l /mnt/storage/someuser/dev/log"

The question is now, how do I do that with multiple users? Do I have to have that line for every user on my system or is there some way to have it with a variable like in my sshd.conf

Code:
ChrootDirectory /mnt/storage/chroot/home/%u

I am supposing syslog wouldn't know about the user that's logged in to find the user's specific socket in their chroot/dev/log, or?

EDIT: I edited /etc/rc.d.conf to include -s -l /mnt/storage/testuser/dev/log in the command line and now syslog runs with the dev/log socket file and I see the entries in the log file.

Code:
root 59697   0.0  0.0  14556  1824  -  Ss   10:52AM      0:00.00 /usr/sbin/syslogd -s -l /mnt/storage/testuser/dev/log -8 -ss -f /var/etc/syslog.conf

So I now have to find out how I set that path for any user logged in. Where ever I look, all just tell me about setting it for one user not for all.

Thank you for any help
 
  • Thanks
Reactions: Oko
I think you might need to specify every user in rc.conf. sshd can run scripts when a user connect, but it uses the user's shell and they presumably are set to nologin. Even if you did give them a shell I don't think you can do anything with syslogd without root privileges.
Even if rc.conf could use variables, which I don't think it can, it's only run on boot so %u would only be evaluated once, as root.
 
Hello,

I am using NAS4Free which is based on FreeBSD and I need to get a logging running for users that have their directory chrooted and access it with sftp only. I have chroot and sftp set up and everything works fine. However I can't get syslog to run. When I disable chroot in sshd.conf, I get the log entries in /var/log/system.log
This is an ultra interesting post. I bet you need to copy syslog binaries into the chroot or something along those lines. I would actually post the question on misc@openbsd and see what smarter people than I have to say.
 
Back
Top