Re: set up problem on FreeBSD-10.3
Brought to you by:
xystrus
From: Russ A. <ea...@ey...> - 2016-10-05 03:30:58
|
Adam Jensen <ha...@ri...> writes: > On 10/04/2016 11:09 PM, Russ Allbery wrote: >> I'll bet that /bin/sh in your chroot is not the same as /bin/sh outside >> your chroot, it's not recognizing this shell built-in, and libc is >> incorrectly interpreting this as a syntax error. > This is an interesting statement. There isn't anything inside the > chrootpath directory. That is, > pwd > /usr/local/chroot > ls > banks/ > Should there be a '/usr/local/chroot/bin/sh'? If so, what else needs to > be in the chrootpath? Yeah, sadly you need a bunch of stuff in the chroot because you have to execute the server end of scp or whatever in the chroot. So it needs all of its libraries and so forth. The mkchroot.sh script in the distribution does an okay job for Linux systems but is probably missing a ton of stuff for FreeBSD. There's a bunch more details in the CHROOT file. BTW, the wordexp thing is also discussed there: IMPORTANT NOTE ABOUT wordexp() IMPLEMENTATIONS: rssh requires a working implementation of the wordexp() library function, specified by POSIX.2 (or whatever they're calling it these days). A number of vendors ship a version of wordexp() that execvp()'s the system shell in order to expand the arguments. This means that if you are using such a platform, you'll need to copy their system shell into the chroot jail, along with all the other necessary files. The symptoms of this problem are: 1. When a user logs in, they immediately get "Connection closed." 2. In the system logs, rssh reports "error expanding arguments for user ..." For Solaris 9, the required shell is /bin/ksh. For AIX 5.2, you need /usr/bin/ksh93. FreeBSD also has this problem, but I don't know what the default system shell is on FreeBSD. Other platforms will probably also experience this problem. If you need help determining which shell to include, try running rssh with strace or truss, whichever your system has. See the relevant manpages for details. Also, I feel obligated to warn that rssh may be inherently insecure on FreeBSD given this statement in the wordexp(3) manual page: Do not pass untrusted user data to wordexp(), regardless of whether the WRDE_NOCMD flag is set. The wordexp() function attempts to detect input that would cause commands to be executed before passing it to the shell but it does not use the same parser so it may be fooled. This is exactly what rssh does and has to do, so if there are indeed such flaws, they would allow an authenticated attacker to bypass all of the command restrictions (although, at least in theory, not the chroot). -- Russ Allbery (ea...@ey...) <http://www.eyrie.org/~eagle/> |