Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Can't run whoami(id -un) inside chroot jail using openssh native jai

from [Jon Kibler] Network Security [Permanent Link]
Subject: Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support
Date: Thu, 24 Jul 2008 19:14:41 -0400 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

D M wrote:

OS: RHEL5.2
Openssh: 5.0p1 and now 5.1

I have successfully setup a chroot jail using openssh's new native
jail support and almost everything appears to be working
(ls,cd,cat,uname,etc,ect). However I can't run any commands that
identify the user.. such as ld -un whoami logname. They all fail with
this result:

#whoami
whoami: cannot find name for user ID 503
#id
uid=503 gid=504 groups=504
#id -un
id: cannot find name for user ID 503
503
#logname
503


I don't mean to ask really dumb questions, but can you:
   cat /etc/passwd
   cat /etc/group
   grep -F ':503:' /etc/passwd
   grep -F ':504:' /etc/group

from within the jail?

If not, you may have directory ownership/permissions problems. For
example, in a jail, make sure /etc o:g=root:root & perm=0551.

I know you said you have checked... but just adding another approach.

Jon Kibler
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkiJDNQACgkQUVxQRc85QlPIgACgkdQ9F8Z954/Tv4//kb9JgtF3
GTwAoKBgmj3+JFCtyy3JaJKDgFnhQzCX
=KR5N
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  dispatch_protocol_error, Dewey Hylton
Next by Date:  Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support, D M
Previous by Thread:  Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support, Vladimir Levijev
Next by Thread:  Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support, D M
Indexes:  [Date] [Thread] [Top] [All Lists]