Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Can't run whoami(id -un) inside chroot jail using openssh native jai

from [D M] Network Security [Permanent Link]
Subject: Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support
Date: Mon, 28 Jul 2008 09:56:23 -0500 
here is a listing of my etc directory inside the jail:
ls -la
total 916
drwxr-xr-x  3 0 0   4096 Jul 28 14:31 .
drwxr-xr-x 18 0 0   4096 Jul 28 14:35 ..
-rw-r--r--  1 0 0     11 Jul 22 17:00 group
-r--------  1 0 0    555 Jul 28 14:31 gshadow
-rwxr-xr-x  1 0 0    245 Jul 22 17:00 hosts
-rwxr-xr-x  1 0 0  24120 Jul 22 17:00 ld.so.cache
-rwxr-xr-x  1 0 0     28 Jul 22 17:00 ld.so.conf
drwxr-xr-x  2 0 0   4096 Jul 22 17:00 ld.so.conf.d
-rw-r--r--  1 0 0   1696 Jul 22 17:00 nsswitch.conf
-rw-r--r--  1 0 0    144 Jul 24 17:04 passwd
-rwxr-xr-x  1 0 0     66 Jul 22 17:00 resolv.conf
-r--------  1 0 0   1607 Jul 28 14:30 shadow
-rw-r--r--  1 0 0 807103 Jul 22 17:00 termcap

As you can see all required files are there and have proper
permissions. I've copied over everything from /usr/lib into the jail
as well. However is still not properly doing the translation of uid to
name or guid to name.

dm



On Fri, Jul 25, 2008 at 12:48 PM, Greg Wooledge <wooledg@eeg.ccf.org> wrote:

On Thu, Jul 24, 2008 at 06:24:20PM -0500, D M wrote:

Yeah I though maybe permissions but I also adjusted those. This is
whats really strange look at the output of this:

#ls -la /etc
total 900
drwxr-xr-x  3 0 0   4096 Jul 24 17:04 .
drwxr-xr-x 17 0 0   4096 Jul 22 17:00 ..
-rw-r--r--  1 0 0     11 Jul 22 17:00 group



it doesn't even seem to be able to translate the name/groups in the
directory listing.


ls calls upon getpwuid() to convert the numeric UID and GID into
human-readable names like "root".  getpwuid() and friends are libc
functions that use OS-specific methods to do the lookups.

On most modern systems, it will look for /etc/nsswitch.conf first, and
that will tell it what overall scheme is being used for the mapping
(NIS, NIS+, regular passwd files, etc.).  Based on that, it will consult
the appropriate scheme's resources (/etc/passwd, or open a connection to
ypbind, or whatever) to get the actual answers.

So, as others have already said, you need to ensure that the following
files exist and are readable WITHIN the chroot jail:

 /etc/nsswitch.conf
 /etc/passwd
 /etc/group

There may or may not be others, depending on your OS and how you
configured things.  For example, on Linux, you might also need an
/etc/shadow file.  On OpenBSD, you might also need an /etc/master.passwd
file which is then converted into an /etc/pwd.db file.  And so on.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SSH sessions from some clients are dropped under Solaris 8, Oliver Weinmann
Next by Date:  sftp server with internal-sftp plus chrootdirectory, Xinhuan Zheng
Previous by Thread:  Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support, Greg Wooledge
Next by Thread:  Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support, Vladimir Levijev
Indexes:  [Date] [Thread] [Top] [All Lists]