grsecurity forums


https://forums.grsecurity.net./

user@notty for virtual users on ssh

https://forums.grsecurity.net./viewtopic.php?f=3&t=644

Page 1 of 1

user@notty for virtual users on ssh

PostPosted: Fri Jan 02, 2004 5:58 am
by kamihacker
greetings, I'm using grsecurity (no ACLs activated yet) on my ensim based virtualhosting server

I already disabled the no mount chroot restriction in order to get ssh working as mentioned in post on this forum, but now I get no shell when I try to log in with ssh with virtual user (created for a specific domain hosted on the server)

the process name look like this

sshd: user@notty

would anyone give me a hint on what do I have to disable to get this working?

thx in advance

CR

PostPosted: Sat Jan 03, 2004 12:53 pm
by Sleight of Mind
read your logs, grsec will tell you what's wrong. Most likely the answer is in there.

this what I get (same thing for a sendmail problem)

PostPosted: Mon Jan 05, 2004 10:59 pm
by kamihacker
Jan 5 23:10:37 shirley kernel: grsec: From 64.86.23.71: denied connect to abstract AF_UNIX socket outside of chroot by (sshd:3332) UID(0) EUID(0), parent (sshd:5059) UID(0) EUID(0)
Jan 5 23:10:37 shirley kernel: grsec: From 64.86.23.71: denied connect to abstract AF_UNIX socket outside of chroot by (sshd:3332) UID(0) EUID(0), parent (sshd:5059) UID(0) EUID(0)
Jan 5 23:10:37 shirley sshd[3332]: sendto failed 1 : Operation not permitted

any clues?

beats me since I'm no kernel literate

already found it on the kernel config

PostPosted: Mon Jan 05, 2004 11:17 pm
by kamihacker
Deny access to abstract AF_UNIX sockets out of chroot (NEW)

sorry hadn't checked
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/