Re: sftp-server logging under chroot & privilege separation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It might be an issue with /dev/log not existing in the chrooted
environment.

If you are running syslog-ng, you could tell it to open a second
Unix domain dgram socket. ("unix-dgram(/chroot/path/dev/log);")

On Mon, Mar 8, 2010 at 9:53 AM,  <kjh26@xxxxxxxxxxxx> wrote:
> Hello:
>
> We are using OpenSSH 5.3p1.
>
> We are using this to host an SFTP drop-box.  We have implemented chroot &
> privilege separation.
>
> For corporate security reasons, we are running sshd as an application ID
> setuid root (long story - don't want to go into it here)
>
> The issue we are noting is that we 'lose' SFTP logging of commands when
> sshd is run normally.
>
> When we run it in DEBUG, we see the SFTP commands in the log.
>
> We suspected the chrooting/priv sep had something to do with it, however,
> changing the sftp-server to be setuid root did not fix the issue.
>
> Any ideas?
>
>
> Thanks
>
>
> Kevin J. Herman
> Sr. Systems Analyst
> EBMX [Electronic Business Message eXchange]
> ITM - Procurement Systems
>
> T/L 776-6793
> O/L (248)576-6793
> FAX (248)576-2185
>
> CTC E3000-3S2E8
> CIMS 483-01-19
> LOC/DEPT: 1100-1721
>
>



-- 
And, did Galoka think the Ulus were too ugly to save?
                                         -Centauri


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux