search

pymumu / jail-shell

Jail-shell is a linux security tool mainly using chroot, namespaces technologies, limiting users to perform specific commands, and access sepcific directories.
GNU General Public License v2.0
110 stars 20 forks source link

terminfo doesn't exist , almalinux 8 #22

Open egphp opened 10 months ago

egphp commented 10 months ago

[root@s home]# su sen directory /usr/lib/terminfo or /var/local/jail-shell/jails/sen-jail//usr/lib/terminfo doesn't exist command failed at line 133: bind /usr/lib/terminfo /usr/lib/terminfo ro,nodev,nosuid

su: cannot open session: User not known to the underlying authentication module

pymumu commented 10 months ago

Add the following line.

dir /usr/lib/terminfo
egphp commented 10 months ago

thanks , but user still can see what out his folder

i need to prevent user to see any thing out of this folder

[sen@s ~]$ ls -l /
total 80
lrwxrwxrwx.   1 root root     7 Oct  9  2021 bin -> usr/bin
dr-xr-xr-x.   6 root root  4096 Sep  4 03:59 boot
drwxr-xr-x.  18 root root  3500 Sep  4 04:02 dev
drwxr-xr-x.  98 root root  4096 Sep  4 04:09 etc
drwxr-xr-x.   3 root root  4096 Sep  4 04:05 home
-rw-r-----.   1 root root   635 Sep  4 03:59 installimage.conf
-rw-r-----.   1 root root 13953 Sep  4 03:59 installimage.debug
lrwxrwxrwx.   1 root root     7 Oct  9  2021 lib -> usr/lib
lrwxrwxrwx.   1 root root     9 Oct  9  2021 lib64 -> usr/lib64
drwx------.   2 root root 16384 May 16 12:52 lost+found
drwxr-xr-x.   2 root root  4096 Oct  9  2021 media
drwxr-xr-x.   2 root root  4096 Oct  9  2021 mnt
drwxr-xr-x.   3 root root  4096 Sep  4 04:04 opt
dr-xr-xr-x. 379 root root     0 Sep  4 04:02 proc
dr-xr-x---.   4 root root  4096 Sep  4 04:04 root
drwxr-xr-x.  30 root root   860 Sep  4 04:13 run
lrwxrwxrwx.   1 root root     8 Oct  9  2021 sbin -> usr/sbin
drwxr-xr-x.   2 root root  4096 Oct  9  2021 srv
dr-xr-xr-x.  13 root root     0 Sep  4 04:02 sys
drwxrwxrwt.  10 root root  4096 Sep  4 04:09 tmp
drwxr-xr-x.  12 root root  4096 May 16 12:53 usr
drwxr-xr-x.  20 root root  4096 May 16 12:57 var
[sen@s ~]$
pymumu commented 10 months ago

Add user to jail-shell.

sudo jail-shell user -a test -j test-jail
egphp commented 10 months ago

after that command , not login ssh client_loop: send disconnect: Broken pipe

egphp commented 10 months ago

[root@s jail-config]# ssh sen@127.0.0.1 sen@127.0.0.1's password: client_loop: send disconnect: Broken pipe [root@s jail-config]#

john-f-chamberlain commented 10 months ago

I was also having this issue on Oracle Linux 8. It turns out the folder "/usr/lib/terminfo" does not exist on OL8. So removing the following lines from the jail config solved the issue:

(line 65)

dir /usr/lib/terminfo 0755 root:root

(line 133)

bind /usr/lib/terminfo /usr/lib/terminfo ro,nodev,nosuid
john-f-chamberlain commented 10 months ago

If you delete the lines certain functions (like backspace) will no longer work properly. Instead of deleting the lines, change /usr/lib/terminfo to /usr/share/terminfo

Venurs commented 7 months ago

after that command , not login ssh client_loop: send disconnect: Broken pipe I have the same problem. how can I solve it?