Package: libpam-chroot Version: 0.9-1 Debian Version: sarge
I don't know whether the following is a "bug" or not, but there is a strange behavior, when changerooted users log in via ssh. Mainly, I am using file based (/etc/passwd) authentification for the changerooted users. But the users should be able to use ssh public key authentification. When the changerooted users home directory in /etc/passwd is set to CHROOTDIR (the real absolute path to their home directory), the first message in the shell (bash) after login via ssh (password authentification) is "Could not chdir to home directory CHROOTDIR: No such file or directory" In spite of the error message, the changeroot works fine! In this case, ssh public key authentification is possible, but especially unexperienced users should not be welcomed by such an error message. When the changerooted users home directory in /etc/passwd is set to / (root directory) for all changerooted users, ssh with password authentification works fine and login runs without error messages. But in this case, ssh public key is impossible, because all changerooted users would have to use the same authorized_keys file in /.ssh . To solve this, I suggest to expand the functionality of /etc/security/chroot.conf to allow to change environment variables for users after changerooting and before starting the users shell: E.g. Actual entry in /etc/security/chroot.conf user CHROOTDIR Extended entry with a single list of environment variables user CHROOTDIR VAR1=VALUE1 VAR2=VALUE2 Extended entry with an environment configuration file user CHROOTDIR conffile=CHROOTDIR/etc/environment By the way: Setting up a CHROOTDIR/etc/profile for the changerooted users causes the same error message, even though the environment variables have the values set in profile after login. It seems, that the "mistake", which causes the error message, happens before sourcing /etc/profile. Kind Regards Matthias Faulstich -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
