[CentOS] Syslog for chroot-jailed SFTP users?
Sean Carolan
scarolan at gmail.comWed Feb 10 21:08:10 UTC 2010
- Previous message: [CentOS] saslauthd attack
- Next message: [CentOS] Syslog for chroot-jailed SFTP users?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Maybe one of you can help. We have set up a CentOS server so that
each user who logs in via sftp will be jailed in their home directory.
Here's the relevant sshd_config:
# override default of no subsystems
Subsystem sftp internal-sftp -f LOCAL2 -l INFO
Match Group sftponly
ChrootDirectory /home/%u
ForceCommand internal-sftp
This actually works great, but none of the activities of sftponly
group members is getting logged. The man page for sftp-server says:
"For logging to work, sftp-server must be able to access /dev/log.
Use of sftp-server in a chroot configuation therefore requires that
syslogd(8) establish a logging socket inside the chroot directory."
How do I establish a logging socket inside the chroot directory, when
the chroot directory is different depending on which user is logging
in at any given time? I don't want to run separate sockets in every
customer's chroot directory, this is not practical.
Any ideas?
- Previous message: [CentOS] saslauthd attack
- Next message: [CentOS] Syslog for chroot-jailed SFTP users?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list