From owner-freebsd-questions@FreeBSD.ORG Wed Jul 27 13:56:06 2005 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 099D316A41F for ; Wed, 27 Jul 2005 13:56:06 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from mail26.sea5.speakeasy.net (mail26.sea5.speakeasy.net [69.17.117.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9BBF443D4C for ; Wed, 27 Jul 2005 13:56:05 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 3883 invoked from network); 27 Jul 2005 13:56:05 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail26.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 27 Jul 2005 13:56:05 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id 090BA2A; Wed, 27 Jul 2005 09:56:03 -0400 (EDT) Sender: lowell@be-well.ilk.org To: Dan Rue References: <20050726211516.GF95651@therub.org> From: Lowell Gilbert Date: 27 Jul 2005 09:56:03 -0400 In-Reply-To: <20050726211516.GF95651@therub.org> Message-ID: <44ack85p58.fsf@be-well.ilk.org> Lines: 44 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-questions@freebsd.org Subject: Re: jail login and replication problems X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jul 2005 13:56:06 -0000 Dan Rue writes: > Greetings, > > I am setting up multiple jails on a machine. The first jail, everything > works fine. If I add a user, that user can log in. If I tar cvzpf the > jail, tar xvzpf to create a new one, some people can log into the new > jail, and some can not. > > The user that can log in to the new one was the first user created (me), > but any subsequent users can not log into new jails.. > > The symptom is right after accepting the password via ssh, the > connection will just get dropped. I could not find any good error > messages using ssh.. But if I enable telnet and try to telnet in, I > receive this error in /var/log/messages: > > Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /home/user3/.login_conf: Permission denied > Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /etc/login.conf: Permission denied > Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /home/user3/.login_conf: Permission denied > Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /etc/login.conf: Permission denied > > The permissions on those files are fine. > > So what would cause that error in jails that have been replicated using > tar, but only to some users? I'm stumped.. > > Here's my rc.conf exerpt: > > jail_enable="YES" > jail_list="jail3" > jail_socket_unixiproute_only="NO" > jail_sysvipc_allow="YES" # allow shared mem on all jails > > jail_jail3_rootdir="/jails/jail3" > jail_jail3_hostname="jail3.example.com" > jail_jail3_ip="10.0.0.203" > jail_jail3_procfs_enable="YES" > jail_jail3_devfs_enable="YES" > jail_jail3_devfs_ruleset="devfsrules_jail" Try comparing the home directories of the different users. And if you crank up the verbosity of sshd, you may get more useful information.