The chroot patch for openssh is a bit different than the one that I mentioned in the last post. With this you can chroot shell sessions as well. I hope they get this into the mainline OpenSSH. Download debian packages for ssh with the chroot patch
Today I made our new server at work only let some people to use sftp on login, and made sftp-server chroot before running. This was on a RedHat 8.0 box.
First I downloaded the openssh source, using apt with the command sudo apt-get source openssh. Then I tried to run rpm -ba /usr/src/redhat/SPECS/openssh.spec, but of course that didn’t. After much poking around on google I found that rpmbuild -ba would do the trick. That of course failed half way thur, but I did poke into the openssh.spec file and found out what options it passed to ./configure. I unpacked the tarball myself, then ran ./configure with the right options. Then I applied the sftp-chroot.diff patch and did make sftp-server. I copied that file to /usr/libexec/openssh/sftp-server-chroot, and did chmod +s /usr/libexec/openssh/sftp-server-chroot.
Then I edited /etc/passwd and added the magic chars “/.” to the users path, and changed their shell to /usr/libexec/openssh/sftp-server-chroot. And it worked.
If you find youself on RedHat and you haven’t gotten use to it yet:
If that’s not doable go install APT. It will save you sooo much time.
Before I headed off to NYC on Tuesday Laura and I got hair cuts. Mine was pretty drastic.
An example of how to add a method to a class, and how to add to just an instance of object.
import new
# add method to all object of a class
class test:
pass
def monkey(self):
print "eek"
tta = test()
ttb = test()
tta.__class__.monkey = monkey
print "%r" % tta.monkey
print "%r" % ttb.monkey
# add to one instance
class test2:
pass
tt2a = test2()
tt2b = test2()
tt2a.monkey = new.instancemethod(monkey, tt2a, tt2a.__class__)
print "%r" % tt2a.monkey
# this will cause an exception
print "%r" % tt2b.monkey