Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 5 Oct 2009 11:51:46 +0200 (CEST)
From:      Oliver Fromme <olli@lurza.secnetix.de>
To:        freebsd-questions@FreeBSD.ORG, apseudoutopia@gmail.com
Subject:   Re: Jails: /bin/tcsh: Permission Denied
Message-ID:  <200910050951.n959pkRA059227@lurza.secnetix.de>
In-Reply-To: <27ade5280910050108w212a8d85h6071b5211f19425f@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
APseudoUtopia <apseudoutopia@gmail.com> wrote:
 > I'm setting up jails on my system. I started with a httpd jail for
 > nginx and php to run in. I used ezjail to create it. I went through
 > all the steps, and got a jail setup and working. I've logged in and
 > out several times and installed a couple ports within the jail. I then
 > added a non-privileged user by running "adduser" as root. However,
 > that is when the problem came up. For some reason, I cannot switch to
 > the unprivileged user. The shell is giving me a "Permission Denied"
 > error.

What are the permissions on /bin/tcsh inside the jail?
Is it executable?  Are the permissions of all of its
libraries correct?  ("ldd /bin/tcsh" will list the libs.)
Are the permissions on the home directory correct?

If everything else fails, trace the shell inside the jail
(with strace, truss or ktrace).  It will list the exact
system call that fails.

By the way, I recommend that jails which contain daemons
(such as webservers, databases etc.) do not contain login
accounts.  In fact, I never put /bin/tcsh inside a jail
that contains a webserver.  Apache certainly doesn't need
it.  Some ports do need /bin/csh during the build process,
but for building ports I recommend to use a separate jail
anyway, create packages and pkg_add them in the actual
webserver jail.

Just my 2 cents.

Best regards
   Oliver


-- 
Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

$ dd if=/dev/urandom of=test.pl count=1
$ file test.pl
test.pl: perl script text executable

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910050951.n959pkRA059227>