From owner-freebsd-questions@FreeBSD.ORG Mon Oct 5 09:52:03 2009 Return-Path: Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E2AD9106566B for ; Mon, 5 Oct 2009 09:52:03 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [IPv6:2a01:170:102f::2]) by mx1.freebsd.org (Postfix) with ESMTP id 4DBF28FC18 for ; Mon, 5 Oct 2009 09:52:03 +0000 (UTC) Received: from lurza.secnetix.de (localhost [127.0.0.1]) by lurza.secnetix.de (8.14.3/8.14.3) with ESMTP id n959pkrI059228; Mon, 5 Oct 2009 11:52:02 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.14.3/8.14.3/Submit) id n959pkRA059227; Mon, 5 Oct 2009 11:51:46 +0200 (CEST) (envelope-from olli) Date: Mon, 5 Oct 2009 11:51:46 +0200 (CEST) Message-Id: <200910050951.n959pkRA059227@lurza.secnetix.de> From: Oliver Fromme To: freebsd-questions@FreeBSD.ORG, apseudoutopia@gmail.com In-Reply-To: <27ade5280910050108w212a8d85h6071b5211f19425f@mail.gmail.com> X-Newsgroups: list.freebsd-questions User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (FreeBSD/6.4-PRERELEASE-20080904 (i386)) MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Mon, 05 Oct 2009 11:52:02 +0200 (CEST) Cc: Subject: Re: Jails: /bin/tcsh: Permission Denied X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@FreeBSD.ORG, apseudoutopia@gmail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Oct 2009 09:52:04 -0000 APseudoUtopia wrote: > I'm setting up jails on my system. I started with a httpd jail for > nginx and php to run in. I used ezjail to create it. I went through > all the steps, and got a jail setup and working. I've logged in and > out several times and installed a couple ports within the jail. I then > added a non-privileged user by running "adduser" as root. However, > that is when the problem came up. For some reason, I cannot switch to > the unprivileged user. The shell is giving me a "Permission Denied" > error. What are the permissions on /bin/tcsh inside the jail? Is it executable? Are the permissions of all of its libraries correct? ("ldd /bin/tcsh" will list the libs.) Are the permissions on the home directory correct? If everything else fails, trace the shell inside the jail (with strace, truss or ktrace). It will list the exact system call that fails. By the way, I recommend that jails which contain daemons (such as webservers, databases etc.) do not contain login accounts. In fact, I never put /bin/tcsh inside a jail that contains a webserver. Apache certainly doesn't need it. Some ports do need /bin/csh during the build process, but for building ports I recommend to use a separate jail anyway, create packages and pkg_add them in the actual webserver jail. Just my 2 cents. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd $ dd if=/dev/urandom of=test.pl count=1 $ file test.pl test.pl: perl script text executable