Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

bad ownership or modes for chroot directory

Posted on 2016-11-03
Last Modified: 2016-11-21
Centos 7.  user no longer able to access home dir.   Secure log shows fatal: bad ownership or modes for chroot directory "/home/username" [postauth].  Root owns /home, user owns /home/username.  Permissions are currently at 755.   What am I missing?
Question by:SpyderDesigns
  • 3
  • 3
LVL 28

Expert Comment

by:Jan Springer
ID: 41872928
ls -lZd /home/username

What is the complete output?

Author Comment

ID: 41872957
drwxr-xr-x. username groupname unconfined_u:object_r:user_home_dir_t:s0 /home/username
LVL 28

Expert Comment

by:Jan Springer
ID: 41872964
chmod -R user:group /home/user
restorecon -R /home/user

ls -lZR /home/user

grep user /etc/passwd
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.


Author Comment

ID: 41873100
Assume you mean chown.  Yeah tried restorecon.  Turned off selinux temporarily.  Same problem.

Grep shows user:x:1001:1003::/home/userdir:/sbin/nologin.  Believe that is what I want as I want sftp but not ssh
LVL 28

Accepted Solution

Jan Springer earned 500 total points
ID: 41873110
You want "lshell".  Install it, add it to /etc/shells, and change the account shell.

It's a restricted shell that can be used with ssh/sftp/scp that chroots the user and allows you to specify what commands can be run.

I use it and love it.

Author Comment

ID: 41873130
Forgot, files show unconfined_u:object_r:user_home_t:s0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Google Drive is extremely cheap offsite storage, and it's even possible to get extra storage for free for two years.  You can use the free account 15GB, and if you have an Android device..when you install Google Drive for the first time it will give…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question