Solved

bad ownership or modes for chroot directory

Posted on 2016-11-03
6
66 Views
Last Modified: 2016-11-21
Centos 7.  user no longer able to access home dir.   Secure log shows fatal: bad ownership or modes for chroot directory "/home/username" [postauth].  Root owns /home, user owns /home/username.  Permissions are currently at 755.   What am I missing?
0
Comment
Question by:SpyderDesigns
  • 3
  • 3
6 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 41872928
ls -lZd /home/username

What is the complete output?
0
 

Author Comment

by:SpyderDesigns
ID: 41872957
drwxr-xr-x. username groupname unconfined_u:object_r:user_home_dir_t:s0 /home/username
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 41872964
chmod -R user:group /home/user
restorecon -R /home/user

ls -lZR /home/user

grep user /etc/passwd
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:SpyderDesigns
ID: 41873100
Assume you mean chown.  Yeah tried restorecon.  Turned off selinux temporarily.  Same problem.

Grep shows user:x:1001:1003::/home/userdir:/sbin/nologin.  Believe that is what I want as I want sftp but not ssh
0
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 41873110
You want "lshell".  Install it, add it to /etc/shells, and change the account shell.

It's a restricted shell that can be used with ssh/sftp/scp that chroots the user and allows you to specify what commands can be run.

I use it and love it.
0
 

Author Comment

by:SpyderDesigns
ID: 41873130
Forgot, files show unconfined_u:object_r:user_home_t:s0
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now