Solved

bad ownership or modes for chroot directory

Posted on 2016-11-03
6
30 Views
Last Modified: 2016-11-21
Centos 7.  user no longer able to access home dir.   Secure log shows fatal: bad ownership or modes for chroot directory "/home/username" [postauth].  Root owns /home, user owns /home/username.  Permissions are currently at 755.   What am I missing?
0
Comment
Question by:SpyderDesigns
  • 3
  • 3
6 Comments
 
LVL 28

Expert Comment

by:Jan Springer
ID: 41872928
ls -lZd /home/username

What is the complete output?
0
 

Author Comment

by:SpyderDesigns
ID: 41872957
drwxr-xr-x. username groupname unconfined_u:object_r:user_home_dir_t:s0 /home/username
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 41872964
chmod -R user:group /home/user
restorecon -R /home/user

ls -lZR /home/user

grep user /etc/passwd
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:SpyderDesigns
ID: 41873100
Assume you mean chown.  Yeah tried restorecon.  Turned off selinux temporarily.  Same problem.

Grep shows user:x:1001:1003::/home/userdir:/sbin/nologin.  Believe that is what I want as I want sftp but not ssh
0
 
LVL 28

Accepted Solution

by:
Jan Springer earned 500 total points
ID: 41873110
You want "lshell".  Install it, add it to /etc/shells, and change the account shell.

It's a restricted shell that can be used with ssh/sftp/scp that chroots the user and allows you to specify what commands can be run.

I use it and love it.
0
 

Author Comment

by:SpyderDesigns
ID: 41873130
Forgot, files show unconfined_u:object_r:user_home_t:s0
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now