On Tue, 19 Nov 2019, mike tancsa wrote:
On 11/19/2019 8:09 AM, Christos Chatzaras wrote:
On 19 Nov 2019, at 15:02, mike tancsa <m...@sentex.net> wrote:
On 11/19/2019 6:42 AM, Ronald Klop wrote:
Hi,
Is it possible to jexec into a jail as a regular user. Or to enable
that somewhere?
Or is the way to do such a thing to set up ssh in the jail?
On 11.3 at least, does not the built in functionality of jexec do what
you need ?
jexec [-l] [-u username | -U username] jail [command ...]
# jexec -U testuser 3 csh
testuser@cacticonsole:/ % id
uid=1005(testuser) gid=1005(testuser) groups=1005(testuser)
testuser@cacticonsole:/ %
I think he wants to use jexec as a normal user from the main OS.
If he wants to run jexec as root and login to jail as user then your command
works.
Ahhh, my mistake. A sudo entry then ?
---Mike
At least on older FreeBSD versions, it's easy to wrap `jexec` in a few
lines (literally a half-dozen) of C code, suid after compiling, and have
users in the host environment jump into jails with it. (I haven't set
this up in a while, to know if there are issues with 11.X or 12.X.)
OTOH, there is a bitter-regret-filled gap between knowing enough to do
that, and knowing enough to securely write and deploy suid-root programs.
-Walter
_______________________________________________
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
_______________________________________________
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
