<I would go with it - what concerns do you have?>
Nothing specific, it just seemed odd to put a log file that is monitoring a
persons activity in a folder that that person has access to. I have got round
it by creating the folder/log file and then changes the permissions so that it
can only be seen by members of certain groups (namely - me!).
Thanks for your help. The links you provided helped a lot.
StuÂ
________________________________
From: Marcus Taylor <mar...@linx.net>
To: peterboro@mailman.lug.org.uk
Sent: Tuesday, 5 March 2013, 16:05
Subject: Re: [Peterboro] SFTP Logging - Ubuntu Server
On 05/03/13 15:01, Stuart Bird wrote:
> but again you have to create a \dev (to hold the log file) folder at
> root level in the chroot which again doesn't seem ideal. Perhaps I am
> being over cautious?
I would go with it - what concerns do you have? It appears most people
have only got full logging to work from inside a chroot by creating the
/dev entry. However this post suggests in later versions this may not be
needed:
http://www.gossamer-threads.com/lists/openssh/dev/49052#49052
But from the horses mouth:
"The ChrootDirectory must contain the necessary files
and directories to support the user's session ...
sessions which use logging do require /dev/log inside
the chroot directory
http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config
"Use of sftp-server in a chroot configuration therefore
requires that syslogd(8) establish a logging socket
inside the chroot directory.
http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server
Cheers
--
Marcus Taylor (Database Application Developer)
London Internet Exchange Ltd. 2nd Floor Trinity Court, Trinity Street,
PE1 1DA
Registered England and Wales number 3137929
DDI 01733 207724
_______________________________________________
Peterboro mailing list
Peterboro@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/peterboro
_______________________________________________
Peterboro mailing list
Peterboro@mailman.lug.org.uk
https://mailman.lug.org.uk/mailman/listinfo/peterboro
