On Wed, Jun 21, 2006 at 09:41:42AM +1200, Joshua Sandbrook wrote: > Gidday > > Im writing a shell at the moment that chroots into a users home dir and then > runs only the sftp-server program ( which is in the uses home dir ). > > Anyway, it wont work unless /dev/null is present in the chroot... > > I am using execve to run sftp-server, and I am wondering if it has something > to do with stdout / stdin / stderr fd's being closed on execve? > > Can anyone help me here?
Well, since nobody else seems to respond... If you can set it up in a controlled testing environment, you could ktrace(1) it. This would tell you, at the very least, what program actually opens /dev/null. A quick grep through /usr/src/usr.bin/ssh suggests that ssh (and, most likely, sftp) interacts with /dev/null quite a bit. It might be possible to change the code to work without, but that would take quite a bit of work I fear. An alternative hack would be to change sftp directly; in this case, it can safely open /dev/null and then call chroot() at the appropriate time. OTOH, you have a custom patch that you should apply at the appropriate time and place, which, too, has its disadvantages. Also, be *very* careful in writing the shell, as it must be suid root for what you want it to do... this, in fact, suggests that the best solution might be to write a trivial shell and just have /home/*/dev/null. Or, for that matter, /home/dev/null and chroot into /home. Joachim