From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PvCUq-0006ZJ-4z for garchives@archives.gentoo.org; Thu, 03 Mar 2011 17:39:28 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0A328E05A1; Thu, 3 Mar 2011 17:37:29 +0000 (UTC) Received: from correio.faccat.br (correio.faccat.br [200.132.2.244]) by pigeon.gentoo.org (Postfix) with ESMTP id 87C33E05A1 for ; Thu, 3 Mar 2011 17:37:29 +0000 (UTC) Received: from localhost (correio.faccat.br [127.0.0.1]) by correio.faccat.br (Postfix) with ESMTP id 5D8CB79FF5 for ; Thu, 3 Mar 2011 14:37:25 -0300 (BRT) Received: from correio.faccat.br ([127.0.0.1]) by localhost (correio.faccat.br [127.0.0.1]) (amavisd-new, port 10024) with LMTP id rsLPI--9Fs+9 for ; Thu, 3 Mar 2011 14:37:25 -0300 (BRT) Received: from [127.0.0.1] (unknown [200.132.2.246]) by correio.faccat.br (Postfix) with ESMTP id 1F9A179FD9 for ; Thu, 3 Mar 2011 14:37:25 -0300 (BRT) Message-ID: <4D6FD1D6.9070402@faccat.br> Date: Thu, 03 Mar 2011 14:37:26 -0300 From: Naira Kaieski User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; pt-BR; rv:1.9.2.13) Gecko/20101207 Thunderbird/3.1.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] internal-sftp and logs files References: <4D6D18CD.7020909@faccat.br> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: a79cfe529677931313305827cab96707 Good afternoon, http://groups.google.com/group/comp.security.ssh/browse_thread/thread/ce30a1d9889dc2e2?pli=1 The tip above link to solve the problem. I had found this link, however I was creating the log file in the dev directory of the chroot user. With the command strace I noticed what was happening permission error file access. Effectively you need only create the dev directory, the Log Files syslog-ng will automatically create. The log file is actually a socket file that syslog-ng will create. Solution: My mistake was to manually create the log file in the dev directory of the chroot user. An example of directory is: User: naira Home directory: /var/www/naira.com.br --> File sshd_config Match Group customers ChrootDirectory %h ForceCommand internal-sftp-l VERBOSE f-AUTH --> File syslog-ng.conf source src { unix-stream("/dev/log"); internal(); unix-stream("/var/www/naira.com.br/dev/log"); }; # ls -lah /var/www/naira.com.br/ drwxrwxr-x 13 root root 3.8K Mar 1 14:58 dev Restart syslog-ng. Thanks. Naira Kaieski Nucleo de Internet/Redes - Faccat Linux Professional Institute - LPI000223834 Em 2/3/2011 14:05, Ivan Kharlamov escreveu: > 2011/3/1 Naira Kaieski: >> Good afternoon, >> >> Staff set up openssh to direct users to a certain group members to a chroot >> environment and these users will have access only to the server using sftp >> protocol. >> >> Put in the sshd_config file: >> Match Group customers >> ChrootDirectory% h >> ForceCommand internal-sftp-l VERBOSE f-AUTH >> >> Thus each user is directed to the chroot environment indicated in the >> variable% h (home directory defined in / etc / passwd) >> >> An example of directory is: >> User: naira >> Home directory: /var/www/naira.com.br >> >> The problem is that I am not able to capture logs of the user group >> "clients" that are targeted to the chroot environment. Access via >> internal-sftp from other users who do not belong to the "client" I get the >> logs in auth.log files. >> >> I'm using syslog-ng. >> >> Has anyone ever made this kind of setup? >> >> Thanks, >> >> -- >> Naira Kaieski >> Nucleo de Internet/Redes - Faccat >> Linux Professional Institute - LPI000223834 >> >> > > Hi! > > Actually, I am incompetent at this area, but have you tried this? > http://groups.google.com/group/comp.security.ssh/browse_thread/thread/ce30a1d9889dc2e2 > > Best regards, > Ivan >