Hello, I have built a chroot environment for ssh with makejail. I have had no problem to do that, i can log into the chroot environment. It works very well. :) Now i would like to use the GNU/Linux kernel with grsecurity patch. I have compiled and installed this kernel but when i want to log into the system via ssh (the service start also), i have the following error due to grsecurity: "grsec: denied attempt to double chroot to /[...] by (sshd:14334) UID(0) EUID(0), parent (sshd:20587) UID(0) EUID(0)" I have seen an option about double chroot in the kernel but i would like to know how i can resolve this problem without deactivate this option. Have you an idea ? I have an another problem with pam. I have following the securing debian manual and put this line into /etc/pam.d/ssh : password required pam_cracklib.so retry=3 minlen=8 difok=3 password required pam_unix.so use_authok nullok md5 And commented this : password required pam_unix.so I have installed libpam_cracklib and i have choosen md5 password during the installation. But i have this error when i want to change a password : "passwd: Critical error - immediate abort" I have done a stupid error i think but if someone could explain me why i have this error ? ;) Thanks for your help... Arnaud Fontaine ----- signature Arnaud Fontaine <dsdebian@free.fr> - http://www.andesi.org/ GnuPG Public Key available at http://www.andesi.org/gpg/dsdebian.asc Fingerprint: 22B6 B676 332E 23BC CA7D 174D 6D41 235A 23A2 500A ------ fortune Momma always said: "There is only so much fortune a man really needs - and the rest is for showin' off" Forrest Gump
Attachment:
pgpD1jW6T98xv.pgp
Description: PGP signature