Jails: /bin/tcsh: Permission Denied

Oliver Fromme olli at lurza.secnetix.de
Mon Oct 5 09:52:04 UTC 2009

APseudoUtopia <apseudoutopia at gmail.com> wrote:
 > I'm setting up jails on my system. I started with a httpd jail for
 > nginx and php to run in. I used ezjail to create it. I went through
 > all the steps, and got a jail setup and working. I've logged in and
 > out several times and installed a couple ports within the jail. I then
 > added a non-privileged user by running "adduser" as root. However,
 > that is when the problem came up. For some reason, I cannot switch to
 > the unprivileged user. The shell is giving me a "Permission Denied"
 > error.

What are the permissions on /bin/tcsh inside the jail?
Is it executable?  Are the permissions of all of its
libraries correct?  ("ldd /bin/tcsh" will list the libs.)
Are the permissions on the home directory correct?

If everything else fails, trace the shell inside the jail
(with strace, truss or ktrace).  It will list the exact
system call that fails.

By the way, I recommend that jails which contain daemons
(such as webservers, databases etc.) do not contain login
accounts.  In fact, I never put /bin/tcsh inside a jail
that contains a webserver.  Apache certainly doesn't need
it.  Some ports do need /bin/csh during the build process,
but for building ports I recommend to use a separate jail
anyway, create packages and pkg_add them in the actual
webserver jail.

Just my 2 cents.

Best regards

Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M.
Handelsregister: Registergericht Muenchen, HRA 74606,  Geschäftsfuehrung:
secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün-
chen, HRB 125758,  Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart

FreeBSD-Dienstleistungen, -Produkte und mehr:  http://www.secnetix.de/bsd

$ dd if=/dev/urandom of=test.pl count=1
$ file test.pl
test.pl: perl script text executable

More information about the freebsd-questions mailing list