Jailed SSH users "cannot find name for group"

[luschache]

Dear members,

I followed the manual to create a jailed ssh environment for my users which is working fine. Though, when they login they see this message:

id: cannot find name for group ID XXX
id: cannot find name for user ID XXX
[I have no name!@srv ~]$

Does anyone knows what to do to remove those messages?

Thanks in advance!

 

[zEitEr]

Hello,

What exactly manual did you follow? And what OS are you running there?

 

[luschache]

I followed this manual: http://help.directadmin.com/item.php?id=90. I run Centos.

 

[zEitEr]

What you see with

ls -la /etc/passwd
ls -la /etc/group

?

 

[luschache]

[I have no name!@srv2 ~]$ ls -la /etc/passwd
-rw-r--r-- 1 0 0 119 Mar 1 14:38 /etc/passwd
[I have no name!@srv2 ~]$ ls -la /etc/group
-rw-r--r-- 1 0 0 31 Mar 1 14:38 /etc/group

 

[zEitEr]

What version of CentOS are you running?

Note the jail feature is beta yet.

 

[luschache]

version 5.7

 

[NoBaloney2]

The problem is probably that a jailed user cannot see the /etc/passwd file so he can't convert the user and group IDs to names.

Normal for jailed users unless there's a local /etc/passwd file inside the jailed environment.

Jeff

 

[luschache]

Actually there is an /etc/passwd file in the jailed environment as you can see in my previous post.

 

[luschache]

This is the content of the passwd file:

$ ssh [email protected]
[email protected]'s password:
Last login: ... from …
id: cannot find name for group ID 613
id: cannot find name for user ID 612
[I have no name!@srv2 ~]$ vi /etc/passwd

root:x:0:0:root:/root:/bin/bash
apache:x:101:500::/var/www:/bin/false
user:x:612:613::/home/user:/bin/bash

 

[NoBaloney2]

Sorry for that mistake; I read too quickly. I haven't jailed anything in years, so I'm not familar enough to figure it out except on a box following all the instructions and I haven't done that, so probably I should butt out.

However I did notice that your passwd and group files are chmod 644; I'd suggest that for highest security they be chmod 444; see: http://unixwiz.net/techtips/chroot-practices.html

This shouldn't affect operation of the chroot jail, though.

I don't have time to study this further; I'd suggest that since you followed DirectAdmin supplied How-To you might want to contact DirectAdmin support.

Jeff

 

[zEitEr]

[I have no name!@srv2 ~]$ ls -la /etc/passwd
-rw-r--r-- 1 0 0 119 Mar 1 14:38 /etc/passwd
[I have no name!@srv2 ~]$ ls -la /etc/group
-rw-r--r-- 1 0 0 31 Mar 1 14:38 /etc/group

And what about your files on master (node) FreeBSD?

 

[luschache]

And what about your files on master (node) FreeBSD?

What do you mean?

 

[zEitEr]

I mean the files outside the jail, those ones on host machine? Are they also world-readable?

 

[luschache]

Yes they are