Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    "no user exists for uid 1002" - ssh in chroot


    Hi,
    I try to setup a chroot jail. The user in the jail should be able to use the ssh client.
    Unfortunately, if I call "ssh" I get the error "no user exists for the uid 1002". Similar thing happens with "whoami": "cannot find name for user ID 1002". The user for uid 1002 is "remote".

    Looks like it cannot resolve uids to names? This is supported by the fact that "ls" shows numbers instead of names, too.

    What I checked so far:
    I copied the dependent libs of ssh and whoami using ldd and l2chroot.
    I copied the user "remote" and its group from /etc/passwd and /etc/group to the jail. The permissions are 644.
    I checked id: uid=1002 gid=100 groups=100,1002
    I added nsswitch.conf and libnss* libs.

    What does chroot need to resolve names?

    Thank you for your support.

  2. #2
    Linux Engineer
    Join Date
    Jan 2005
    Location
    Saint Paul, MN
    Posts
    818
    The usage of "chroot" the system can only see stuff in the directory tree starting at the directory used on the "chroot" command.

    Say that you had the command:
    Code:
    chroot  /some/path/sprecified
    The stuff run in that change root looking for "/etc/passed" would be the one located at:
    Code:
    /some/path/sprecified/etc/passed
    as the "chroot" makes the path that was specified to look as it it is "/". That is why it is called "chroot jail" as not everything is present in the chrooted directory tree.

  3. #3
    Thank you,
    I am aware of this fact. In my case the chroot directory is "/chroot/ssh" So I copied the relevant parts of /etc/passwd to /chroot/ssh/etc/passwd and so on.
    As I wrote I added the dependent libraries to the jail (ldd). However something is missing to resolve user names and I do not know what. I would like to use ssh client from within the shell. It does not look like it is ssh's fault that it is not running.

    Can someone elaborate how linux resolves uids to user names and what infrastructure is required for that?

  4. $spacer_open
    $spacer_close
  5. #4
    -->
    Ok, I solved the issue myself. The error was in in resolv.conf that i copied from /etc.
    In my case it read:
    passwd: compat
    group: compat

    I had to change that to:
    passwd: files
    group: files

    Now ssh works as expected.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •