I have been tasked with creating two ssh users that are mailed:
1) datasample - needs to connect via ssh and check load averages and memory usage using
free and
uptime commands
2) filefetch - needs to connect via scp from remote machine to fetch a file
I have followed the instructions
here and
here and have created a /var/jail directory. This does indeed seem to have worked for the most part. When I connect as my new user datasample, I am clearly jailed and only the ls command is available.
The problem I'm having is that apparently I need access to the proc directory if I am to check free & uptime and I'm not sure how to grant access to the actual real, non-jailed, living, breathing proc directory. I'm also concerned about the security implications of granting access to this dir. When I try to execute the uptime command as a jailed user, I get this error:
Code:
$ uptime
Error: /proc must be mounted
To mount /proc at boot you need an /etc/fstab line like:
proc /proc proc defaults
In the meantime, run "mount proc /proc -t proc"
Similar results for free:
Code:
$ free
Error: /proc must be mounted
To mount /proc at boot you need an /etc/fstab line like:
proc /proc proc defaults
In the meantime, run "mount proc /proc -t proc"
Can anyone suggest how I can securely make these commands available to my jailed datasample user?