1

I have installed Cygwin with Apache, PHP, Mercurial, MYSQL, OpenSSH, PYTHON

I have updated sshd_config to chroot jail to access user-defined folders

example:

Match group sftp_users

ChrootDirectory /home/%u

SSH / SFTP works fine as I wanted.

After my connection to SSH, I get bash. There if I want to run any command like 'dir, hg, mysql, whatever' I simply get command not found

googling for days I tried below steps

  1. copying all files from C:/cygwin/bin to 'C:/cygwin/home/username/bin' and similarly dev,etc,lib,sbin,tmp,usr,var - this actually gives me different error something like error while loading shared libraries
  2. I tried updating on fstab like C:/cygwin/bin /bin ntfs binary 0 0 even that didn't make any change in my SSH connection command
  3. I tried adding path while making the SSH connection like plink.exe ssh -pw xxx username@hostname -v C:/cygwin/bin/python and I also tried plink.exe ssh -pw xxx username@hostname -v ../bin/python
  4. If I change sshd_config to its default, somehow the command works but I get wired output similar to the image below Command prompt response after plink SSH connection-wired

help me this could save my life.

Community
  • 1
yellowandred
  • 61
  • 7
  • It sounds like your Environment Path is empty. What happens when you run `echo $PATH` in the chroot? – zymhan Aug 28 '18 at 18:17
  • I have them all `/usr/local/bin:/usr/bin:/cygdrive/c/Windows/system32:/cygdrive/c/Windows:/cygdrive/c/Windows/System32/Wbem:/cygdrive/c/Windows/System32/WindowsPowerShell/v1.0:/usr/bin:/home/myproject/bin:/home/myproject/lib` – yellowandred Aug 29 '18 at 08:40
  • What are you trying to achieve that can't be addressed with file/folder permissions? You shouldn't be blindly copying "everything" into a chroot environment. – roaima Aug 31 '18 at 06:43
  • I tried copying everything in to chroot environment, but I am getting 'error while loading shared libraries' this error for all the commands, including commands like 'dir, ls, ldd, python' – yellowandred Aug 31 '18 at 06:48
  • I can see what you did. **Why** do you want a chroot environment? – roaima Sep 01 '18 at 16:46
  • The Windows permission system *per se* is very fine-grained, works well and is reliable. However, the default permissions in a fresh Windows installation are hopelessly messed up. As an example, consider `C:\Users` in a fresh installation. Why on earth does the group `everyone` have read permissions there? I haven't investigated in detail, but I bet that there are hundreds of other locations with inappropriate permissions. Mix that with group policies (e.g. everyone by default has the right to bypass traverse checking), then it gets clear why we urgently need chroots under Windows. – Binarus Mar 04 '22 at 17:55
  • @yellowandred I have successfully tried the same without any problems. In my case, it was sufficient to copy `/bin` and `/usr/bin` into the chroot (be careful and don't let dereference links). Then `chroot` and the usual client commands worked as expected. I can't tell what went wrong in your case, but at least I can confirm that your method usually works. – Binarus Mar 04 '22 at 18:00

1 Answers1

0

Cygwin provides a dll that remaps Linux and POSIX calls to Windows API calls. Tools like chroot depend on having a proper Linux userspace and do not map nicely when using workaorunds like cygwin - although if you really want to do this it's possible, see here for what might be required.

What I'd recommend instead is using a real Linux userspace along with the newer Windows Subsystem for Linux. This provides a real Linux-compatible kernel interface supported by Microsoft, along with the real Linux userspace you'd get on a normal Linux system. The tools you mentioned should all work nicely in that setup, chroot and all.

dwurf
  • 910
  • 8
  • 15