snoopy icon indicating copy to clipboard operation
snoopy copied to clipboard

Published 20 hours ago verified publisher icon a2o

snoopy for chroot

Open hatamiarash7 opened this issue 1 year ago • 4 comments
trafficstars

How can I use Snoopy for restricted SSH access like the chroot? Can you help me? The normal installation on the host does not collect logs for this type of user.

I have these groups:

  • admin users ( snoopy worked )
  • normal users ( snoopy worked )
  • restricted users / chroot ( snoopy not worked )

hatamiarash7 avatar Feb 12 '24 08:02 hatamiarash7

Processes within chroot are limited to seeing whatever is inside that chroot. This means that if there aren't /etc/ld.so.preload and .../libsnoopy.so (and snoopy.ini) files in their correct locations inside chroot, preloading Snoopy inside chroot will not work.

bostjan avatar Feb 12 '24 15:02 bostjan

I tried all these and it didn't work. The following files are currently available:

  • /<CHROOT DIR>/etc/ld.so.preload
  • /<CHROOT DIR>/etc/snoopi.ini
  • /<CHROOT DIR>/var/log/auth.log
  • /<CHROOT DIR>/lib/x86_64-linux-gnu/libsnoopy.so

hatamiarash7 avatar Feb 13 '24 10:02 hatamiarash7