Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 4 product line. The current stable release is 4.9. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 440043

Summary: request to add chroot sftp capabilty into openssh-server
Product: Red Hat Enterprise Linux 4 Reporter: Marcelo Giles <mgiles>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0CC: cbuckley, sputhenp, tao
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-10-17 08:26:09 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 440240    

Description Marcelo Giles 2008-04-01 14:40:36 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9b4pre) Gecko/2008030315 Red Hat/3.0b4pre-0.beta3.4.el5 Minefield/3.0b4pre

Description of problem:
Customer is requesting, for security reasons, that we add chroot capability to our sshd server, more specifically for sftp.

Upstream OpenSSH software version 4.9 recently incorporated this feature.

See release notes and man pages:

http://openssh.org/txt/release-4.9
http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config 

Can we backport this feature into our current version of the openssh-server package for RHEL?

Version-Release number of selected component (if applicable):


How reproducible:
Always


Steps to Reproduce:
1. Use of current OpenSSH RHEL software

Actual Results:
No chroot environment built in configuration options.

Expected Results:
An openssh-server capable of built in chroot configuration options.

Additional info:
Comment 1 Tomas Mraz 2008-04-02 11:42:04 UTC 
Given the state of maintenance of RHEL-4 I am not sure this is appropriate
feature for backport. It would also have to be backported to RHEL-5 first so we
wouldn't regress feature-wise.
Comment 3 Christopher J. Buckley 2009-04-09 12:50:06 UTC 
(In reply to comment #1)
> Given the state of maintenance of RHEL-4 I am not sure this is appropriate
> feature for backport. It would also have to be backported to RHEL-5 first so we
> wouldn't regress feature-wise.

Would you consider backporting it to RHEL5, Thomas?

Thanks,
Chris
Comment 4 Tomas Mraz 2009-04-09 13:34:19 UTC 
Yes, it will be part of 5.4 if QA goes well. See bug 440420