On 01/25/2016 12:54 PM, Jeffrey Ross wrote:

...

On 01/25/2016 06:55 AM, Jeffrey Ross wrote:

...

I'm in the process of setting up an SSH jail, for the most part its working as expected with one exception, I want to provide access to /dev/ttyUSB0 through /dev/ttyUSB4 (not 2) via cu.

When I attempt to use "cu -lttyUSB0 -s9600" I always get "line in use" even through it is not in use and from another account not restricted to the "jail" I can successfully connect to the ttyUSB0.

I've tried creating $chroot/

run/ lock/ lockdev/ uucp/ var/ run -> symbolic link to $chroot/run lock -> symbolic link to $chroot/run/lock

and then matched the directory permissions so they are the same as the "real" system.

ls -l $chroot/dev/ttyUSB? crwxrwxrwx 1 root dialout 188, 0 Jan 24 14:48 ttyUSB0 crwxrwxrwx 1 root dialout 188, 1 Jan 24 14:49 ttyUSB1 crwxrwxrwx 1 root dialout 188, 3 Jan 24 14:49 ttyUSB3 crwxrwxrwx 1 root dialout 188, 4 Jan 24 14:49 ttyUSB4

The dialout group is 18 and the user is in group 18, initially I set the permissions for the ttyUSB? to 660 before changing it to 777 as a last ditch effort.

The "real" /dev/ttyUSB? -

ls -l /dev/ttyUSB? crw-rw---- 1 root dialout 188, 0 Jan 24 14:44 /dev/ttyUSB0 crw-rw---- 1 root dialout 188, 1 Jan 23 21:48 /dev/ttyUSB1 crw-rw---- 1 root dialout 188, 3 Jan 24 15:12 /dev/ttyUSB3 crw-rw---- 1 root dialout 188, 4 Jan 23 21:48 /dev/ttyUSB4

I'm probably missing something simple and any suggestions would be appreciated.

Uhm, double check the permissions on the $chroot/var/run and $chroot/var/lock directories and make sure that the user you're trying to run as has write permissions in those directories. It's been a while, but IIRC the only way cu can determine if a device is in use is by checking the lock files and if it can't create a lock file, it says the device is in use.

Why in the devil would you pull out that ancient program anyway? Man! I haven't even LOOKED at cu/uucp in 15 years at least!

Just in case the permissions were wrong I did a chmod -R 777 on the run directory, no dice, so I did the next best thing, I ran "strace -ff -o outfile cu -l...." found a few libraries I missed, not sure if that was part of the issue as that's not where the failure occurred. I did find that it forked (?) lockdev which is a program that I had not included $chroot, so I brought that program over into $chroot/usr/sbin/lockdev set the permission appropriately and everything began working.

Why did I choose "cu" I know uucp is ancient but for a quick and dirty way to connect to various serial interfaces cu seems to work well, and although the remainder of the uucp suite comes with cu I did not configure uucp :)

If you've got a suggestion for another program to use that will allow quick connectivity to various serial ports I'm all ears.

How about minicom? Much more flexible.

You could have done an "ldd `which cu`" to find out what libraries it uses, as well:

[root@prophead ~]# ldd `which cu` linux-vdso.so.1 (0x00007fff015e3000) liblockdev.so.1 => /lib64/liblockdev.so.1 (0x00007fee0c1f5000) libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fee0bfdc000) libc.so.6 => /lib64/libc.so.6 (0x00007fee0bc1b000) /lib64/ld-linux-x86-64.so.2 (0x000055a6208a4000)

However, running anything in a chroot jail is always sort of a problem.

Thanks!

Jeff