# 'elevated' Jail use: csh refuses to start



## ShelLuser (Aug 10, 2018)

Hi gang,

Becoming a bit bored with having to elevate myself to root all the time I figured I'd try something else: `# chmod 4550 /usr/sbin/jexec`. At first this seemed to work exactly as I intended:


```
peter@zefiris:/home/peter $ id
uid=1001(peter) gid=1001(peter) groups=1001(peter),0(wheel),964(git),1003(torrent),1006(dvd)
peter@zefiris:/home/peter $ jexec psi sh
# id
uid=1001(peter) gid=1001(peter) euid=0(root) groups=1001(peter),0(wheel),964,1003,1006
```
Because of my now elevated session I prefer not using /bin/sh but the default root shell /bin/csh instead, however that doesn't work for some reason:


```
# csh
csh: Permission denied.
```
At first I assumed that my effective user id could have something to do with this, but study of csh(1) hasn't shown me anything leading in this direction so far. So I decided to use truss and see if that would show me something:


```
ioctl(16,TIOCGETA,0x7fffffffe180)                = 0 (0x0)
stat("/usr/share/nls/C/libc.cat",0x7fffffffdc88) ERR#2 'No such file or directory'
stat("/usr/share/nls/libc/C",0x7fffffffdc88)     ERR#2 'No such file or directory'
stat("/usr/local/share/nls/C/libc.cat",0x7fffffffdc88) ERR#2 'No such file or directory'
stat("/usr/local/share/nls/libc/C",0x7fffffffdc88) ERR#2 'No such file or directory'
ioctl(16,TIOCGETA,0x669760)                      = 0 (0x0)
write(18,"csh: Permission denied.\n",24)         = 24 (0x18)
getpid()                                         = 340 (0x154)
exit(0x1)
process exit, rval = 1
```
The '_No such file or directory_' isn't really special, I get the same results when I (successfully) execute csh on the host itself.

Also this doesn't seem related to anything external because csh works normally when I don't "abuse" jexec to set my effective userid:


```
peter@zefiris:/home/peter $ ssh 10.0.1.6
Password:
Last login: Fri Aug 10 23:35:50 2018 from psi.intranet.lan
FreeBSD 11.2-RELEASE (Psi) #0 r335886: Sun Jul  8 03:46:16 CEST 2018

Welcome to FreeBSD!

$ csh
%
```
Peculiar behavior which I can't get my fingers behind so far 

Thanks in advance for any ideas.


----------



## fbsd1 (Aug 11, 2018)

Try using the su cmd or one of the other pkg utilities to get root privileges. That is the standard way to use jails.


----------



## ShelLuser (Aug 11, 2018)

fbsd1 said:


> Try using the su cmd or one of the other pkg utilities to get root privileges. That is the standard way to use jails.


I'm well aware, that's exactly what I'm trying to avoid


----------



## SirDice (Aug 13, 2018)

Something I created a long time ago:

```
root@molly:~ # cat bin/jsu
#!/bin/sh

jexec $1 /usr/bin/su $2 $3 $4 $5 $6
```


```
root@molly:~ # jls
   JID  IP Address      Hostname                      Path
     1  192.168.10.202  j-ports.dicelan.home          /jails/j-ports
root@molly:~ # jsu ports -
root@j-ports:~ #
root@j-ports:~ # id
uid=0(root) gid=0(wheel) groups=0(wheel),5(operator)
root@j-ports:~ # echo $SHELL
/bin/csh
root@j-ports:~ #
```

You could probably turn this into an alias quite easily.


----------



## Maxnix (Aug 13, 2018)

Just wondering: maybe the *-U *option of jexec(8) could help?


----------

