# SFTP logs for a chroot environment



## piwwo (Nov 9, 2016)

Hello,

I am using NAS4Free which is based on FreeBSD and I need to get a logging running for users that have their directory chrooted and access it with sftp only. I have chroot and sftp set up and everything works fine. However I can't get syslog to run. When I disable chroot in sshd.conf, I get the log entries in /var/log/system.log
I have found and read this solved thread that has a solution for my problem, however it seems. that I am supposed to set a flag in rc.conf


```
syslogd_flags="-s -l /mnt/storage/someuser/dev/log"
```

The question is now, how do I do that with multiple users? Do I have to have that line for every user on my system or is there some way to have it with a variable like in my sshd.conf


```
ChrootDirectory /mnt/storage/chroot/home/%u
```

I am supposing syslog wouldn't know about the user that's logged in to find the user's specific socket in their chroot/dev/log, or?

EDIT: I edited /etc/rc.d.conf  to include -s -l /mnt/storage/testuser/dev/log in the command line and now syslog runs with the dev/log socket file and I see the entries in the log file.


```
root 59697   0.0  0.0  14556  1824  -  Ss   10:52AM      0:00.00 /usr/sbin/syslogd -s -l /mnt/storage/testuser/dev/log -8 -ss -f /var/etc/syslog.conf
```

So I now have to find out how I set that path for _any_ user logged in. Where ever I look, all just tell me about setting it for _one_ user not for all.

Thank you for any help


----------



## SirDice (Nov 9, 2016)

piwwo said:


> I am using NAS4Free


PC-BSD, FreeNAS, NAS4Free, and all other FreeBSD Derivatives


----------



## piwwo (Nov 9, 2016)

SirDice said:


> PC-BSD, FreeNAS, NAS4Free, and all other FreeBSD Derivatives


Yes I know. Sorry but I thought the issue is about syslogd and would be the same under FreeBSD and this community is bigger. I got no help in the other forum asking the same question.

How would I solve this under FreeBSD? If it's so different in NAS4Free, I would even switch to vanilla FreeBSD with the whole system.


----------



## ABV (Nov 10, 2016)

I think you might need to specify every user in rc.conf. sshd can run scripts when a user connect, but it uses the user's shell and they presumably are set to nologin. Even if you did give them a shell I don't think you can do anything with syslogd without root privileges.
Even if rc.conf could use variables, which I don't think it can, it's only run on boot so %u would only be evaluated once, as root.


----------



## Oko (Nov 10, 2016)

piwwo said:


> Hello,
> 
> I am using NAS4Free which is based on FreeBSD and I need to get a logging running for users that have their directory chrooted and access it with sftp only. I have chroot and sftp set up and everything works fine. However I can't get syslog to run. When I disable chroot in sshd.conf, I get the log entries in /var/log/system.log


This is an ultra interesting post. I bet you need to copy syslog binaries into the chroot or something along those lines. I would actually post the question on misc@openbsd and see what smarter people than I have to say.


----------

