jail login and replication problems

[Lowell Gilbert]

Dan Rue <drue at therub.org> writes:

> Greetings, 
> 
> I am setting up multiple jails on a machine.  The first jail, everything
> works fine.  If I add a user, that user can log in.  If I tar cvzpf the
> jail, tar xvzpf to create a new one, some people can log into the new
> jail, and some can not.
> 
> The user that can log in to the new one was the first user created (me),
> but any subsequent users can not log into new jails..  
> 
> The symptom is right after accepting the password via ssh, the
> connection will just get dropped.  I could not find any good error
> messages using ssh..  But if I enable telnet and try to telnet in, I
> receive this error in /var/log/messages: 
> 
> Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /home/user3/.login_conf: Permission denied
> Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /etc/login.conf: Permission denied
> Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /home/user3/.login_conf: Permission denied
> Jul 26 16:11:46 jail3 login: _secure_path: cannot stat /etc/login.conf: Permission denied
> 
> The permissions on those files are fine.  
> 
> So what would cause that error in jails that have been replicated using
> tar, but only to some users?  I'm stumped.. 
> 
> Here's my rc.conf exerpt: 
> 
> jail_enable="YES"
> jail_list="jail3"
> jail_socket_unixiproute_only="NO"
> jail_sysvipc_allow="YES"  # allow shared mem on all jails
> 
> jail_jail3_rootdir="/jails/jail3"
> jail_jail3_hostname="jail3.example.com"
> jail_jail3_ip="10.0.0.203"
> jail_jail3_procfs_enable="YES"
> jail_jail3_devfs_enable="YES"
> jail_jail3_devfs_ruleset="devfsrules_jail"

Try comparing the home directories of the different users.
And if you crank up the verbosity of sshd, you may get more useful
information.