I followed your instruction but failed to get it to work. I suspect that the “~/mkchroot.sh” didn’t quite get made executable successfully. I don’t see the “$jail_dir” directory. I set the chrootpath to my desired rather than /home/chroot. Does the chrootpath have to be /home/chroot? How do I make sure that ~/mkchroot.sh gets made executable successfully?

Scott

You may possibly need a symbolic link to sftp-server.

sudo ln /home/chroot/usr/lib/openssh/sftp-server /home/chroot/usr/lib/

Check the path with rssh -v as well.

Please let me know if that cures it. Thanks!

The SFTP users will have access to everything in /home/chroot but they should not be able to leave the /home/chroot area. When trying to SSH in do you get disconnected with a notice that the account is limited to SFTP only? If so then that’s a good sign things are working. (along with not being able to leave /home/chroot)

Cheers,
~Dave

Please let me know.

Thanks

Corey

I’ve got some work to do this coming weekend with which this will make much easier.

Cheers

Here’s the code:
#!/bin/sh
#
# this program will scan the logs created by vlogger,
# create an awstat configuration file for each of them
# and then execute an update of the awstats statistics
#
# it assumes that vlogger rotation is disabled (-n option)
# a good way is to rotate the logs with logrotate and run
# this program in the prerotate directive
# this shold be done if you dont want to lose any record in the rotation
#
# you can run this program as often as you need as a cron job
#
# Apache log facility setting:
# LogFormat “%v %h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”" combined
# CustomLog “| /usr/sbin/vlogger -n -s access.log -t access.log /var/log/apache2″ combined
#
# This program is based on the idea from dave
# http://davelozier.com/2008/06/20/awstats-vlogger/

logdir=/var/log/apache2
confdir=/etc/awstats
datadir=/var/lib/awstats
cgidir=/cgi-bin
logfile=access.log
awCommonSetupFile=/etc/awstats/awstats.conf.local
apacheUser=www-data
apacheGroup=www-data

# check if we are the only running instance of the program
LOCK=”/tmp/${0##*/}.lock”
[ -e “${LOCK}” ] && exit 0
touch “${LOCK}”

# if a log directory exists in /var/log/apache and this site has no awstat conf file
# create it awstat.sitename.conf
cd $logdir
for directory in *
do
# does the site (ServerName) directory exist and is there a matching awstats config file?
awstatsconf=”$confdir/awstats.$directory.conf”
if [ -d ${directory} ]
then
if [ ! -f ${awstatsconf} ]
then
# create configuration file
printf “Include \”%s\”\nLogFile=%s\nSiteDomain=%s\nDirData=%s\nDirCgi=%s\n” \
$awCommonSetupFile \
“$logdir/$directory/$logfile” \
$directory \
$datadir/$directory \
$cgidir/$directory > $awstatsconf
#create logging directory
mkdir $datadir/$directory
fi
fi
done

# execute all updates found in $confdir
# this allow to execute manually added stats configuration files for sites not logged in the $logdir directory (smtp, ftp for instance)
cd $confdir
for conffile in awstats.*.conf
do
# extract sitename from $conffile
sitename=`echo $conffile | awk ‘BEGIN {FS=”.”} {i=2; while (i < NF) {if (i<(NF-1)) printf(”%s.”,$i); else printf(”%s”,$i); i++; }}’`
# update stats
/usr/lib/cgi-bin/awstats.pl -config=$sitename -update
done

#change ownership of stats data in order to allow the direct update from web interface (parameter AllowToUpdateStatsFromBrowser)
chown -R $apacheUser.$apacheGroup $datadir

#remove lockfile
rm “${LOCK}”

exit 0