CHROOT Tutorial?

Mike McCarty Mike.McCarty at sbcglobal.net
Tue Sep 18 19:45:22 UTC 2007


Manuel Arostegui Ramirez wrote:
> 
> http://www.todo-linux.com/modules.php?name=News&file=article&sid=2485
> 

I followed that with a few modifications to make the chroot
environment look a little bit more like the natural environment.
One change I made was to put the jailed shell in

	/usr/local/bin/jail_shells/pajaro

rather than in /bin/jail. This allows easy setup of different
users with jailed shells named for them. Another was to add
/home/pajaro/home/pajaro, so that the "home" directory shows
up in the chroot environment.

I see some consequences which are somewhat different from the
"normal" environment.

(1) I found that

	$ su - pajaro

worked to log in, but not

	$ login
	login: pajaro
	Password:
	Login incorrect

(2) The user must enter his password twice when logging in,
once for the user and once for sudo to execute the chroot.

(3) The user, though jailed, runs as root in the chroot
environment, not as himself

	bash-2.05b# whoami
	whoami: cannot find username for UID 0

(4) After the initial login, the current directory is
/, not $HOME.

	bash-2.05b# pwd
	/
	bash-2.05b# ls
	bin  home  lib  usr
	bash-2.05b# cd
	bash-2.05b# pwd
	/home/pajaro
	bash-2.05b#

Mike
-- 
p="p=%c%s%c;main(){printf(p,34,p,34);}";main(){printf(p,34,p,34);}
Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!




More information about the fedora-list mailing list