From: Justin Mason (jm at domain netnoteinc.com)
Date: Mon 23 Aug 1999 - 16:22:48 IST
Paul Jakma said:
> >
> > I'd like to set up an account on an RH6.0 machine with chrooted
> > access and a minimal set of commands. Does anyone have suggestions
> > on the best procedure?
> >
>
> There was talk of a pam_chroot, but i can't find actual code anywhere. The
> other option is then to create a chrootsh script file, which chroots to
> their homedir and execs a real shell, and make this chrootsh their login
> shell.
Yep -- but make sure the script is in /etc/passwd and not run from
.profile or whatever, otherwise a quick ^C breaks out. ;)
BTW be very careful what commands you put in that set, and if possible
mount any writable filesystem bits with the nosuid and noexec flags so
that they can't simply ftp or rcp over "mount" and run that somehow.
> your bash problem is probably due to it not finding the right libraries.
> (the "file not found" error doesn't neccesarily refer to not finding bash).
Agreed.
--j.
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:29 GMT