HPE Community
Operating System - HP-UX
1826215 Members
2894 Online
109691 Solutions
New Discussion

Re: how to chroot a user

 
sys-sbd
Advisor

‎12-02-2005 12:38 AM

‎12-02-2005 12:38 AM

how to chroot a user

Hi,
Is there a mean to create a restricted login in order to give it just the rights to browse on it's
home directory and subdirectories.javascript:postMessageSubmit('submit');
Submit
I know that there is the rksh shell but it seems that the user don't access also to his own sub-directories.
Thanks for you advices
0 Kudos
Reply
2 REPLIES 2
James R. Ferguson
Acclaimed Contributor

‎12-02-2005 01:01 AM

‎12-02-2005 01:01 AM

Re: how to chroot a user

Hi:

You should be able to edit '/etc/passwd' for the user that you want to "jail". You will need to put all the files and commands you want them to be able to run in their directory. The 'passwd' entry should look something like:

jail:xxxxxxxxxxxx:999:20:::/home/jail/./:/usr/bin/false

Regards!

...JRF...

0 Kudos
Reply
Steven E. Protter
Exalted Contributor

‎12-02-2005 01:02 AM

‎12-02-2005 01:02 AM

Re: how to chroot a user

Shalom sys-sdb,

If the rsh shell is used, the user needs commands like ls accessible in his/her home directory, otherwise the user can't see anything.

A chroot user is a user configured that his/her home directory, defined in /etc/passwd is the root.

That leaves no system fucntionality at the command prompt. Create a directory in the user home directory called bin.

Copy the ls and a few other critical command into the bin directory.

Set the PATH to include bin/

Now see if the user can see his/her home directory files.

You add functionality by adding needed commands to bin.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.