LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-17-2006, 12:38 PM   #1
gigiskhan
LQ Newbie
 
Registered: Jun 2006
Posts: 3

Rep: Reputation: 0
Question .bashrc not run in a chrooted enviroement


Hi dears,

I setup a chroot environment for allowing user to connect my server without having access to the files.

This works pretty well, but the problem is that when they log in, they are put in the / of the chroot. I would like them to be put in /home/$user as soon as they log in so that they do not see the directories in /

what i did is to put in each ~/.bashrc file the following command:

cd $HOME

but this does ot work, in fact it seems that when they log in the bashrc file is not used.

here is my chroot command:
Code:
exec -c /usr/sbin/chroot /pub /bin/env -i \
        HOME=/home/$USER USER=$USER TERM=$TERM PS1='\u:\w\$ ' \
        /bin/bash --login
nb the home dir is in /pub
when i am logged in, if i run bash, then bashrc is executed.

Do someone have any idea on how to redirect each user to theire home directory
 
Old 07-17-2006, 12:48 PM   #2
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
You seem to be chrooting them to /pub, in which case their home directory would have to be /pub/home/$USER or else they would not be able to see their own files.
 
Old 07-17-2006, 01:05 PM   #3
gigiskhan
LQ Newbie
 
Registered: Jun 2006
Posts: 3

Original Poster
Rep: Reputation: 0
Unhappy

thank you Matir for reading me.
Yes, the directory /pub/home/$USER exists, and if i log in with a user that is chrooted and type cd
or cd $HOME
He is put in this directory.

My problem is that i would like the user to be put directly in his home directory as soon as he logs in.
 
Old 07-17-2006, 01:53 PM   #4
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Hrrm... have you looked at pam_chroot instead of a roll-your-own chroot solution?
 
Old 07-18-2006, 05:40 AM   #5
gigiskhan
LQ Newbie
 
Registered: Jun 2006
Posts: 3

Original Poster
Rep: Reputation: 0
Smile

thnak you so much for this information, i will have a look at it.
My problem is that i want to put those account on a separate hard drive.

I will keep you in touch.

regards
 
Old 07-18-2006, 06:41 AM   #6
nx5000
Senior Member
 
Registered: Sep 2005
Location: Out
Posts: 3,307

Rep: Reputation: 53
Quote:
but this does ot work, in fact it seems that when they log in the bashrc file is not used.
Yes, because its a login shell, man bash for part INVOCATION

Put it in /etc/profile for example.
 
Old 07-18-2006, 09:06 AM   #7
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Good catch. I forgot that I had my bashrc and bash_profile symlinked to each other so it will always get read.
 
  


Reply

Tags
bashrc, chroot


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chrooted Postfix? How would I know? panicbox Linux - Security 2 03-07-2006 04:27 AM
gpm-root can't be run from bashrc? atom Linux - Software 3 08-22-2005 03:27 PM
What does chrooted mean? Red Squirrel Linux - Software 6 08-21-2005 08:41 PM
is service chrooted? overlord73 Linux - Security 2 07-06-2005 01:10 AM
Chrooted Apache dominant Linux - Security 4 09-20-2004 02:48 AM


All times are GMT -5. The time now is 08:52 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration