Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I've searched and searched and this seems like such a common need - so many people looking for a solution and no good answer.
I want to let users log in to a shell account, but I don't want them to be able to move out of their home directory.
I've tried jailkit and makejail, to no great success. I am running fedora core 2.
If I have users tom, dick, and harry and their home directories are:
I would prefer to be able to keep tom from making it out of his directory, dick from his, harry from his.
I am willing to give them all access to /home as their root. I would prefer NOT having to move all the sbin binaries to their directories so they can run things.... I just don't want them to browse the system. I feel like if I use this method I will leave something out that is needed or create another hole.
If this is a complete impossibility - is there a good way to create a "machine within a machine" where users *could* login and have access to an entire filesystem that runs seemingly independent of the main system?
thanks in advance, I've been fighting with this for days.
Last edited by coloradopaul; 09-16-2004 at 11:37 PM.
Have you tried the Jail Chroot Project. It has a utility that automagically copies over any needed bins and libs for most standard user utils, though you still have to copy over any additional special software with the addjailsw utility. It's fairly easiy to setup and configure as well.