setting up chroot

RonD · 06-27-2011, 06:28 PM

It's been awhile since I've implemented the use of "chroot", and then that was on HP-UX many years ago. Does anyone have any documents, or can you point me to a good blog or website that will guide me through setting up a user account that's "chroot"ed?

Thanks,

kbp · 06-27-2011, 08:56 PM

I haven't done any recently either but it depends on how they're coming in ... ftp, ssh, something else?

nightg0at · 06-27-2011, 10:42 PM

I found Jailkit http://olivier.sessink.nl/jailkit/ to be quite nice.
I wrote a blog a few months ago on setting up a user to run an app using jailkit. The app I used was rtorrent, but you could adjust it to fit whatever.
http://nightg0at.blogspot.com/2011_03_01_archive.html
What I like about chroot jails is that not only do you get the security of a jail (assuming its set up properly) but you can also write iptable rules specific to that one user account.

Noway2 · 06-28-2011, 07:44 AM

See post four of this thread: http://www.linuxquestions.org/questi...erences-45261/
Lots of information on setting up and using chroot.

RonD · 06-28-2011, 08:06 AM

Thank you all for the quick replies.

kbp - the intent is to allow one of our vendors to ftp into the server to deliver files and I don't want to open the rest of the server up to them should one of their employees decide they want to "investigate".

kbp · 06-28-2011, 07:27 PM

FTP is pretty easy to chroot, I'd say pretty much all products have built-in support for it - which server are you using ?