chroot help

Smokey · 11-04-2004, 01:14 AM

Im reading the man page but its short and it doesnt show examples......I want to chroot jail /home/example so that my user 'example' cannot cd into other directories?

ugenn · 11-04-2004, 03:01 AM

chroot <chroot_dir> <command_to_run>

eg. chroot /foo /bin/sh # run the shell in the chrooted environment

Smokey · 11-04-2004, 03:05 PM

Hmm........but I would like to assign a certain user that does not have root access. Is this going to cause problems?

chroot /home/example /bin/zsh

?

ugge · 11-04-2004, 03:15 PM

The chroot command is used to make a new root folder, this means that anyone, user or command, are totally unable to reach ANYTHING outside of that directory branch. So if you would set another root for a user he wouldn't be able to do anything (if he would be able to login at all), since all commands are outside of his "root-jail".

ugenn · 11-04-2004, 10:26 PM

chroot is a privileged cmd, it will only run as root.

gbonvehi · 11-05-2004, 12:12 AM

Add this to /etc/profile (at the end) but changing the uid to the user.

Code:

if [ "`id -u`" = UID ]; then
 chroot /home/example /bin/sh
fi

Cedrik · 11-05-2004, 02:35 AM

This could work if you compile a static version of sh and put in in /home/example/bin

ugenn · 11-05-2004, 04:18 AM

Quote:

Originally posted by Cedrik
This could work if you compile a static version of sh and put in in /home/example/bin

Hard-linking to so the necessary dependencies would also work.

ugge · 11-05-2004, 06:58 AM

Quote:

Hard-linking to so the necessary dependencies would also work.

Be aware that you expose yourself to the possibility of jailbreakers.
http://www.unixwiz.net/techtips/chroot-practices.html

leader1201 · 02-23-2013, 01:18 AM

hi ,

i am trying to execute chroot command but i was not successful
chroot /mnt/ubuntu dpkg -i somepackage-name

it showing following error:

chroot : command fail to run dpkg:No such file or directory.

pleaes help me on this.

regards,
prasad.

leader1201 · 02-23-2013, 01:20 AM

hi

i need one command which successful executes with using chroot.

Didier Spaier · 02-23-2013, 02:25 AM

Quote:

Originally Posted by leader1201

i am trying to execute chroot command but i was not successful
chroot /mnt/ubuntu dpkg -i somepackage-name

I guess that dpkg is to be found in your Ubuntu somwhere inside /mnt/ubuntu so it's not in root's $PATH when you run that command from Slackware.

This also answers you other question: try a command which is in root's path.

PS I just saw that you asked a similar question here. I'd suggest you open your own thread to attract more attention, including all details needed for the readers to understand what you try to achieve.

To do that, just go back there and hit "New thread".

linosaurusroot · 02-23-2013, 04:03 AM

Quote:

Originally Posted by ugge

The chroot command is used to make a new root folder, this means that anyone, user or command, are totally unable to reach ANYTHING outside of that directory branch. So if you would set another root for a user he wouldn't be able to do anything (if he would be able to login at all), since all commands are outside of his "root-jail".

The jail would contain copies of selected commands and files. The plash C library tool can provide limited communication with outside.

tronayne · 02-23-2013, 07:38 AM

Have you looked at starting the user shell (probably BASH) in restricted mode? Form the manual page for BASH:

Quote:

restricted_shell
The shell sets this option if it is started in restricted mode (see
RESTRICTED SHELL below). The value may not be changed. This is not
reset when the startup files are executed, allowing the startup
files to discover whether or not a shell is restricted.

If bash is started with the name rbash, or the -r option is supplied at invocation,
the shell becomes restricted. A restricted shell is used to set up an environment
more controlled than the standard shell.

Seems like that's what you're really trying to do (the user cannot CD anywhere). Simply change the shell for the user in /etc/passwd from /bin/bash to /bin/rbash.

Hope this helps some.

Alien Bob · 02-23-2013, 08:05 AM

C'mon guys, don't feed the zombies. This was a NINE years old thread. The person who is trying to resurrect the thread apparently needs two posts (out of his LQ total of three) to ask the same Ubuntu-related question. This is a Slackware forum thread!

Eric