Setting up chroot with existing users
 

Hello, I'm doing a group project at uni where we need to set up a linux box with ssh and ftp services on it for over 20 other groups. We want to use chroot so that once the users log in they cannot get any higher up the file system than their home directory.

I've found a how-to at http://www.tjw.org/chroot-login-HOWTO/ but it says that the users need to be added after the chroot process. Is it possible to use chroot with users that have already been set up as we have already added over 20 groups and set quotas for them etc.

Thanks

Is it possible to use chroot with users that have already been set up as we have already added over 20 groups and set quotas for them etc.
Sure you can. Just set up the system and use a shell script to process all users and groups (or use a shell script that fills a chroot OTF, AFAIK PAM has some modules that can run scripts on login). BTW, for OpenSSH check the Chroot patch for ssh and Rssh. Might be interesting. If you run chroots it would be beneficial to check out the Grsecurity kernelpatch. Even if you don't use the RBAC, you'll at least gain reinforced chroots plus extra auditing capabilities. For FTP I'd suggest using an ftpd with the best track record where security is concerned: Muddleftpd. One more thing. If you're running low on space, have a look at Busybox. It provides a lot of std binaries in one executable and even though it does not support all binaries arcane flags it's matured a lot over the years providing much more than a few yrs ago.