04-14-2010
Read up on chroot. As soon as a process changes it's root directory, it can't access the files outside anymore. Shell, utilities, password file, ... are out of reach (invisible even). You'll have to set up a minimal environment yourself inside the chroot, mirroring that of a real system.
10 More Discussions You Might Find Interesting
1. News, Links, Events and Announcements
See:
http://www.cert.org/advisories/CA-2002-36.html
and
http://www.rapid7.com/News/pr021216-ssh.html (1 Reply)
Discussion started by: Neo
1 Replies
2. UNIX for Advanced & Expert Users
I am trying to ssh into a remote sun server, however I get X11 forwarding error. I have checked sshd_config file and X11 forwarding is enabled.
Also xhost command doesnt give any output, it doesnt even return the prompt.I have to Ctrl C out of the situation. any suggestions anyone?? (1 Reply)
Discussion started by: ysk
1 Replies
3. UNIX for Dummies Questions & Answers
I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies
4. UNIX for Advanced & Expert Users
Hi all,
I have a Solaris 10 server with SUN_SSH_1.1 installed.
I want to restrict a user via SFTP to only be able to access one directory. I've written a little script in .profile which works perfectly for an ssh login but it appears sftp doesn't read the .profile file so it doesn't work.
... (2 Replies)
Discussion started by: Donkey25
2 Replies
5. UNIX for Advanced & Expert Users
I have a simple sandbox program which runs a command as user "nobody" in a chroot jail. It sets resource limits with setrlimit, changes the user id with setuid, changes the root dir with chroot, and then calls exec to execute the command given as command line parameters. It is of course a... (8 Replies)
Discussion started by: john.english
8 Replies
6. Solaris
Hello all, does anybody knows a procedure to enable an chroot for users using ssh and sftp ? Thanks (1 Reply)
Discussion started by: celord
1 Replies
7. UNIX for Advanced & Expert Users
I have a developer that needs ssh access to a server to get to a specific directory. I want to restrict them to that directory. I've tried to set their shell as rksh which does jail them but only if they are using ssh from another unix system. If they are using putty or winscp they can still... (2 Replies)
Discussion started by: toor13
2 Replies
8. Red Hat
Hi
I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area.
e.g ftp file are is - /logging/phplogs
e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies
9. Solaris
I'm attempting to setup RSA Authentication for a particular user on two servers. A script runs via crontab, logs into one server and transfers data from the server1 to server2. Another script via cron, runs on server2, connects to server 1 and transfers data to it. However, I'm having issues... (3 Replies)
Discussion started by: Nvizn
3 Replies
10. UNIX for Beginners Questions & Answers
For some reason, when I try copying my public key to the server, despite it showing as being successful:
rob@linux044:~$ ssh-copy-id -i /home/rob/Work/Keys/keys.txt.pub !@#$%.com
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/rob/Work/Keys/keys.txt.pub"... (7 Replies)
Discussion started by: Circuits
7 Replies
LEARN ABOUT DEBIAN
adt-virt-chroot
adt-virt-chroot(1) Linux Programmer's Manual adt-virt-chroot(1)
NAME
adt-virt-chroot - autopkgtest virtualisation server using a chroot
SYNOPSYS
adt-virt-chroot [options] =[chroot-name]
adt-virt-chroot [options] [-rgain-root-cmd] /path/to/chroot
DESCRIPTION
adt-virt-chroot provides an autopkgtest virtualisation server using a chroot install (or similar).
Normally adt-virt-chroot will be invoked by adt-run.
The chroot to use must be specified. If it starts with a = character then it is taken to be a chroot name known to dchroot(8). Otherwise
it must start with a / and will be taken to an absolute path.
OPTIONS
--gain-root|-r gain-root-cmd
Specifies that adt-virt-chroot can become root (on the host) by prefixing its commands with gain-root-cmd. The command may consist
of several words separated by whitespace, in which case words other than the first are supplied as additional arguments to the com-
mand; other shell (or other) metacharacters in gain-root-cmd are not interpreted or modified by adt-virt-chroot. The actual command
to be run as root, and its arguments, are supplied as additional (separate) arguments to gain-root-cmd.
Root privilege is needed, to successfully run chroot(8), if the chroot to use is specified as an absolute path. The default is not
to take any special action when root will be needed, in which case for an absolute path chroot, adt-virt-chroot must be started as
root.
-d | --debug
Enables debugging output. Probably not hugely interesting.
INPUT, OUTPUT AND EXIT STATUS
The behaviour of adt-virt-chroot is as described by the AutomatedTesting virtualisation regime specification.
SEE ALSO
adt-run(1), adt-virt-null(1), adt-virt-xenlvm(1), /usr/share/doc/autopkgtest/.
AUTHORS AND COPYRIGHT
This manpage is part of autopkgtest, a tool for testing Debian binary packages. autopkgtest is Copyright (C) 2006-2007 Canonical Ltd and
others.
See /usr/share/doc/autopkgtest/CREDITS for the list of contributors and full copying conditions.
autopkgtest 2007 adt-virt-chroot(1)