On Sun, 12 Dec 1999, William T Wilson wrote: > Giving a user a chrooted home won't be an easy task. You need to have a > fully functional system under there - that means the shell, libc, and all > that jazz. Are you sure you can't do what you want to do with a > restricted shell?
I primarily want to learn how to do it for the knowledge, and I would indeed like to chroot a couple of daemons that don't provide any built-in means of chrooting themselves. I did named but that was easy, it does most of the work for me. So far I'd created the dirs I thought I would need (dev, etc, bin, home, var) and put what files in them I thought would be necessary... such as passwd, group, and a shell (sash). Now I'm prompted for my password twice and then I'm booted out. I can tell that the chroot is actually taking place because after I give the first password -- if I check /proc/pid#/root for that login process, it does list all the files I expect to see in that user's home dir. But I can't seem to get past the second password prompt. Restricted shell is ok but too easy to get out of, just run a different shell and bam, you're "free." ;P
