Date: Tue, 9 Mar 1999 10:44:19 -0600 From: Guy Helmer <ghelmer@scl.ameslab.gov> To: Licia <licia@o-o.org> Cc: freebsd-chat@freebsd.org Subject: Re: A new feature for /usr/bin/login (feedback requested) Message-ID: <Pine.SGI.4.05.9903091034530.13205-100000@demios.scl.ameslab.gov> In-Reply-To: <Pine.BSF.4.05.9903090954310.9692-100000@o-o.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 9 Mar 1999, Licia wrote: > I'm going to alter login so that any person with a login group of 80 will > be automagically chrooted. If there is an entry for them in /etc/chroots > they will be chrooted to the specified area (allowing several people to be > chrooted to a common sub-area) and if there isn't an entry for them, they will > be chrooted to their home directories. I think it would be better to add a new login capability to the login.conf file that specifies a chroot directory for all members of the class. With parameter substitution (e.g. "%u" for the user name, "%g" for the primary group name), this could eliminate the need for the /etc/chroots file you suggest. > 2. Should I build some sort of prepackaged utility to set up chrooted > environments (creating directory hierarchies, copying binaries, libraries, > device files, etc) and if so what would the -minimum- set be for basic > functionality? Sure, that would be useful. You might want to look into portal mounts WRT chroot jails - it would save having to copy binaries, libraries, device files, and configuration files. Guy Guy Helmer, Ph.D. Candidate, Iowa State University Dept. of Computer Science Research Assistant, Ames Laboratory --- ghelmer@scl.ameslab.gov Research Assistant, Dept. of Computer Science --- ghelmer@cs.iastate.edu http://www.cs.iastate.edu/~ghelmer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SGI.4.05.9903091034530.13205-100000>