Date: Sun, 11 Feb 1996 01:36:29 +0100 (MET) From: Ollivier Robert <roberto@keltia.freenix.fr> To: yankee@anna.az.com (az.com) Cc: freebsd-security@FreeBSD.ORG Subject: Re: Need help building jails Message-ID: <199602110036.BAA03804@keltia.freenix.fr> In-Reply-To: <Pine.BSF.3.91.960210093015.26616C-100000@anna.az.com> from "az.com" at "Feb 10, 96 09:49:10 am"
next in thread | previous in thread | raw e-mail | index | archive | help
It seems that az.com said:
> Want to do a chroot immediately upon login for certain accounts and make
> twilight zone versions of
> /usr/home,/usr/bin,/usr/sbin,/bin,/sbin,/usr/local/bin in a directory
> called /usr/jail
Here is the shell I used in the past for my "guest" account here :
#! /usr/bin/suidperl
#
chroot "/users/guest";
$< = $> = 1000;
$ENV{TERM} = 'vt100';
$ENV{PATH} = '/bin:/usr/bin';
$ENV{SHELL} = '/bin/tcsh';
$ENV{HOME} = '/guest';
chdir "/guest";
print <<EOF;
+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+
BIENVENUE SUR KELTIA
+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+==+
EOF
exec "/bin/tcsh -l";
guest:*:1000:31:Honorable Invite,,,:/users/guest:/usr/local/sbin/sh-guest
> 2. Can I find code for FreeBSD to do exactly the same thing as chroot with
> ftpd?
Use the wu-ftpd 2.4, put the users in a special group called for example
"ftponly" and use the following in ftpaccess:
guestgroup ftponly
> 3. Can I find code for FreeBSD to do exactly the same thing as chroot
> with httpd?
Most servers can do it automatically or you may find patches for them to do
a chroot. Apache can do it I think.
--
Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net
FreeBSD keltia.freenix.fr 2.2-CURRENT #5: Sun Feb 4 03:11:17 MET 1996
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602110036.BAA03804>