From owner-freebsd-questions  Wed Aug  7 07:50:35 1996
Return-Path: owner-questions
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id HAA00357
          for questions-outgoing; Wed, 7 Aug 1996 07:50:35 -0700 (PDT)
Received: from salsa.habaneros.com ([207.34.140.99])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA00343
          for <questions@freebsd.org>; Wed, 7 Aug 1996 07:50:32 -0700 (PDT)
Received: from jalapeno.habaneros.com (jalapeno [207.34.140.98]) by salsa.habaneros.com (8.7.5/8.6.12) with SMTP id HAA20782; Wed, 7 Aug 1996 07:49:26 -0700 (PDT)
Received: by jalapeno.habaneros.com with Microsoft Mail
	id <01BB8434.5D2CBF00@jalapeno.habaneros.com>; Wed, 7 Aug 1996 07:45:11 -0700
Message-ID: <01BB8434.5D2CBF00@jalapeno.habaneros.com>
From: "Neil C. Jensen" <njensen@salsa.habaneros.com>
To: "dwhite@resnet.uoregon.edu" <dwhite@resnet.uoregon.edu>
Cc: "questions@freebsd.org" <questions@freebsd.org>
Subject: RE: chroot
Date: Wed, 7 Aug 1996 07:45:05 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-questions@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

The permissions on chroot are correct:
-r-xr-xr-x  1 bin  bin  8192 Jul 16 19:33 /usr/sbin/chroot

If I use "/usr/sbin/chroot /home/terminal" as my login shell, the
exact error message is "login: /usr/sbin/chroot /home/terminal:
permission denied".

The permissions on the home directory are standard.

If I instead try to use the login script, the error message is
"chroot: /home/terminal: Operation not permitted"

TIA, 
Neil

----------
From: 	Christoph P. Kukulies[SMTP:kuku@gilberto.physik.rwth-aachen.de]
Sent: 	Wednesday, August 07, 1996 4:18 AM
To: 	dwhite@resnet.uoregon.edu
Cc: 	njensen@salsa.habaneros.com; questions@freebsd.org
Subject: 	Re: chroot

> Try to wrap your lines at about column 72.
> 
> On Tue, 6 Aug 1996, Neil C. Jensen wrote:
> 
> > I'm running into some difficulties chroot'ing users, and the man pages
> > aren't explicit enough for a novice like myself :(. 
> 
> chroot is pretty simple tho.
> 
> > I have tried the following so far;
> > 
> > 1. using "/usr/sbin/chroot /user's_home_directory"  as the login shell
> > gives a "permission denied" error. 
> 
> Have you checked the permissions on chroot?  Mine are:
> 
> -r-xr-xr-x  1 bin  bin  8192 Jul 13 19:46 /usr/sbin/chroot*
> 
> > 2. Then I tried using a script as the shell in the password file. The
> > script simply chrooted to the user's home directory, and I suid'd it to
                                                               ^^^^^^
You cannot run suid shells scripts under FreeBSD (and other BSDs) for
security reasons. Well, you can run them but the suid bit doesn't have
an effect and the process's uid doesn't change.

> > hopefully overcome any permissions problems. Unfortunately, I still get
> > Permission Denied. 
> 
> What is the exact text of the error message?  

I assume he's getting 'Permission denied' from commands in his script.

> 
> > I have already populate the chroot directory with the necessary /bin/sh
> > and a few other utilites to get goin. 
> 
> OK there.
> 
> Doug White                              | University of Oregon  
> Internet:  dwhite@resnet.uoregon.edu    | Residence Networking Assistant
> http://gladstone.uoregon.edu/~dwhite    | Computer Science Major
> 
> 

--Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de