[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Run script before chroot
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] Run script before chroot |
Date: |
Sun, 29 Mar 2009 23:19:22 +0200 |
User-agent: |
Thunderbird 2.0.0.21 (X11/20090318) |
address@hidden wrote:
>
> Suppose I have a user (or set of users) that are jailed via jk_chrootsh:
>
> /etc/passwd:
> foo:x:500:500::/var/jails/foo/./home/foo:/usr/bin/jk_chrootsh
>
> is there a way to have a script/executable run when the user logs in
> but before the chroot? Ordinarily I would add something to
> /var/jails/foo/etc/profile or /etc/csh.login or something, but I want
> this pre-login to access something necessarily outside the jail.
>
> artificial example: Print something on login without giving jailed
> user access to printer.
>
> #!/bin/sh
> echo `whoami` " logged into jail at " `date` >> /dev/lp
can't think of an easy and secure way to do this.
perhaps you can start a script, and in the end 'exec jk_uchroot -x bash' ?
but I don't know if this still allows sftp and things like that. (if you
want to allow that). I'm also not entirely sure that a setup like that
is unhackable.
regards,
Olivier