Chroot login

From LinuxNewbie

Quoted from: http://www.linuxgazette.com/issue42/tag/4.html

(For our readers that are unfamiliar with the trick: the login program; upon seeing that the login shell for a given account is set to '*' does a chroot() system call to the directory that's listed as that account's "home" directory. Therein 'login' exec()'s the appropriate copy of 'login' thereunder. This normally would then exec() a normal shell, as listed in the /...(chroot top).../etc/passwd file.)
...
Naturally I tried this particular trick on one of my Linux systems. It worked fine. In fact I just tested it, as I write this, on a new Debian 2.1 installation that I've been playing with and it works there.

However on PAM based systems (using pluggable authentication modules) --- notably on Red Hat 4.x, 5.x and presumably the new 6.0 system as well as any where the admins have added Linux PAM after-the-fact --- it doesn't work.

Here are other links where PAM prevents the use of the unix trick (most distros)
http://kegel.com/crosstool/current/doc/chroot-login-howto.html
http://www.tjw.org/chroot-login-HOWTO/

Retrieved from "http://undernetlinuxnewbie.org/wiki/index.php/Chroot_login"

Chroot login

From LinuxNewbie

Views

Personal tools

Navigation

Search

Toolbox