How to jail users under Ubuntu 17.10
Clash Royale CLAN TAG#URR8PPP up vote
1
down vote
favorite
Following link gives a solution about Simple & easy way to jail users. Multiple comments mention that it does not work on Ubuntu 13.10, but there is no verification about that.
I have tried that solution on Ubuntu 17.10 LTS. I was not able to make it work.
Setup: (Please note that I have get the code from with small changes.)
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar -zxvf jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
jailDir='/var/lib/jail'
sudo mkdir $jailDir
sudo chown root:root $jailDir
sudo jk_init -v $jailDir basicshell
sudo jk_init -v $jailDir netutils
sudo jk_init -v $jailDir ssh
sudo jk_init -v $jailDir jk_lsh
sudo useradd -d /var/lib/testuser -m testuser -s /bin/bash
sudo jk_jailuser -m -j $jailDir testuser
sudo jk_cp -v -f $jailDir /bin/bash
Later when I try to jail the user, I have faced following issues:
=> When I did sudo su - testuser, I can see other jailed users' files, but I do not have access to /home. It seems promising but now I cannot see any of the installed binaries and use them.
=> sudo -su testuser opens at the current directory I am, and it can still see other users' directory and files under /home.
Please note that I am not doing ssh into the user, I am just switching the users after I have logged in.
[Q] Is it possible to do jail users under Ubuntu 17.10? It it correct way to do this?
users chroot
asked May 11 at 17:07
alper
958
add a comment |Â
up vote
1
down vote
favorite
Following link gives a solution about Simple & easy way to jail users. Multiple comments mention that it does not work on Ubuntu 13.10, but there is no verification about that.
I have tried that solution on Ubuntu 17.10 LTS. I was not able to make it work.
Setup: (Please note that I have get the code from with small changes.)
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar -zxvf jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
jailDir='/var/lib/jail'
sudo mkdir $jailDir
sudo chown root:root $jailDir
sudo jk_init -v $jailDir basicshell
sudo jk_init -v $jailDir netutils
sudo jk_init -v $jailDir ssh
sudo jk_init -v $jailDir jk_lsh
sudo useradd -d /var/lib/testuser -m testuser -s /bin/bash
sudo jk_jailuser -m -j $jailDir testuser
sudo jk_cp -v -f $jailDir /bin/bash
Later when I try to jail the user, I have faced following issues:
=> When I did sudo su - testuser, I can see other jailed users' files, but I do not have access to /home. It seems promising but now I cannot see any of the installed binaries and use them.
=> sudo -su testuser opens at the current directory I am, and it can still see other users' directory and files under /home.
Please note that I am not doing ssh into the user, I am just switching the users after I have logged in.
[Q] Is it possible to do jail users under Ubuntu 17.10? It it correct way to do this?
users chroot
asked May 11 at 17:07
alper
958
Sorry17.10will be enough. FYI I observe same case on both versions. @user535733
– alper
May 11 at 17:59
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
Following link gives a solution about Simple & easy way to jail users. Multiple comments mention that it does not work on Ubuntu 13.10, but there is no verification about that.
I have tried that solution on Ubuntu 17.10 LTS. I was not able to make it work.
Setup: (Please note that I have get the code from with small changes.)
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar -zxvf jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
jailDir='/var/lib/jail'
sudo mkdir $jailDir
sudo chown root:root $jailDir
sudo jk_init -v $jailDir basicshell
sudo jk_init -v $jailDir netutils
sudo jk_init -v $jailDir ssh
sudo jk_init -v $jailDir jk_lsh
sudo useradd -d /var/lib/testuser -m testuser -s /bin/bash
sudo jk_jailuser -m -j $jailDir testuser
sudo jk_cp -v -f $jailDir /bin/bash
Later when I try to jail the user, I have faced following issues:
=> When I did sudo su - testuser, I can see other jailed users' files, but I do not have access to /home. It seems promising but now I cannot see any of the installed binaries and use them.
=> sudo -su testuser opens at the current directory I am, and it can still see other users' directory and files under /home.
Please note that I am not doing ssh into the user, I am just switching the users after I have logged in.
[Q] Is it possible to do jail users under Ubuntu 17.10? It it correct way to do this?
users chroot
asked May 11 at 17:07
alper
958
Following link gives a solution about Simple & easy way to jail users. Multiple comments mention that it does not work on Ubuntu 13.10, but there is no verification about that.
I have tried that solution on Ubuntu 17.10 LTS. I was not able to make it work.
Setup: (Please note that I have get the code from with small changes.)
cd /tmp
wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz
tar -zxvf jailkit-2.17.tar.gz
cd jailkit-2.17
./configure
make
make install
jailDir='/var/lib/jail'
sudo mkdir $jailDir
sudo chown root:root $jailDir
sudo jk_init -v $jailDir basicshell
sudo jk_init -v $jailDir netutils
sudo jk_init -v $jailDir ssh
sudo jk_init -v $jailDir jk_lsh
sudo useradd -d /var/lib/testuser -m testuser -s /bin/bash
sudo jk_jailuser -m -j $jailDir testuser
sudo jk_cp -v -f $jailDir /bin/bash
Later when I try to jail the user, I have faced following issues:
=> When I did sudo su - testuser, I can see other jailed users' files, but I do not have access to /home. It seems promising but now I cannot see any of the installed binaries and use them.
=> sudo -su testuser opens at the current directory I am, and it can still see other users' directory and files under /home.
Please note that I am not doing ssh into the user, I am just switching the users after I have logged in.
[Q] Is it possible to do jail users under Ubuntu 17.10? It it correct way to do this?
users chroot
asked May 11 at 17:07
alper
958
edited May 11 at 18:03
asked May 11 at 17:07
alper
958
asked May 11 at 17:07
alper
958
asked May 11 at 17:07
alper
958
958
Sorry17.10will be enough. FYI I observe same case on both versions. @user535733
– alper
May 11 at 17:59
add a comment |Â
Sorry17.10will be enough. FYI I observe same case on both versions. @user535733
– alper
May 11 at 17:59
Sorry
17.10 will be enough. FYI I observe same case on both versions. @user535733– alper
May 11 at 17:59
Sorry
17.10 will be enough. FYI I observe same case on both versions. @user535733– alper
May 11 at 17:59
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1034993%2fhow-to-jail-users-under-ubuntu-17-10%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sorry
17.10will be enough. FYI I observe same case on both versions. @user535733– alper
May 11 at 17:59