[linux-help] Re: Question with 'chroot'.

[Jeff <schaller@xxxxxxxxxxxxx>]

On Sun, 21 May 2000, Wang Min wrote:

> I want chroot to do this job, when a user logins to my linux
> box, first his group id is checked, for example, if he is not
> in the root group, then his root directory switchs to /user,
> and I think the security situation is dramatically improved by
> this method. As far as I know, I should modify the /bin/login
> source code and overwrite it with the new one to achieve the
> goal, the fact is I am a newbie to Linux and don't know how to
> get the login source code and how to modify it as well,
> anybody help me?

1) On my redhat system, 'login' (/bin/login) is part of the
util-linux package; thus, I'd go to the redhat site, or a mirror,
and look for the "srpm", or source RPM for it --
util-linux-version.srpm.  Install that, and (for a redhat-like
system) you'll end up with a .tar file in /usr/src/redhat/SOURCES.
Untar that, and you'll find the source to the login program.

2) As far as modifying the source to login, that's something I
haven't done; very few people have, probably. It sounds like you
have a pretty clear idea of what you want to do, so translating
that into source code should be reasonably easy.  

As Jonathan says in his email, though, there are a lot of things
that result from having a "/user" chroot. The positive side to
doing this is that you can keep putting things in one at a time,
and when something breaks, you add what needs to be added :)
Luckily, disk space is cheap.

Good luck,
-jeff
-- 
"Humans think they are smarter than dolphins because we build cars and
buildings and start wars, etc., and all that dolphins do is swim in the
water, eat fish and play around.  Dolphins believe that they are smarter
for exactly the same reasons."  - Douglas Adams


-- This is the linux-help@xxxxxxxxx list.  To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi