Last active
March 24, 2023 20:16
-
-
Save ingmarioalberto/47be0867e76956056a8d4f1c894bc3ed to your computer and use it in GitHub Desktop.
jail user with jailkit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Download: | |
| https://olivier.sessink.nl/jailkit/index.html#download | |
| o bien: https://software.virtualmin.com/vm/6/gpl/rhel/8/x86_64/jailkit-2.23-1.el8.vm.x86_64.rpm | |
| Then: | |
| Create jail dir: | |
| mkdir /home/jail && chown root:root /home/jail | |
| Initialize the jail with some commands like ssh, and group of utilities like basicshell, | |
| this command copy system files to jail directory, if you want to "hardlink" instead use -k | |
| jk_init -v -j /home/jail basicshell editors extendedshell netutils ssh sftp scp | |
| Create a user as usually | |
| useradd -m restrollv2 | |
| Then jail it and assign some shell (valid shell inside the jail) | |
| jk_jailuser -m -j /home/jail -s /bin/bash restrollv2 | |
| Create a /tmp onto the jail | |
| mkdir /home/jail/tmp && chmod a+rwx /home/jail/tmp | |
| Then if something changes on your system, like something get an update, then you have to update the jail ones too | |
| jk_update -j /home/jail -d ; # dry-run | |
| jk_update -j /home/jail ; #do-it | |
| If something is missing, just "install it" from the local OS to the jail | |
| jk_init -f -v /home/jail python | |
| Or if something is missing but there is no default installation way | |
| create a new section on: /etc/jailkit/jk_init.ini | |
| ---cut-here-- | |
| [missing] | |
| comment = anything that's having a complain | |
| paths = /usr/bin/id | |
| ---cut-here-- | |
| then: | |
| jk_init -f -v -j /home/jail missing | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment