ACL's and chroot

Submit your RBAC policies or suggest policy improvements

ACL's and chroot

Postby superbock » Thu Oct 03, 2002 1:46 pm

Hi!

I need some orientation plz. Here's the thing:

On one box of mine, i want to give shell access for some users, only for basic things, like editing configuration files, change permissions, common filesystem operations...

I was thinking of creating a jail environment using "Jail Chroot Project", found in http://www.gsyc.inf.uc3m.es/~assman/jail/.

Or.. using ACL's, can such an environment be simulated?

I'm not sure of the best way to do this...

Any thoughts will be appreciated. Thanks in advance.

Rodrigo
superbock
 
Posts: 37
Joined: Sun Mar 31, 2002 6:34 pm

Postby Sharky » Fri Nov 01, 2002 10:14 pm

I Was looking for the Same thing.
"Jail Chroot Project" Did not work for me.
I applied grsecurity to a redhat Linux box 2.4.19 but I'm still wondering how to build a jail chroot environment using the ACL.
So any help here would be more than appreciated.
Sharky
 
Posts: 43
Joined: Fri Nov 01, 2002 10:12 pm

Postby dystopia » Mon Dec 02, 2002 7:47 pm

Debian (debootstrap is Deb prog and Debian has PAM)

1) mkdir /chroot then do debootstrap in /chroot and install distro there.
2) install pam_chroot and enable it
3) enable the chroot* flags in GrSecurity (ie. recompile sysctl)
dystopia
 
Posts: 14
Joined: Sun Jun 30, 2002 5:05 pm


Return to RBAC policy development

cron