[scponly] Install for many accounts

[Matthew Moffitt]

The restricted shell is great and looks like a nice solution for us to allow people into samba home folders remotely w/o having to resort to smb traffic.

Once glitch I'm running into is in setting up the chroot option.  Walking through the instructions and looking through the setup_chroot.sh script I see how we set this up for a particular user with the binaries in their chroot'd directory.

However I'd like to have a single installation of the binaries but allow all users to have the scponly shell.  That would avoid having usr, bin, etc, and other folders tacked into their home directories.

I tried modifying the setup in config.h to build these so it would look for a '.scponly/usr' and other folders instead of the default which I thought I could then symlink for each person but this won't work, it can't follow the symlink out of the jail.  Even if I copied this over to each person's home, making it look a little cleaner from their perspective, I still have the problem with programs like sftp-server having a hard coded path to find ld-elf.so.1 in /usr/libexec.

Is there another approach that would facilitate creating an install for several hundred accounts still using a jail but not having the binaries copied over for each person?  I would think there must be a clean way to do this but I don't see it.

-Matt