[scponly] Install for many accounts
Matthew Moffitt
moffitt.10 at sociology.osu.edu
Sun Aug 24 11:26:52 EDT 2003
The restricted shell is great and looks like a nice solution for us to allow people into samba home folders remotely w/o having to resort to smb traffic.
Once glitch I'm running into is in setting up the chroot option. Walking through the instructions and looking through the setup_chroot.sh script I see how we set this up for a particular user with the binaries in their chroot'd directory.
However I'd like to have a single installation of the binaries but allow all users to have the scponly shell. That would avoid having usr, bin, etc, and other folders tacked into their home directories.
I tried modifying the setup in config.h to build these so it would look for a '.scponly/usr' and other folders instead of the default which I thought I could then symlink for each person but this won't work, it can't follow the symlink out of the jail. Even if I copied this over to each person's home, making it look a little cleaner from their perspective, I still have the problem with programs like sftp-server having a hard coded path to find ld-elf.so.1 in /usr/libexec.
Is there another approach that would facilitate creating an install for several hundred accounts still using a jail but not having the binaries copied over for each person? I would think there must be a clean way to do this but I don't see it.
-Matt
More information about the scponly
mailing list