Jail

This guide will go through how to use to set up a chroot.

Create directories
Create the root directory for jail:

Add a new user account in the main system
This account should have the chroot as its home directory and the jail binary as the shell:

Add a new user account in the chroot
This account should have the same name as the account in the main system:

The home directory and shell paths in the above command refer to paths within the chroot.

Adding software
Add the set of basic programs to the jail:

Next we need to also add the login shell:

It may be necessary to pass an argument ( as in the above example) to help jail figure out the libraries that are necessary for the program to run in the jail.

The command  can be used to add any programs to the chroot.

Finishing touches
Copy the shell startup scripts to the jail:

Activating jail
Everytime you switch to the larry user you will be logged into the jail:

The first time you run this command it will probably fail, see below.

Troubleshooting
If it is not possible to su into target jail system and the following error message appears:

jail: execve : No such file or directory

it means that the dynamic linker is missing. Copy it from the host root -

{{RootCmd| cp -L /lib64/ld-linux-x86-64.so.2 /var/chroot/lib64

The -L switch is very important as ld-linux-x86-64.so.2 is actually a symlink that points to ld-2.25.so. The -L tells CP that you want the file that the symlink points to and not the symlink itself.

External resources

 * http://www.jmcresearch.com/projects/jail/