Jail

This guide will go through how to use to set up a chroot.

Create directories
Create the root directory for jail:

Add a new user account in the main system
This account should have the chroot as its home directory and the jail binary as the shell:

Add a new user account in the chroot
This account should have the same name as the account in the main system:

The home directory and shell paths in the above command refer to paths within the chroot.

Adding software
Add the set of basic programs to the jail:

Next we need to also add the login shell:

It may be necessary to pass an argument ( as in the above example) to help jail figure out the libraries that are necessary for the program to run in the jail.

The command  can be used to add any programs to the chroot.

Finishing touches
Copy the shell startup scripts to the jail:

Activating jail
Everytime you switch to the larry user you will be logged into the jail:

The first time you run this command it will probably fail, see below.

Troubleshooting
If it is not possible to su into target jail system and the following error message appears:

jail: execve : No such file or directory

it means that the dynamic linker is missing. Copy it from the host lib64 directory -

The -L switch is very important as ld-linux-x86-64.so.2 is actually a symlink that points to ld-2.25.so, which is the dynamic linker. The -L dereferences the symlink and copies the file that it points to instead of copying the symlink itself. The copied file inherits the name of the symlink.

External resources

 * http://www.jmcresearch.com/projects/jail/