Jail

Introduction
This guide will go through how to use jail to set up a chroot.

Create directories
Create the root directory for jail:

Add a new user account in the main system
This account should have the chroot as its home directory and the jail binary as the shell:

Add a new user account in the chroot
This account should have the same name as the account in the main system:

The home directory and shell paths in the above command refer to paths within the chroot.

Adding software
Add the set of basic programs to the jail:

Next we need to also add the login shell:

It may be necessary to pass an argument ( as in the above example) to help jail figure out the libraries that are necessary for the program to run in the jail.

The command  can be used to add any programs to the chroot.

Finishing touches
Copy the shell startup scripts to the jail:

Activating jail
Everytime you switch to the larry user you will be logged into the jail:

The first time you run this command it will probably fail, see below.

Troubleshooting
If it is not possible to su into target jail system and the following error message appears: jail: execve : No such file or directory it means that the dynamic linker is missing. We will need to first copy the correct library file (e.g. for amd64) to the chroot jail, then create a symlink to it in both the /var/chroot/lib64 directory as well as the /var/chroot/lib directory.

The /lib directory is not created by Jail, thus we will need to create it as there will be a symlink to the dynamic linker in there as well.

First, let's copy the dynamic linker into our Jail /lib64 -

Now we'll make the /lib directory -

Now we'll make the symlinks -

External resources

 * http://www.jmcresearch.com/projects/jail/