Subscribe RSS10 Mar 12
Jailkit – Limit User Account on Linux
There’s once I was required to setup a limited shell access user account on a commercial hardware product, in which to secure the original system from being modified and at the same time to provide a flexible environment for general work. I was on the way to make use of chroot command. Then i was lucky to came across Jailkit, which saved me a lot of time. So, i would like to use this post to give a little introduction on how to use it.
# First, let's create a directory for the jail account mkdir /jail chown root:root /jail # Then we create a new user account specially for jail account # *replace <group name>, <username>, <password> with your own value groupadd <group name> useradd -d /home/jail -g <group name> -p <password> <username> # For example, if we only want to allow the jail account to have ssh and basic shell access jk_init -v -j /jail basicshell ssh # Then we shall jail the user account we previously created to the jail directory jk_jailuser -m -j /jail <username>