A chroot on Unix operating systems is an operation that changes the apparent root directory for the current running process and its children.
Questions tagged [chroot]
410 questions
77
votes
4 answers
bad ownership or modes for chroot directory component
I created the user MY_USER. Set his home dir to /var/www/RESTRICTED_DIR, which is the path he should be restricted to.
Then I edited sshd_config and set:
Match user MY_USER
ChrootDirectory /var/www/RESTRICTED_DIR
Then I restarted ssh. Made…
MultiformeIngegno
- 1,627
- 9
- 24
- 31
28
votes
1 answer
SFTP: file symlinks in a jailed (chrooted) directory
I'm trying to set up sftp so that a few trusted people can access/edit/create some files. I have jailed a user into their home directory (/home/name) but have run into a problem. I want for them to also be able to access other parts of the VPS…
dukevin
- 1,610
- 3
- 18
- 25
28
votes
6 answers
Is there a windows equivalent to chroot?
On a *nix system I can use a chroot to isolate two processes from each other and from the rest of the system. Is there any similar security system under windows? Or is there any way to prevent two processes from reading/writing to each others…
Rook
- 2,615
- 5
- 26
- 34
23
votes
6 answers
Ubuntu - can non-root user run process in chroot jail?
Is it possible for a non-root user to run a chroot process on Ubuntu?
Hawkeye
- 2,669
- 9
- 30
- 34
20
votes
5 answers
How can I chroot ssh connections?
I would like to setup a chroot jail for most (not all) users logging in though SSH. I've heard it's possible with the latest versions of openssh, but I've not been able to find out how to do it. The How To's all talk of patching an old version, and…
Malfist
- 797
- 3
- 9
- 21
19
votes
5 answers
OpenSSH anything like 'internal-sftp' but for SCP?
I'm running Debian stable and I'm looking to establish the following environment for users in my 'sftponly' group:
jailed
can transfer with SFTP
can transfer with SCP
cannot login interactively with SSH
From my experimentation and research, it…
brianjcohen
- 291
- 1
- 2
- 3
16
votes
4 answers
chroot fails - cannot run command `/bin/bash': No such file or directory
I'm a chroot novice trying to make a simple chroot jail but am banging my head against the same problem time and time again... Any help would be massively appreciated
I've created a directory /usr/chroot that I want to use as a jail and created…
Mike Atkinson
- 191
- 1
- 1
- 6
15
votes
4 answers
Difference between chroot and jail
I read this tutorial - https://help.ubuntu.com/community/BasicChroot - and what I understood is that, chroot is the process of changing the / while the new restricted environment created is the "jail". But some people say I am wrong and chroot and…
user1437328
- 251
- 1
- 2
- 5
14
votes
2 answers
vsftp: why is allow_writeable_chroot=YES a bad idea?
There are several thousand blog posts about vsftp and allow_writeable_chroot=YES
The common error message:
Fixing 500 OOPS: vsftpd: refusing to run with writable root inside chroot ()
I solved the problem on my server.
But one question…
guettli
- 3,113
- 14
- 59
- 110
14
votes
2 answers
Why chroot is considered insecure?
I've been playing around with CentOS box for couple of years now. So I'm pretty comfy with terminal. However, I read a lot of blog-post claiming that chroot is insecure and amount of those posts frightens. Is it really so? Why?
I use chroot to…
Aleksandr Makov
- 290
- 2
- 10
14
votes
2 answers
SFTP fatal bad ownership or modes for chroot directory ubuntu 12.04
I just set up my SFTP server and it works fine when I use it from my first user account.
I wanted to add a user which we will call 'magnarp'.
At first I did like this in sshd_config:
Subsystem sftp internal-sftp
Match group sftponly
…
Jonathan
- 143
- 1
- 1
- 4
13
votes
2 answers
Up-to-date alternatives of rssh or scponly
I need:
An scp and sftp server
With chroot-ed environment
With non-login (ssh not allowed for scp/sftp users)
Options and related issues I found:
scponly
No updates since more than 6 years
Does one really need to recompile the whole thing to make…
Julen Larrucea
- 328
- 1
- 2
- 11
13
votes
1 answer
Why use lxc instead of chroot?
One ubuntu server hosts 3 apps all on separate domains.
Each app has its own developers.
App developers belong to linux "sftp" group.
chroot allows password sftp access for each app developer.
/home/app1/prod
/home/app2/prod
/home/app3/prod
In…
csi
- 1,535
- 7
- 22
- 42
13
votes
1 answer
PHP-FPM's chroot and chdir directory
I am setting up php-fpm with chrooting enabled. Now I see that there are two options, and I want to know what the exact difference is.
The setup has:
chroot = /var/www/domains/domain.tld/
; Chdir to this directory at the start. This value must be an…
Saif Bechan
- 10,892
- 10
- 40
- 63
13
votes
6 answers
Trying to setup chroot'd rsync
I'm trying to set up a backup server.
I want to chroot each user (client) to its home directory, and only allow it to use sftp and rsync.
I quickly discovered that I was not the only one trying to do something like this, and I found this guide and…
Mark R.
- 131
- 1
- 1
- 3