Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!rutgers!att!chinet!mcdchg!ddsw1!ddsw1!point!wek
From: wek@point.UUCP (Bill Kuykendall)
Newsgroups: comp.unix.i386
Subject: chroot command
Keywords: chroot isc 386/ix
Message-ID: <[341]comp.unix.i386@point.UUCP>
Date: 15 Oct 89 14:00:04 GMT
Lines: 35

I'm running ISC 2.0.1 and trying to set up a "padded cell" for bbs callers
who want shell privileges.  The obvious solution is to use the chroot
command or chroot() function to define a file subsystem for them.

I've duplicated the /etc, /shlib, /bin, /lib, /usr/lib, and /usr/bin
directories under the new root.  I've written a small program that does a
setuid(0), chroot(path), then execlp's login.

Here's the problem: 

If I edit the /etc/passwd file to exec either the chroot program or my
program, it aborts with a 'no shell' error message.

If I have a dummy directory with a .profile that exec's chroot /u2
/bin/login, I'm asked for login and password, and informed that there is no
utmp entry, and that login must be exec'd from the lowest level shell.

If I have a dummy directory with a .profile that exec's my program, I'm
asked for a login only and bounced with 'login incorrect' without being
asked for a password.

Does anybody have this working?  Am I going about this all wrong?  I've got
$700-800 invested in reference manuals, and all I can find are the briefest
references to the syntax of the program and c function, with no reference to
what's necessary to build a functional environment under the new root.  It's
a bit frustrating.

All suggestions welcome.  Thanks in advance.


---------------
Bill Kuykendall
Chicago, IL USA
 ...!point!wek
wek@point.UUCP