Thanks in advance.
My environment is Ubuntu 9.04 desktop customized to be a high school classroom server for teaching code development. I have a unique "fake" jail called "lshell" which is very easy to setup and restricts users to commands that I dictate DISALLOWING ANYTHING ELSE. These questions below represent the last piece we would love to have for this open project.
I have a very specific need. I need to accomplish the following \(without discussion about jail environments please\).
I'd like users in a shell to enter "gedit" or other software/IDE, and do work. When the user makes a "File and Open" step they can only see or examine their directory and nowhere else.
Questions: Can I use one of the traces\(l,p,s\) or is their another way to restrict "what they can see"? Can these commands, along with some scripting, be used to return their top directory as $theirusername only and not be able to navigate elsewhere? Perhaps change some returning value say of
/home/jail/home/user to /user .
I can post the lshell.py script that I am using as the limited shell, if needed.
Instead of hacking this at the system call level, why not put user you want to restrict into a chroot? They really, genuinely wouldn't have access to anything you didn't put in there.
Thanks, I need to read up on chroot and it's usage.
Doesn't it require copying lots of files/libs into the chrooted envronment. I'm trying to avoid such a thing, as it makes it more difficult for teachers, new to Linux, to replicate this along with everything else already in place.
Will the command really lock a user down as needed and does it allow gedit or similar as I expressed above?
Upon further searching, maybe fakechroot and fakeroot will work. Let you know when I give it a try.
You could just link files instead of copying them. They would have to be hardlinks, not symlinks, but it wouldn't need to be copied wholesale as long as its on the same partition.
It seems that everyone is pointing to symlinks, jails, and NOT towards interception and return of modified info to the user. fakeroot and chroot aren't answers I'm after.
If I can intercept say a returning $DIR and make it $username only, it should work regardless of the app I make available to the user.
Yes... There's a reason for that: The way you want to go about this is odd, unreliable, nonportable, and dangerous. You can make your system unbootable trying to override libraries this way, or accidentally open security holes, and make your life a whole lot harder for yourself in general, all for the sake of doing this your way instead of the standard way UNIX has supported for a very long time.