argh, this sounds like the sort of thing that would've been useful when i set up rsync on our company backup machine (as opposed to writing a small shell that chrooted and ran rsync).
it doesn't appear to be in debian unstable; apt-cache shows no third party module for it, and it's most definitely not included in stock pam. according to the rpm changelog, redhat added it on 10/02/00, somewhere before 0.73 was merged. the readme in the modules/chroot directory identifies the source as ftp://ferret.lmh.ox.ac.uk/users/weejock/pam_chroot/. i would love to see it packaged; i put redhat's source tarball at http://etc.mp3revolution.net/pam-redhat-0.74-22.tar.gz On Fri, Oct 26, 2001 at 05:25:28PM +0200, Christian Kurz wrote: > > On 26/10/01, Javier Fern?ndez-Sanguino Pe?a wrote: > > The problem is, how can an admin restrict remote access from a given user > > (through telnet and/or sshd) in order to limit his "moves" inside the > > operating system. > [...] > > AFAIK, pam only allows to limit some user accesses (cores, memory > > limits..) not users "movement" in the OS > > That's a wrong assumption. At least RedHat contains a pam_chroot.so > module which can be used in connection with the latest ssh to limit a > user into a chroot. I'm just wondering if that module is packaged > already for debian or not. > > Christian > -- > Debian Developer (http://www.debian.org) > 1024/26CC7853 31E6 A8CA 68FC 284F 7D16 63EC A9E6 67FF 26CC 7853 -- "I think a lot of the basis of the open source movement comes from procrastinating students..." -- Andrew Tridgell <http://www.linux-mag.com/2001-07/tridgell_04.html> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]