I had read some docs which mentioned that on SysV, you can specify a * in the 7th field of the passwd file (thisis from memory, I may be off) and that user's login will then be chroot()ed to his home directory.
I was hoping to find a similar functionality in Debian, so I tried the * in the 7th field and that didn't work. So then I grabbed the source for login (shadow package) and grepped the source for chroot. In libmisc/sub.c I found it, along with some commentary: /* * subsystem - change to subsystem root * * A subsystem login is indicated by the presense of a "*" as * the first character of the login shell. The given home * directory will be used as the root of a new filesystem which * the user is actually logged into. */ So, I tried changing a user's login shell to '*/bin/bash' to no avail. When I attempt to login, I am asked for the username.. and then I am asked for the password twice and booted out. I also tried replacing /bin/login with a re-compiled version from the (slink) source but the same thing happened. Anyone know how to get this to work?
