On Thu, 23 Dec 1999, Ookhoi wrote:
> Hi Ben, > > > On Sun, Dec 12, 1999 at 12:04:09PM -0500, Nagilum wrote: > > > I had read some docs which mentioned that on SysV, you can specify a * in > > > the 7th field of the passwd file (thisis from memory, I may be off) and > > > that user's login will then be chroot()ed to his home directory. > > > > > > I was hoping to find a similar functionality in Debian, so I tried the * > > > in the 7th field and that didn't work. So then I grabbed the source for > > > login (shadow package) and grepped the source for chroot. In > > > libmisc/sub.c I found it, along with some commentary: > > > > > > /* > > > * subsystem - change to subsystem root > > > * > > > * A subsystem login is indicated by the presense of a "*" as > > > * the first character of the login shell. The given home > > > * directory will be used as the root of a new filesystem which > > > * the user is actually logged into. > > > */ > > > > > > So, I tried changing a user's login shell to '*/bin/bash' to no avail. > > > When I attempt to login, I am asked for the username.. and then I am asked > > > for the password twice and booted out. > > > > > > I also tried replacing /bin/login with a re-compiled version from the > > > (slink) source but the same thing happened. > > > > The documentation specifies: > > > > 1) Once the user has logged in they are chrooted and asked to login via > > that password file _in the chrooted directory_. > > > > 2) The shell must be available in the chrooted env (as well as all needed > > bianries). > > > > So for this to work, you must have a complete working filesystem in each > > home directory (/home/foo/dev /home/foo/bin /home/foo/usr/bin /home/foo/etc > > ...). > > I have a password entry at my system like this: > ookhoi $ grep ookhoi /etc/passwd > ookhoi:x:1000:1000:Ookhoi:/usr/remote:*/bin/bash > > Under /usr/remote I have a complete and working filesystem which I use > for nfs boots. > Now I try to login: > > ookhoi $ su ookhoi > Password: > Password: > No shell > > The first password is the password on my system, the second password is > the password I use when I do a nfs boot, so the change root works. But > for some reason I get the "No shell". Can you help me with that please? > > The password entry at the nfs boot system is: > ookhoi $ grep ookhoi /usr/remote/etc/passwd > ookhoi:x:1000:101::/home/ookhoi:/bin/bash > > And this works: > expanse:~# chroot /usr/remote/ su - ookhoi > ookhoi $ > > Of course bash is there: > ookhoi $ /bin/bash > ookhoi $ And is it in the chrooted /etc/shells? Robert Varga >