> If you run ssh-chrootmgr, it will set up the environment for you
> so you don't have to deal with this manually.
>
> # ssh-chrootmgr username
>
> This should do the trick :)
In few cases (most notably on Linux)...
> Remember, it sets up a chrooted environment for
> sftp only.
Why can't you move the call to chroot(2) to sftp-server instead?
Comments in ssh-chrootmgr say "copy static binaries to ~/bin." Some
modern OSes (Solaris, IRIX to mention a couple) provide very limited
support (if any) for static linking. E.g. under Solaris you can't get
rid of reference to run-time linker ld.so (at least there is no
documented way as they do provide pure statically linked applications in
/usr/sbin/static). In such cases you have to copy all the shared
libraries those binaries refer to at run-time (in Solaris case meaning
that it depends on current CPU arch and locale), as well as run-time
linker... In Solaris case you would also have to create /dev/zero which
by the way wouldn't work if directory is mounted with nosiud flag. So
why not move chroot(2) to sftp-server? At least it shall work on *any*
platform and no questions will ever be asked (fingers crossed:-)...
Andy.
