56 lines
1.4 KiB
Bash
Executable File
56 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
|
# Adapted from LinuxConfig.org
|
|
# GNU GPL v3.0+
|
|
CMDS="bash mkdir touch mv rm ls grep cat vim"
|
|
|
|
USER=$1
|
|
CMDS=($CMDS) # convert to array
|
|
# Create user if not exist
|
|
if ! id "$USER" 2&>/dev/null; then
|
|
echo 'INFO: User not found'
|
|
echo 'Creating...'
|
|
useradd $USER
|
|
echo "Password for $USER:"
|
|
passwd $USER
|
|
fi
|
|
|
|
CHROOT=$(eval echo ~$USER)
|
|
|
|
mkdir -p $CHROOT$CHROOT # make new home dir
|
|
chown $USER:$USER $CHROOT$CHROOT
|
|
|
|
# ChrootDirectory requires these permissions
|
|
chown root:root $CHROOT
|
|
chmod 745 $CHROOT
|
|
printf "Match User $USER\n ChrootDirectory $CHROOT" > /etc/ssh/sshd_config.d/70-$USER.conf
|
|
|
|
# cp user and group into chroot
|
|
mkdir -p $CHROOT/etc/
|
|
cat /etc/passwd | grep $USER > $CHROOT/etc/passwd
|
|
cat /etc/group | grep $USER > $CHROOT/etc/group
|
|
|
|
# cp in all commands and dependencies
|
|
for cmd in "${CMDS[@]}"; do
|
|
for dep in $( ldd $(which $cmd) | grep -v dynamic | cut -d " " -f 3 | sed 's/://' | sort | uniq ); do
|
|
cp --parents $dep $CHROOT
|
|
done
|
|
cp --parents $(which $cmd) $CHROOT
|
|
done
|
|
|
|
SHELL=$(cat /etc/passwd | grep $USER | tr ":" "\n" | tail -n 1)
|
|
if [ ! -f $CHROOT$SHELL ]; then
|
|
echo "WARN: You didn't add the shell specified in /etc/passwd for \"$USER\": ($SHELL)"
|
|
fi
|
|
|
|
# ARCH amd64
|
|
if [ -f /lib64/ld-linux-x86-64.so.2 ]; then
|
|
cp --parents /lib64/ld-linux-x86-64.so.2 /$CHROOT
|
|
fi
|
|
|
|
# ARCH i386
|
|
if [ -f /lib/ld-linux.so.2 ]; then
|
|
cp --parents /lib/ld-linux.so.2 /$CHROOT
|
|
fi
|
|
|
|
systemctl restart sshd
|