49 lines
1.4 KiB
Bash
Executable File
49 lines
1.4 KiB
Bash
Executable File
#!/bin/bash
|
|
# Adapted from LinuxConfig.org
|
|
# GNU GPL v3.0+
|
|
CMDS="mkdir touch mv rm ls grep cat vim"
|
|
|
|
USER=$1
|
|
CHROOT=$(eval echo ~$USER)
|
|
CMDS=($CMDS) # convert to array
|
|
|
|
if ! id "$USER" 2&>/dev/null; then
|
|
echo 'INFO: User not found'
|
|
echo 'Creating...'
|
|
useradd -m $USER
|
|
printf "Match User $USER\n ChrootDirectory $CHROOT$CHROOT" > /etc/ssh/sshd_config.d/70-$USER.conf
|
|
fi
|
|
|
|
# cp in all commands and dependencies
|
|
for cmd in "${CMDS[@]}"; do
|
|
for dep in $( ldd $(which $cmd) | grep -v dynamic | cut -d " " -f 3 | sed 's/://' | sort | uniq ); do
|
|
cp --parents $dep $CHROOT
|
|
done
|
|
cp --parents $(which $cmd) $CHROOT
|
|
done
|
|
|
|
# cp user and group into chroot
|
|
mkdir -p $CHROOT/etc/
|
|
cat /etc/passwd | grep $USER > $CHROOT/etc/passwd
|
|
cat /etc/group | grep $USER > $CHROOT/etc/group
|
|
|
|
SHELL=$(cat /etc/passwd | grep $USER | tr ":" "\n" | tail -n 1)
|
|
if [ ! -f $CHROOT$SHELL ]; then
|
|
echo "WARN: You didn't add the shell specified in /etc/passwd for $USER: ($SHELL)"
|
|
fi
|
|
|
|
# ARCH amd64
|
|
if [ -f /lib64/ld-linux-x86-64.so.2 ]; then
|
|
cp --parents /lib64/ld-linux-x86-64.so.2 /$CHROOT
|
|
fi
|
|
|
|
# ARCH i386
|
|
if [ -f /lib/ld-linux.so.2 ]; then
|
|
cp --parents /lib/ld-linux.so.2 /$CHROOT
|
|
fi
|
|
|
|
echo "NOTE: If you are using a shell that is NOT /bin/bash, you need to tell"
|
|
echo " chroot that by using: chroot $CHROOT {other shell path}"
|
|
echo ""
|
|
echo "Chroot jail is ready. To access it execute: chroot $CHROOT"
|