0

I have regular users who are not SSH'd into a machine but are accessing the machine directly. How can I lock them into their home directory or any directory? At the moment they can successfully run rm -rf /. They can also run all sorts of dangerous commands. I normally use the ssh config to lock them in but this is not that situation.

In my situation the user is accessing the command line through a web interface. It is a docker container that is removed as soon as the user is done with it. I am trying to prevent the user from "escaping" the container since docker containers are not necessarily as "secure" as VMs.

user974407
  • 1,081
  • 1
  • 8
  • 10
  • 1
    If the user isn't root they shouldn't be able to do much damage...they don't have `sudo` ...do they? – Nathan C Dec 12 '14 at 19:12
  • @NathanC They don't have sudo – user974407 Dec 12 '14 at 19:16
  • In that case, doing `rm -rf /` will just remove their stuff and they'll get denied access to everything else. It's difficult to control access via the console since you can't chroot jail them. – Nathan C Dec 12 '14 at 19:21
  • @NathanC You cannot lock them into a directory? – user974407 Dec 12 '14 at 19:23
  • From the research I've done, you cannot lock them into a directory when logging in via the console. – Nathan C Dec 12 '14 at 19:31
  • 2
    I'm with Nathan C here. Console access to a machine and you want to hide the filesystem? Can you please explain exactly what you are trying to do? Ensuring proper permissions would be easier than trying to chroot the home directory. – David Houde Dec 12 '14 at 20:15
  • @DavidHoude I updated my question. I am running this in a docker container and I am trying to prevent escaping from the container. – user974407 Dec 12 '14 at 20:28
  • You should be able to do it with `chroot`. Also look into Restricted Shell. – Barmar Dec 12 '14 at 23:20
  • That's a completely different question to your original question. Now how do you think they are going to "escape from the container"? If this is a _serious_ concern, why are you using Ubuntu? – Michael Hampton Dec 13 '14 at 00:19

1 Answers1

1

For your specific situation, a chroot is useless. While a docker container is less secure than a fully-emulated VM, docker is still significantly more secure than a plain chroot. So, if you have a user who is capable of breaking out of docker, a straight-up chroot isn't going to slow them down.

That being said, there is a way to do what you describe: pam-chroot. It does what it says on the tin: during the login process, it calls chroot() into a specified directory if the user is in the relevant group or whatever. Being PAM, it's overly-complicated to setup, but it's flexible enough to (for instance) chroot certain users only if they're logging in on the console on a Thursday that happens to be a full moon.

womble
  • 96,255
  • 29
  • 175
  • 230