Access files outside a chroot'ed environment?

centos chroot

I need to setup some users to access our server. I thought the most secure way to allow them access was to setup a chroot'ed jail for them to log into.

But I need them to access a few select directories that are outside the chroot'ed environment. Apparently I can't use symlinks for this. What is the best approach? Can a chroot'ed environment not be used for this purpose?


Solution 1:

This is a place where a bind mount will do what you want.

Solution 2:

If it's on the same filesystem and it's individual files, hardlinks will work.

Softlinks will not work: the main purpose of a chroot'ed jail is that users can't get out to access files that aren't inside there.

You can use cp -lr to duplicate a directory tree with each file being a hardlink to the same underlying file, but that won't immediately pick up renames/moves, new files or deletes.

I think @SvenW has the best idea: move the directory into the chroot area and make the current location a symlink to the version inside the chroot.

Related

ARP packets never routed?
cannot unset env variables from script
Password policy vs password never expires question
What's new in Puppet since 2007?
SQL Server tempdb size seems large, is this normal?
Accidentally ran chmod 775 -R / (not ./) on linux server (RedHat)
DHCPDISCOVER requests from an off-by-one MAC address
Copying local SSH key to remote host if it doesn't exist already
DNS Round Robin: Multiple Nameservers VS Multiple A Records?
KMS - What clients are licensed?
Preferable VM software for a small dev team
BIND zone file output with DIG command?