Hello! I have just found jailkit in my search for ways to restrict command execution to end-users, and it works great. I have a jail set up with a limited number of executables available and that seems to be working OK, and it was very easy to set up. Kudos!
My next step is to keep an audit log of all user activity. I have tried using the "script" command, but in a root jail I get the error message "openpty failed" and the command dies. I tried mounting /dev/pts and /proc filesystems inside the jail but that did not seem to help.
I have also tried using the "rootsh" command, but when I run that command as a user in a jail it comes back and says "i don't know who you are". Running the jk_list command as a non-jailed user, I see three things running under the user context "nobody" but nothing under the account that is in the jail. The user is set up to do the jk_chrootsh in /etc/passwd.
My real goal is to have an audit log of all activity by users inside the jail. My preference right now would be to get rootsh working, but if you know of a better way or one more suited to running in a chroot environment I am open to that as well. I apologize for listing too many issues in one thread but I am unsure on how to begin. I greatly appreciate any help!