[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] Jailkit As my solution
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] Jailkit As my solution |
Date: |
Wed, 12 Dec 2012 21:50:11 +0100 |
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/17.0 Thunderbird/17.0 |
On 12/12/2012 05:39 PM, Joshua Moore wrote:
> Hello all, I am writing this to ask about the possibility of using
> Jailkit for a project of mine. I'm not quite sure if it will meet the
> requirements though. What I am looking for is a solution that will allow
> me to isolate local login shell users, as well as remote FTP, SSH, RSYNC
> etc. at the per-application level. What I mean by this is that I want
> the ability to restrict the authenticated user to no execute, read,
> write, permissions aside from a set application. The solution also needs
> to be reproducible so as to say when new users are added they use a set
> "template" based on predefined permission levels etc. Is this possible
> with Jailkit? Main thing I am concerned about here is the ability to
> apply the policies on the local login shell.
yes, jk_chrootsh works on local logins as well as remote logins.
the 'templates' are possible with jk_init, you can write your own
section in jk_init.ini and create a new identical jail with a single
jk_init command. If you use hardlinks that will not use any diskspace.
Olivier