Managing Chroot Jails in Linux

Поделиться
HTML-код
  • Опубликовано: 15 дек 2024

Комментарии • 30

  • @chromerims
    @chromerims 3 месяца назад

    2:59 -- ldd command (bash and ls modules or dependencies)
    Ok, thank you 👍
    Excellent video

  • @alireza2557-j3k
    @alireza2557-j3k 6 лет назад +8

    I really love your passion in training, I have certified in lpic1 and 2 with your pretty videos.

    • @theurbanpenguin
      @theurbanpenguin  6 лет назад +1

      Thank you and congratulations on your achievement

    • @alireza2557-j3k
      @alireza2557-j3k 6 лет назад +1

      You know dear Andrew, there are a few people like you in the world that like to share their knowledge and let others have progress in their work and life.
      I think one of my owe to the open source industry is to share my experience and knowledge to others.

  • @ep20001
    @ep20001 6 лет назад +7

    The for loop to copy all of those directories for pretty cool. That could save me a lot headache in the pass when copy certain folders in a directory. Great Job!

  • @sueleymanceran5623
    @sueleymanceran5623 6 лет назад

    I would write a general comment since a while to thanks for all these wonderful videos. All Theurbanpenguin's videos are very very nice. Thanks

  • @Vagelis_Prokopiou
    @Vagelis_Prokopiou 6 лет назад +2

    Another excellent video. Thanks.

  • @thsdsyt
    @thsdsyt 5 лет назад +1

    Can't understand why did you put an additional space after the closing single quote before the closing double quotes. Why don't type just "PS1='JAIL $ '"?.

  • @linuxdoesmatter5542
    @linuxdoesmatter5542 Год назад

    /bashjail/root must be created and inside this root directory the hidden file .bashrc with PS1="JAIL $" otherwise no pompt JAIL $ will be set. This is for Centos 9 in my particular case.

  • @m0rphe0-8
    @m0rphe0-8 6 лет назад

    what is distribution has used ?

  • @Haze1434
    @Haze1434 4 года назад

    Hi Tux; What are the implications / best practices around libraries that are symbolically linked, such as when there are different versions? I take it one would need to copy over the destination file from the link, rather than the symbolic link itself?

  • @jakepanda209
    @jakepanda209 2 года назад

    Thank You...very much sir.

  • @jacobtb1
    @jacobtb1 Год назад

    helpful, thanks

  • @marcello4258
    @marcello4258 3 года назад

    what about process isolation and adding different network settings like ip addresses? perhaps you are also interested in doing such? :) this was very helpful btw!

  • @gilius2k156
    @gilius2k156 6 лет назад

    Is it possible to install a full GNU/Linux distro into a chroot container and then VNC into it with graphics? Why is there no tutorials on that?

    • @theurbanpenguin
      @theurbanpenguin  6 лет назад

      Yes, but that is not really the idea of a chroot jail. It is to give limited access to resources. If you like what you describe in having the complete Linux distro in a chroot jail is what you have after an install of Linux. To access the complete distro in a chroot jail though is not uncommon. Fo a Linux recovery, perhaps where a password is unknown you can boot up to a live CD or USD on the system. Mount the real root file system to somwhere like /mnt and then chroot to the directory. When you run the passwd command then you are writing to /mnt/etc/shadow rather than on the USB

    • @gilius2k156
      @gilius2k156 6 лет назад

      @@theurbanpenguin Thanks, but isn't the modern docker/containers the same concept as a chroot jail in terms of apps or whole operating systems as an alternative to virtualization? And this concept resulted in a very popular application on Android named Linux Deploy; however, it seems that chroot is not without it's limitations, resulting in only a minimalistic installation of GNU/Linux with restrictions on what can be done inside. Unfortunately, there's just not enough information/discussion on how it works and why there would be limitations sharing the same kernel. For example, apparently not all commands will work under a chroot container - but since nobody seems to be testing full distros outside of Linux Deploy it's hard to know.

  • @axlslak
    @axlslak 3 года назад

    ceerut? is that how people pronounce it? C.H. Root.

    • @bjornroesbeke
      @bjornroesbeke 3 года назад

      CH - from "change"
      ROOT - from "root"
      change root, chroot.

  • @TheHermitHacker
    @TheHermitHacker 4 года назад +1

    It's been now 4 solid days for me to try and solve my problem and now reaching to explain what it is that I am working on and asking for opinions or ideas. I am moving a bunch of websites away from the industry standard web hosting automation system known as WHM by cPanel. The problem i am running into seems to be how all this stuff works. Here's my best explaination: Each "account" is devoted to one or more websites per account. Users can, if granted access, be able to ssh into their account with limited access to files. They can also modify files via sftp or scp using programs like WS_FTP, WinSCP, Filezilla, etc. These programs use SSH2 or SFTP protocols and require bash on the server to operate. Whether they are logged into ssh or sftp, they are limited to seeing ONLY the files within their 'account". Sadly, i cannot seem to find anyone who's solved this AND shared how they have this setup. Every solution I have tried I was able to break out of the chroot or jail. It is very important that this gets solved because I am working on a cPanel clone to give to the community at large. I want the same functionality for DIY web hosting with best security practices, practiced. Hopefully i get a response, and thank you.

    • @TheEminentSavage
      @TheEminentSavage 4 года назад

      I'm know exactly what you're describing with WHM and it's shared accounts on a single server directive. Great idea. Maybe go ahead and open-source what you have now. The community will be more easily able to contribute our help.

  • @HK-sw3vi
    @HK-sw3vi 3 года назад

    I like how I just didn't learn chroot here, I learnt inline bash scripting and other commands

    • @jgz6989
      @jgz6989 2 года назад

      A sharp contrast to other videos who barely give you enough info and got twice the subscribers.

  • @jeanrodrigues6249
    @jeanrodrigues6249 2 года назад

    HK

  • @douwehuysmans5959
    @douwehuysmans5959 5 лет назад

    Please don't see Linux chroots as 'jails' they are trivial to break out of

  • @metaobserver657
    @metaobserver657 Год назад

    haha penguin

  • @ade5324
    @ade5324 8 месяцев назад

    btw that copy files from ldd part could been more easily done with:
    ldd /bin/bash | grep -oe '\/\S*' | xargs -I _ cp --parents _ /bashjail
    ldd /bin/ls | grep -oe '\/\S*' | xargs -I _ cp --parents _ /bashjail
    (i felt very smart coming up with it)

  • @jeanrodrigues6249
    @jeanrodrigues6249 3 года назад

    Floppy