Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Jailing a certain user
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Zucca
l33t
l33t


Joined: 14 Jun 2007
Posts: 883
Location: KUUSANKOSKI, Finland

PostPosted: Wed Sep 13, 2017 11:52 am    Post subject: Jailing a certain user Reply with quote

I'd want to create a quite restricted user account. The purpose of this user is for media consuming. Pictures, videos, music (via mpd and locally also) and some simple games (emulators mainly).

For starters this user, called media, will be created on my Raspberry Pi 3 system (later on my server too). I've actually created that user already along with the group bearing the same name. I've also added it to the list of DenyUsers in /etc/ssh/sshd_config. The user will not have password so it's usable by anyone who uses the computer locally.
I have planned to use very stripped down xfce (maybe only the window manager from it) or Openbox (more suitable suggestions are welcome) with [url=https://www.linux.com/var/uploads/Image/articles/128892-1(1).png]wbar[/url] for lauching programs/actions. The media user should not be able to reboot or poweroff the machine if there's an open ssh, tmux or screen session open by another user. But that's after I have managed to create otherwise proper jail for the media user. So I'll concentrate on jailing first.

What method I should use to jail (chroot maybe) a user? I can create bind mounts inside the /home/media so that shared files from other computer are reachable by the media user. There exist a interesting program called lshell. But does it become too complicated to use that as a login shell for the user? I'd like to use it since the configuration looks plain simple.

Suggestions? Experiences? Your methods?
_________________
..: Zucca :..
This space is not for rent.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum