Yummy Chroots Building Chroots With Yum on Fedora 16
We’re going to build a minimal chroot directory for Fedora 16 using yum and rpm, we are using the ChrootDirectory functionality of Openssh which only came in >= 4.9p1
Credit goes Here for a great article getting me started on this.
As root:
mkdir --mode=700 -p /chroot/chrootuser
rpm --root /chroot/chrootuser --initdb
yumdownload --destdir=/var/tmp fedora-release
rpm --root /chroot/chrootuser -ivh --nodeps /var/tmp/fedora-release*rpm
yum --installroot=/chroot/chrootuser -y install bash
yum --installroot=/chroot/chrootuser -y install coreutils
groupadd chrooted
Edit /etc/ssh/sshd_config
Match Group chrooted
ChrootDirectory /chroot/%u
AllowTcpForwarding no
X11Forwarding no
AllowAgentForwarding no
PermitRootLogin no
ForceCommand /bin/bash
And restart the service: systemctl restart sshd.service
Add the user:
useradd -G chrooted -d /chroot/chrootuser chrootuser
ssh in as the user and they will be in the jailed directory