Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You can change HOME in profile, but this doesn’t affect your current directory. You can however put a cd command into the profile.
I am not sure if you are asking the right questions. What do you want to achieve? Go to jail immediately at logon? Again I am not smarter than Google, but perhaps this helps: https://askubuntu.com/questions/5477...users-on-login.
Oh, as I was hopping if I can "su - root" to my chroot directory.
Does /etc/profile affect the login path?
I think you're mixing up the user root, which you can become with the su (Switch User) command, with the root directory (/), which can be changed by chroot.
They're two quite different things.
The root directory normally is /, for all users, but after a chroot another directory becomes a new root and directories outside of the tree below that cannot be seen or reached anymore. It doesn't have anything to do with which user you are.
su is a tool. What you wish is something else, su cannot do that for you. Changing any account do achieve this is not a really good approach. If you need a tool to do that I think you need to implement it (actually you need to write a small shell script).
(without the -) will give you root privileges in that directory.
As has been said the - causes the new user's environment to be loaded, which also causes a change to root's home directory, which is /root on my systems. If you don't want to change directories when you su, leave off the -
Note: If you're changing to another non-privileged user, leaving off the - will likely leave you in a state where you can't read or write the directory you're in.
What I'm trying to achieve is to lock my current root account in chroot after I "su - root" from normal user account.
Example:
I login as a normal user "Alex" using putty.
In the current session when I key in "su - root". It will prompt for root password.
After which it will automatically go straight into my chroot.
Hi Pan64, do have a guide to write shell script to to implement it?
What I'm trying to achieve is to lock my current root account in chroot after I "su - root" from normal user account.
Example:
I login as a normal user "Alex" using putty.
In the current session when I key in "su - root". It will prompt for root password.
After which it will automatically go straight into my chroot.
I'm pretty sure you can't lock down the superuser that way, or any way. root can do anything.
As I said, leaving the - off will leave you wherever you are when you su, but then you'll be root and can go anywhere you want.
What, exactly, are you trying to accomplish? By that I mean, why do you want to do as you've asked?
My aim is to trap root account in chroot.
I'm succeeded by using "ssh root@localhost" and it will login directly to my chroot since I've already config my directory and edited sshd_config.
Now I trying to do the same but by using su or sudo but none succeed.
It is trivial for root to escape from a chroot jail. Easiest way is to simply move the jail to a subdirectory of your current location, and thus you are no longer inside it.
What I'm trying to achieve is to lock my current root account in chroot after I "su - root" from normal user account.
I think it’s easier to simply disable su for normal accounts. See /etc/pam.d/su; you need to remove the comment in front of a single line to restrict su to members of group wheel.
As there is a security scanning software inplace in my organisation.
-ssh to root (need to be block)
-so I'm trying to do a work around which is ssh to another account and then su to root.
I already completed configuring my chroot.
Just that I want it whenever I "su root" it will automatic go into my chroot.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.