On Thu, 2012-03-15 at 12:58 +0100, BUGHUNTER wrote:
Hi,
I need instructions for how to setup a chroot environment on the server - I found this old discussion:
http://www.mail-archive.com/x2go-dev@lists.berlios.de/msg01268.html
but there is no solution, unfortunately.
Also, I found
http://www.x2go.org/doku.php/wiki:components:tce
but this seems to be a tool for setting up chroot on the CLIENT side? Seems to be a different use case.
What I want:
I would like to chroot users that logged into the server via x2go client to see only files in their home directory (or inside their "jail") - what is the recommended + most efficient way of doing this with the least administrative overhead? - mind the updates! - so recompiling jail binaries after every update of relevant software should happen automatically, most preferable solution would be:
apt-get install x2go-server-chroot x2go-create-chroot /home/user
without any needed (or minimal) additional interaction after future updates so that your jail is always uptodate after an apt-get update.
does this exist?
if not, how to create it?
THANK you very much for your attention, Bughunter
BTW search for x2go +chroot with Google to see how small the internet can be ;) <snip>
I don't know if it is of any help but we run X2Go Server in a VServer which is, more or less, a chroot on steroids. We did find we needed to do some intense surgery on the X2Go Server side scripts and we had to add certain capabilities to the vservers - particularly mount capabilities. We were never able to enable local share unmounting (fusermount requires capabilities which are not available in our kernel
- I believe they may be in newer kernels) which is one reason why we moved session clean up to the VServer host (besides the fact that I can run one cleanup daemon for hundreds of x2goserver instances instead of one process each (and it fires every five seconds).