ubuntu chroot environment | What is chroot?

admin | March 3, 2025


ubuntu chroot environment | What is chroot?

 

 


What is chroot?

chroot (short for "change root") is a Unix/Linux command that changes the apparent root directory for a process and its children. This creates a "chroot jail", isolating processes from the rest of the system.

Why use chroot?

  1. Security – Restricts users or processes to a specific directory, preventing access to critical system files.
  2. Testing/Development – Run software in a controlled environment without affecting the main system.
  3. System Recovery – Mount a damaged system and fix it using a live Linux environment.
  4. SFTP/SSH Restriction – Limit SSH/SFTP users to their home directories for security.

 

Setup of chroot Environment

  1. change to root user 

    sudo su -

  2. Add user 

    adduser <username>

  3. Setting up open-ssh

    To install the OpenSSH server application, and related support files, use this command at a terminal prompt:

    sudo apt install openssh-server

     

    nano /etc/ssh/sshd_config

    • Find the line

      #chrootDirectory
#Subsystem

    • Then change

      Match User * ,!<username>
	ChrootDirectory %h

      • note: * means all user (wildcard) & ! means exclude

         

  4. Change the ownership

    chown root:root /home/<username Directory>
chmod 755 /home/<username Directory>
  5. Setup interactive shell for ssh chroot jail

    1. First create bin folder into user directory

      mkdir -p /home/<user>/bin

    2. Then, copy main bin/bash into bin inter user

      cp -v /bin/bash /home/<user>/bin/

  6. Setup interactive session

    ls -l /dev/{null,zero,stdin,stdout,stderr,random,tty}

    output: 

    Then

    1. mkdir -p /home/<username>/dev/
cd /home/<username>/dev/
    2. mknod -m 666 null c 1 3
mknod -m 666 tty c 5 0
mknod -m 666 zero c 1 5
mknod -m 666 random c 1 8

  7.  Identify bash required shared lib & lib64

    ldd /bin/bash

    note: see location of bash file 

    output

    mkdir -p /home/<username>/lib
mkdir -p /home/<username>/lib64
mkdir -p /home/<username>/lib/x86_64-linux-gnu

    Then copy all file related with bash file lib

    cp -v /lib/x86_64-linux-gnu/{filename} /home/<username>/lib/x86_64-linux-gnu/
cp -v /lib64/{filename} /home/<username>/lib64/

     

  8. Install few user command into bin folder 

    cp -v /bin/ls /home/<username>/bin/

    then try the step 7 for ls command 

    ldd /bin/ls

 

Some important cli for chroot

          bash, ls , mkdir , chown, chmod

 




0 COMMENTS:

How to Install and Configure Apache on Ubuntu

How to Install and Configure Apache on Ubuntu&nbsp;Apache is one of the most widely used web servers

Read More
ubuntu chroot environment | What is chroot?

&nbsp;&nbsp;What is chroot?chroot (short for "change root") is a Unix/Linux command that changes the

Read More
How to Manage WiFi and Web Browsing in Linux Using the Terminal

How to Manage WiFi and Web Browsing in Linux Using the Terminal&nbsp;&nbsp;Linux users often find th

Read More
Essential Linux Commands for System Administration

&nbsp;&nbsp;&nbsp;Essential Linux Commands for System AdministrationLinux is a powerful operating sy

Read More
Beginner's Guide to Learning Ubuntu Server

Beginner's Guide to Learning Ubuntu ServerUbuntu Server is a powerful and widely used Linux-based op

Read More