pam_chroot(8)
NAME
pam_chroot - Chroot PAM module
SYNOPSIS
[service-name] module-type control-flag pam_chroot [arguments]
DESCRIPTION
- The chroot service module for PAM chroots users into either
- a predetermined directory or one derived from their home directory.
- If a user's
home directory as specified in the passwd structure returned - by
getpwnam(3) contains the string ``/./'', the portion of the - directory
name to the left of that string is used as the chroot direc - tory, and the
portion to the right will be the current working directory - inside the
chroot tree. Otherwise, the directories specified by the - dir and cwd
options (see below) are used. - also_root Do not hold user ID 0 exempt from the chroot
- requirement.
- always Report a failure if a chroot directory could
- not be
- derived from the user's home directory, and
- the dir option
was not specified. - cwd=directory Specify the directory to chdir(2) into after
- a successful
- chroot(2) call.
- dir=directory Specify the chroot directory to use if one
- could not be
- derived from the user's home directory.
SEE ALSO
AUTHORS
- The pam_chroot module and this manual page were developed
- for the FreeBSD
Project by ThinkSec AS and NAI Labs, the Security Research - Division of
Network Associates, Inc. under DARPA/SPAWAR contract - N66001-01-C-8035
(``CBOSS''), as part of the DARPA CHATS research program. - BSD February 10, 2003