# How to create Shell Jail Account?



## raffo (Nov 1, 2009)

I'm running FreeBSD 7.1 64bit in my Server.

I need to know how i can create a Jail Account SSH Shell.
I do create an account that don't do see same directory.

For example, i login to user jon and my directory is /home/jon
Thereare an other user bob in /home/bob.

Jon when run the command "ls -a -l"  in /home don't do see /home/bob.

How can i do?

Thanks for all


----------



## raffo (Nov 3, 2009)

Solve, here the solution!

https://www.rv89.eu/forum/index.php?/topic/16-how-to-setup-ssh-jail-on-bsd-system/


----------



## DutchDaemon (Nov 3, 2009)

I'm glad *you* found the solution, because I understood ~0% of the original question ...


----------



## raffo (Nov 6, 2009)

DutchDaemon said:
			
		

> I'm glad *you* found the solution, because I understood ~0% of the original question ...



Hey, what do you not have understain?
sorry for my bad english but you don't know Jail Shell? (i think you are bsd expert when i see your firm in this forum..)


----------



## SirDice (Nov 6, 2009)

The solution that you posted talks about chroot'ing an ssh user. A jail is something completely different.
See jail(8) and compare that with chroot(8).


----------



## DutchDaemon (Nov 6, 2009)

raffo said:
			
		

> Hey, what do you not have understain?
> sorry for my bad english but you don't know Jail Shell? (i think you are bsd expert when i see your firm in this forum..)



So after calling it 'Jail Shell', 'Shell Jail' and 'Jail Account SSH Shell' this turns out te be about a simple chrooted ssh session? Fine. Work on your English and BSD concepts, and I'll continue to run my firm here


----------



## raffo (Nov 6, 2009)

Well, i'm searching to learn about Jail Account. But i have solve my problem with chroot.

Same result for what i need.


----------



## andrewboring (Nov 20, 2009)

I believe what raffo was looking to do is similar to the "jailshell" environment provided by popular web hosting control panels, like cPanel. 

In those control panels, when shell access is enabled for a given account, various parts of the filesystem is mounted through loopback (bind mount on Linux, nullfs on BSD) and made accessible to the user in a chroot'ed directory. The user's home directory is such a mount, so that if the user tries to "ls -l /home", they only see their home directory.

For example: 


```
/home/virtfs/user  #user's chroot'd filesystem root (/)

/home -> /home/virtfs/user/home         #nullfs/bind mount  
/home/user  -> /home/virtfs/user/home/user     #nullfs/bind mount
/usr -> /home/virtfs/user/usr          #nullfs/bind mount
```


The shell in /etc/passwd is usually not /bin/sh, or some other real shell, but a custom shell (probably a wrapper to bash) provided by the control panel to set the chroot'ed environment before starting the interactive shell. 

That's sort of what raffo's "solved" link did, except they copied the binaries into the chrooted environment instead of mounting via nullfs.


----------

