We are working on creating a user on a CentOS system who would work in a chrooted environment only. While this works fine in general, we also want this user to be able to access some configuration files which we keep in /etc and /opt. Read only access is necessary as we don't want the user to be able to change these files. The questions is how to provide this read only access.
1
-
1whats ur question now?– BlueBerry - Vignesh4303Commented Oct 10, 2013 at 10:35
Add a comment
|
2 Answers
for directories, i would recommend mounting the directories as readonly
for DIR in $DIRECTORIES ; do
mount --bind $DIR "$CHROOT_DIR$DIR" -o ro
done
For files, I guess you can just copy them into the chrooted environment each time. (Unless you need changes to them to be available immediately to the user, it should work.
for FILE in $FILES ; do
cp $FILE "$CHROOT_DIR$FILE"
done
-
I tried this already but if a directory or file system is already mounted read write, it cannot be mounted again using mount with different options (i.e ro in this case).– StarNixCommented Oct 10, 2013 at 13:37
Apparently I found the answer myself. I used a utility called bindfs and remounted my host directories inside of chroot in read only mode as needed.