[OpenAFS] Chroot in afs?

Russ Allbery rra@stanford.edu
Mon, 01 Mar 2004 11:21:05 -0800


Tino Schwarze <openafs-info.lists@tisc.de> writes:
> On Mon, Mar 01, 2004 at 02:12:00PM +0100, Carlos J. Montero Mendoza wrote:

>> I would like to know if is it possible to make a chroot over a user
>> home directory in afs.  I=B4m planning to use afs for store all the
>> counts of my system, but i don=B4t want that the users can see the whole
>> cell, only their directories. Is it possible? Thanks very much.

> A chroot in AFS is not possible since some special files are not
> supported: pipes, sockets and devices. In principle it would be possible
> but you usually need some of these files for a chroot environment to
> work.

On systems that support it, you can mount tmpfs over top of the chroot
environment in AFS as the dev directory and then create the special
devices inside that file system.  That's one of the recommended solutions
for doing chrooted ftp service out of AFS.

--=20
Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>