Chroot jails made simpler


jk_lsh is the limited shell to run within the chroot. You can implement it by listing jk_lsh as the user's shell in either the system's or the chroot's /etc/passwd file, although using the chroot's copy is more secure.


Configured in /etc/jailkit/jk_socketd.ini, this daemon lets jailed users log into the main system's syslog. It may not be necessary for many chroot purposes.


This utility starts a daemon from the main system within a chroot. It may change the user and group ID before running the daemon in the jail. The daemon does not become accessible from within the chroot. For example:

jk_chrootlaunch -j /chroot -u bb -x 'service apache2 start'

would run Apache for user bb in the jail in the /chroot directory.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Command Line: Debootstrap

    We provide basic instructions for using Debian's debootstrap to create a schroot jail for building and testing packages.

  • Sandboxing


  • UCK

    We’ll show you how to create a custom Ubuntu ISO with the Ubuntu Customization Kit.

  • dgamelaunch

    If you are into retrogaming, dgamelaunch lets you set up a server to play Roguelike games and compete with friends, all while preserving a piece of gaming history.

  • Kernel News

    Chronicler Zack Brown reports on the latest news, views, dilemmas, and developments within the Linux kernel community.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95

Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs