mkchroot.sh

#!/bin/bash
#
# This script should be run as root
 
who=`whoami`
now=`date +%s`
username=""
 
function usage(){
	echo "Usage:"
	echo "  $0 -u username"
	echo ""
	echo "Create a chrooted SSH user"
	echo "  -u	The user for the identification on the SSH host"
	echo
	echo "Run this script as root"
	exit;
}
 
while getopts "u:" optname
do
	case "$optname" in
		"u")
			username=$OPTARG
			;;
		"?")
			echo "Unknown option $OPTARG"
			usage
			;;
		":")
			echo "No argument value for option $OPTARG"
			usage
			;;
		*)
		# Should not occur
			echo "Unknown error while processing options"
			;;
	esac
done
 
if [[ $who != "root" ]]; then
	echo "You are not root!"
	exit 1
fi
 
if [[ $username == "" ]]; then
	usage
	exit 2
fi
 
#Create directories
/usr/sbin/useradd $username
/bin/mkdir -p /home/$username/{dev,lib,bin}
 
#Update rights
/bin/chown root:root /home/$username
 
#Add minimal needed files
/bin/cp /bin/bash /home/$username/bin/
/bin/cp /lib/{ld-linux.so.2,libc.so.6,libdl.so.2,libncurses.so.5} /home/$username/lib/
/bin/mknod -m 0666 /home/$username/dev/null c 1 3
/bin/mknod -m 0666 /home/$username/dev/zero c 1 5
 
#Modify sshd
/bin/cp /etc/ssh/sshd_config /etc/ssh/sshd_config.$now
/bin/cat  <<EOF >> /etc/ssh/sshd_config
 
GatewayPorts clientspecified
 
Match User $username 
	ChrootDirectory %h
	AllowTcpForwarding yes
	X11Forwarding no
EOF
 
exit 0