Chroot jails made simpler


jk_lsh is the limited shell to run within the chroot. You can implement it by listing jk_lsh as the user's shell in either the system's or the chroot's /etc/passwd file, although using the chroot's copy is more secure.


Configured in /etc/jailkit/jk_socketd.ini, this daemon lets jailed users log into the main system's syslog. It may not be necessary for many chroot purposes.


This utility starts a daemon from the main system within a chroot. It may change the user and group ID before running the daemon in the jail. The daemon does not become accessible from within the chroot. For example:

jk_chrootlaunch -j /chroot -u bb -x 'service apache2 start'

would run Apache for user bb in the jail in the /chroot directory.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Command Line: Debootstrap

    We provide basic instructions for using Debian's debootstrap to create a schroot jail for building and testing packages.

  • Sandboxing


  • UCK

    We’ll show you how to create a custom Ubuntu ISO with the Ubuntu Customization Kit.

  • dgamelaunch

    If you are into retrogaming, dgamelaunch lets you set up a server to play Roguelike games and compete with friends, all while preserving a piece of gaming history.

  • Kernel News

    Chronicler Zack Brown reports on the latest news, views, dilemmas, and developments within the Linux kernel community.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More