jail-shell | linux security tool mainly using chroot , namespaces | Identity Management library

jail-shell is a C library typically used in Security, Identity Management applications. jail-shell has no bugs, it has no vulnerabilities, it has a Strong Copyleft License and it has low support. You can download it from GitHub.

through the configuration file jail-shell automatically generates the chroot running environment. through jail-shell management commands it’s very easy to add, list, delete, restrict users, and easy to install, delete chroot running environment. the linux chroot technology is used to restrict the user’s directory access, to avoid users accessing restricted directories and to prevent users from destroying the system. the chroot running enviroment is readonly, this prevents users from deleting protected directories and files, creating device files, and accessing restricted files. use linux namespace technology, limit the visible range of user pid, mount directories, and avoid information leakage. provides a system command-and-proxy channel that allows users to execute a real system’s restricted command in a chroot environment, protecting the system in the event that it provides the necessary functionality. only a list of commands is required to automatically copy the dynamic library that the command relies on to the chroot environment, avoiding the cumbersome work of copying the dynamic library manually. discard critical capabilities privileges to avoid the system, and the chroot running environment, being cracked by rootkit. supports redhat, sles, debian and their derivative operating systems. when using jail-shell, the minimum security authorization principle should be adopted. in the premise of ensuring the use of