The chroot service module for PAM chroots users into either a predetermined directory or one derived from their home directory. If a user's home directory as specified in the
passwd structure returned by
getpwnam(3) contains the string “
/./”, the portion of the directory name to the left of that string is used as the chroot directory, and the portion to the right will be the current working directory inside the chroot tree. Otherwise, the directories specified by the
dir and
cwd options (see below) are used.
also_root
Do not hold user ID 0 exempt from the chroot requirement.
always
Report a failure if a chroot directory could not be derived from the user's home directory, and the dir option was not specified.
dir=directory
Specify the chroot directory to use if one could not be derived from the user's home directory.