I made a link to /bin/bash , /usr/local/bin/jailbash , and set it as the shell for my guest account.
I then created the appropriate apparmor app, and threw it into the /etc/apparmor.d/usr.local.bin.jailbash
I reloaded all the profiles, and ended up restarting.
If I log into the desktop as my guest user, none of the profile restrictions are in effect
If I open up a terminal and do "su guest"
All of the appropriate profile restrictions are in place.
Does jailbash only work for command line interface? is there anyway to completely limit that user from those areas of the computer regardless of how they log on?
thanks
Bookmarks