| PAM_CHROOT(8) | System Manager's Manual | PAM_CHROOT(8) | 
pam_chroot —
Chroot PAM module
[service-name] module-type
  control-flag pam_chroot
  [arguments]
The chroot service module for PAM chroots users into either a predetermined
  directory or one derived from their home directory. If a user's home directory
  as specified in the passwd structure returned by
  getpwnam(3) contains the
  string “/./”, the portion of the
  directory name to the left of that string is used as the chroot directory, and
  the portion to the right will be the current working directory inside the
  chroot tree. Otherwise, the directories specified by the
  dir and cwd options (see
  below) are used.
  - also_root
- Do not hold user ID 0 exempt from the chroot requirement.
- always
- Report a failure if a chroot directory could not be derived from the
      user's home directory, and the diroption was not
      specified.
- cwd=directory
- Specify the directory to
      chdir(2) into after a
      successful chroot(2)
    call.
- dir=directory
- Specify the chroot directory to use if one could not be derived from the
      user's home directory.
Thepam_chroot module and this manual page were
  developed for the FreeBSD Project by ThinkSec AS and
  NAI Labs, the Security Research Division of Network Associates, Inc. under
  DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the
  DARPA CHATS research program.