6 files changed, 33 insertions, 0 deletions

diff --git a/etc/group b/etc/group
new file mode 100644
index 0000000..26377e1
--- /dev/null
+++ b/etc/group
@@ -0,0 +1 @@
+judge:x:1024:judge
diff --git a/etc/pam.d/jail b/etc/pam.d/jail
new file mode 100644
index 0000000..a3563bc
--- /dev/null
+++ b/etc/pam.d/jail
@@ -0,0 +1,2 @@
+#%PAM-1.0
+session		required	pam_chroot.so
diff --git a/etc/pam.d/su b/etc/pam.d/su
new file mode 100644
index 0000000..b5d6504
--- /dev/null
+++ b/etc/pam.d/su
@@ -0,0 +1,15 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth		sufficient	pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+#auth		required	pam_wheel.so use_uid
+auth		include		system-auth
+auth		include		postlogin
+account		sufficient	pam_succeed_if.so uid = 0 use_uid quiet
+account		include		system-auth
+password	include		system-auth
+session		include		system-auth
+session		include		postlogin
+session		optional	pam_xauth.so
+session         include         jail
diff --git a/etc/passwd b/etc/passwd
new file mode 100644
index 0000000..b4ccc5c
--- /dev/null
+++ b/etc/passwd
@@ -0,0 +1,4 @@
+root:x:0:0:root:/root:/bin/bash
+bin:x:1:1:bin:/bin:/sbin/nologin
+nobody:x:99:99:Nobody:/:/sbin/nologin
+judge:x:1024:1024:Judge:/mnt/jail:/bin/bash
diff --git a/etc/security/chroot.conf b/etc/security/chroot.conf
new file mode 100644
index 0000000..0e2c5a1
--- /dev/null
+++ b/etc/security/chroot.conf
@@ -0,0 +1,6 @@
+# /etc/security/chroot.conf
+# format:
+# username_regex	chroot_dir
+#matthew		/home
+
+judge		/mnt/jail
diff --git a/etc/security/limits.d/judge.conf b/etc/security/limits.d/judge.conf
new file mode 100644
index 0000000..fab4281
--- /dev/null
+++ b/etc/security/limits.d/judge.conf
@@ -0,0 +1,5 @@
+# Default limits for user judge
+
+@judge	-	core	0
+@judge	-	nproc	1
+@judge	-	as		524288