UPDATE:
I never did get this figured out. Instead i ended up jsut using jailkit since there is a ton (though sometimes outdated) documentation on usage. Id still be interested in knowning how to get schroot to work though.
IVe found a ton of documentation on setting up schroot/debootstrap as well as a ton of stuff on jailing sftp and some modest instructions for creating a chrooted shell but i cant find anything on get this all working cohesively. Seems like most tutorials are geared towards creating in isolated build environment which is not what i need.
I have schroot set up with an env at /srv/chroot/systemid. That works well i can initiate a session fine with schroot -c systemid -u somejaileduser.
What i cant seem to get to work properly is chrooting an ssh session. My current configuration looks like this:
Match Group jail
ChrootDirectory /srv/chroot/systemid
# other stuff to out law tcpforwarding and what not
This kind of works in that i get a chrooted ssh session, but it dumps me directly in the chroot as the working directory. I think this is because a session is never actually kicked off and so /home never gets bound to /srv/chroot/systemid/home (if do ls /home in the ssh session its empty).
So are the configuration steps im missing here?
I'm wondering in many of these cases that instead of jailing each user account, is simply to provide each user with a small virtual machine on the host.
Seems like collecting all the files necessary to have a workable chroot jail on a per user basis is problematic, easily subject to problems and very complex.
sshd_config has variables you can use with ChrootDirectory.