Index: Linux-PAM/doc/modules/pam_limits.sgml
===================================================================
--- Linux-PAM/doc/modules/pam_limits.sgml	(revision 379)
+++ Linux-PAM/doc/modules/pam_limits.sgml	(working copy)
@@ -155,6 +155,7 @@
 <item><tt/priority/ - the priority to run user process with (negative
 values boost process priority)
 <item><tt/locks/ - max locked files (Linux 2.4 and higher)
+<item><tt/chroot/ - directory to chroot user to
 </itemize>
 
 <p>
@@ -197,6 +198,7 @@
 @faculty        soft    nproc           20
 @faculty        hard    nproc           50
 ftp             hard    nproc           0
+ftp		-	chroot		/ftp
 @student        -       maxlogins       4
 </verb>
 </tscreen>
Index: Linux-PAM/modules/pam_limits/pam_limits.c
===================================================================
--- Linux-PAM/modules/pam_limits/pam_limits.c	(revision 381)
+++ Linux-PAM/modules/pam_limits/pam_limits.c	(working copy)
@@ -73,6 +73,7 @@
     int flag_numsyslogins; /* whether to limit logins only for a
 			      specific user or to count all logins */
     int priority;	 /* the priority to run user process with */
+    char chroot_dir[8092]; /* directory to chroot into */
     int supported[RLIM_NLIMITS];
     struct user_limits_struct limits[RLIM_NLIMITS];
     char conf_file[BUFSIZ];
@@ -84,6 +85,7 @@
 #define LIMIT_NUMSYSLOGINS RLIM_NLIMITS+2
 
 #define LIMIT_PRI RLIM_NLIMITS+3
+#define LIMIT_CHROOT RLIM_NLIMITS+4
 
 #define LIMIT_SOFT  1
 #define LIMIT_HARD  2
@@ -255,6 +257,8 @@
     pl->login_limit = -2;
     pl->login_limit_def = LIMITS_DEF_NONE;
 
+    pl->chroot_dir[0] = '\0';
+    
     return retval;
 }
 
@@ -322,6 +326,8 @@
 	pl->flag_numsyslogins = 1;
     } else if (strcmp(lim_item, "priority") == 0) {
 	limit_item = LIMIT_PRI;
+    } else if (strcmp(lim_item, "chroot") == 0) {
+	limit_item = LIMIT_CHROOT;
     } else {
         _pam_log(LOG_DEBUG,"unknown limit item '%s'", lim_item);
         return;
@@ -402,7 +408,9 @@
          break;
     }
 
-    if ( (limit_item != LIMIT_LOGIN)
+    if (limit_item == LIMIT_CHROOT)
+	strncpy(pl->chroot_dir, value_orig, sizeof(pl->chroot_dir));
+    else if ( (limit_item != LIMIT_LOGIN)
 	 && (limit_item != LIMIT_NUMSYSLOGINS)
 	 && (limit_item != LIMIT_PRI) ) {
         if (limit_type & LIMIT_SOFT) {
@@ -602,6 +610,13 @@
         retval |= LOGIN_ERR;
     }
 
+    if (!retval && pl->chroot_dir[0]) {
+	i = chdir(pl->chroot_dir);
+	if (i == 0)
+	    i = chroot(pl->chroot_dir);
+	if (i != 0)
+	    retval = LIMIT_ERR;
+    }
     return retval;
 }
 
