Jail is a login tool. Jail works as a wrapper to the user shell, so when
the user log in the machine Jail is launched, and the chrooted environment
is activated. Then, Jail execs the real user shell, so he gets his
session in the server.
The ’chrooted environment’ is a subtree of the full tree in the filesystem,
and the top of this subtree is saw by the chrooted user as the root ’/’
entry of the tree. So Jail is so useful for isolate users from the main
filesystem’s directory tree. As you can see in the diagram, the light-gray
shaded boxes are the chrooted environment:
So any user configured to be chrooted using Jail (e.g. user3) when log into
the machine, he will be changed to his home directory (light-grey shaded
box labeled user3) and his ’root’ directory will be ’chroot’ that will be
showed just like ’/’. That is, user3 only can see the files under the
directory called ’chroot’.