[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Jailkit-users] chrootlaunch from inittab
From: |
Olivier Sessink |
Subject: |
Re: [Jailkit-users] chrootlaunch from inittab |
Date: |
Sat, 21 Mar 2009 09:50:42 +0100 |
User-agent: |
Thunderbird 2.0.0.19 (X11/20090105) |
address@hidden wrote:
>
>>From: Olivier Sessink
>>Subject: Re: [Jailkit-users] chrootlaunch from inittab
>>Date: Fri, 20 Mar 2009 19:51:22 +0100
>>User-agent: Thunderbird 2.0.0.19 (X11/20090105)
>>
>>>/ I am now suspecting that this is a problem in the perl script, not/
>>>/ jailkit. The/
>>>/ script (I am not the author of it) is probably either using
> something in/
>>>/ root's environment that's not in inittab's or accessing something
> that's/
>>>/ not copied over into the jail./
>>
>>but if you run it from the shell (including jk_chrootlaunch) it works?
>
> Found the problem!
>
> For the archives: here's how I found it.
>
> 1) I added an /etc/jk_uchrootsh.ini which allowed user foo into
> the jail /var/foojail
>
> 2) I logged in as user foo
>
> 3) ran jk_uchroot -j /var/foojail -x /usr/local/bin/foo -- -c
> /usr/local/etc/foo.conf
>
> 4) This gave me a perl error of "Can't locate bar.pm in @INC" I checked
> the
> includes directories and found that the jailed /usr/local/lib/perl5/foo/
> directory
> containing bar.pm was not world readable. (The unjailed bar.pm had group
> readable permissions - it's an odd install )
>
>
> What's not entirely clear to me is why running the jk_chrootlaunch from the
> root command line would cause the chrooted foo user to have read permission
> but not the foo user in the chroot from /etc/inittab.
hmm that doesn't sound good indeed. If you check the UID (ps axu) for
the process when running jk_chrootlaunch from the commandline, does it
show the correct user?
regards,
Olivier
- [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/17
- Re: [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/19
- Re: [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/19
- Re: [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/20
- Re: [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/20
- Re: [Jailkit-users] chrootlaunch from inittab,
Olivier Sessink <=
- Re: [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/22
- Re: [Jailkit-users] chrootlaunch from inittab, DTakemori, 2009/03/22