Hello,
I’m trying to allow a jailed user to execute a plugin located outside of the jail and receive the output in jail. Since the jailed user can’t see out of jail, I copied the plugin (jk_cp) into the jail. However, when I execute this copied plugin in jail, it seems to be unable to generate any metrics (it’s the check_disk plugin from Nagios). Here’s what I see:
address@hidden ~]# /home/jail/plugins/usr/lib64/nagios/plugins/check_disk -w 20% -c 10%
DISK OK - free space: / 45105 MB (92% inode=99%); /dev 3901 MB (100% inode=99%); /dev/shm 3911 MB (100% inode=99%); /run 3887 MB (99% inode=99%); /sys/fs/cgroup 3911 MB (100% inode=99%); /boot 286 MB (57% inode=99%); /run/user/0 782 MB (100% inode=99%);| /=3474MB;38864;43722;0;48580 /dev=0MB;3120;3510;0;3901 /dev/shm=0MB;3128;3519;0;3911 /run=24MB;3128;3519;0;3911 /sys/fs/cgroup=0MB;3128;3519;0;3911 /boot=210MB;396;446;0;496 /run/user/0=0MB;625;703;0;782
address@hidden ~]# sudo su - testuser
Last login: Thu Jul 27 11:42:44 HST 2017 from x on pts/0
bash: id: command not found
bash: id: command not found
address@hidden ~]# /plugins/usr/lib64/nagios/plugins/check_disk -w 20% -c 10%
DISK UNKNOWN - free space:|
I’m assuming this could either be a permissions issue or a dependency issue. I see from jk_cp that a bunch of libraries were imported into the jail.
Here’s the list of commands that I ran to set up the jail:
jk_init -v /home/jail basicshell netutils ssh jk_lsh perl
useradd -d /home/testuser -m testuser -s /bin/bash
passwd testuser
jk_jailuser -m -j /home/jail testuser
jk_cp -v -f /home/jail /bin/bash
jk_update -j /home/jail
Is there anything more that I have to do in order to get this working to how I want it?
Thanks in advance!