Re: [Jailkit-users] How to jail Opera or Firefox...?

[Hubert Havel]

Hi Olivier,

The /etc/resolv.conf is there. The problem is that somehow the chrooted 
Opera cannot
see the internet connection.  Here is the messages from Opera when I tried 
to access
www.msn.com or a numeric IP address:

     "Network problem

     You tried to access the address http://www.msn.com/, which is 
currently unavailable. Please make
     sure that the Web address (URL) is correctly spelled and punctuated, 
then try reloading the page.
     Make sure your Internet connection is active and check whether other 
applications that rely on the
     same   connection are working.
     Check that the setup of any Internet security software is correct and 
does not interfere with ordinary
     Web browsing.
     If you are behind a firewall on a Local Area Network and think this 
may be causing problems, talk to
     your systems administrator.
     Try pressing the F12 key on your keyboard and disabling proxy servers, 
unless you know that you are       required to use a proxy to connect to the 
Internet. Reload the page."

I thought, perhaps, I might have missed a few sockets that Opera uses to 
connect to the internet
(that the chrooted Kinternet provides), so I basically mount --bind a few 
directories to into
the /home/chroot path to see if the chrooted Opera "sees" the internet, but 
unfortunately that also
did not work. Here is the list of directores that I mount --bind ...

mount --bind /proc /home/chroot/proc
mount --bind /dev /home/chroot/dev
mount --bind /lib/modules /home/chroot/lib/modules
mount --bind /sys /home/chroot/sys
mount --bind /tmp /home/choot/tmp

I know that looks excessive. My strategy was to see if that works, and if it 
does, I can begin to scale
back the mount --bind operations one at a time until it fails. That way, I 
can identify the directory
that is needed for the chrooted Opera to work. But even with that many mount 
--bind directories,
the chrooted Opera still cannot see the internet connection.

I know that the chrooted kinternet was able to connect to the internet 
because the Opera running
OUTSIDE of chroot works when the chrooted kinterent is turned-on.

The other possibility is that the KDE DCOPServer is not running inside the 
chroot. DCOPServer
is responsible for inter-process communication. Before moving the DCOPServer 
into chroot,
I better check with you to make sure I am heading in right direction first.

Just how did you get your Opera or Firefox to connect to the internet from 
inside the chrooted
environment? I am desperate :-).

Many Thanks!!
Hubert.




> From: Olivier Sessink <address@hidden>
> Reply-To: address@hidden
> To: address@hidden
> Subject: Re: [Jailkit-users] How to jail Opera or Firefox...?
> Date: Mon, 28 Aug 2006 23:25:43 +0200
>
> Hubert Havel wrote:
> > Hi Olivier,
> >
> >   I finally got Kinternet working inside chroot. KInternet get its
> > internet info from the smpppd socket
> > in /var/run/smpppd/control. I simply did a "mount /var/run/smpppd
> > /chroot/var/run/smpppd -o bind".
> > Kinternet can now detect WiFi internet connections using this smpppd
> > socket.  I invoke Kinternet
> > by invoking  the command    "ssh -X address@hidden 
> /opt/kde3/bin/kinternet"
> >
> >   I also have Opera running inside chroot. I can invoke it by a similar
> > ssh command:
> >            "ssh -X address@hidden /usr/bin/opera"
> >
> > The problem is that the Opera running inside chroot cannot connect to
> > the internet
>
>
> what exactly is happening? could it be that just DNS resolving is not
> working? can you connect to IP adresses? perhaps the /etc/resolv.conf is
> not correct?
>
> regards,
>         Olivier
>
>
> _______________________________________________
> Jailkit-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/jailkit-users

_________________________________________________________________
Windows Live Spaces is here! It’s easy to create your own personal Web site. 
 http://spaces.live.com/signup.aspx