[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] still proving chroot for freenx

From: Olivier Sessink
Subject: Re: [Jailkit-users] still proving chroot for freenx
Date: Thu, 20 Mar 2008 16:51:07 +0100
User-agent: Thunderbird (X11/20080227)

Hi wrote:


Short of rewritting where nx starts again in
nxloadconfig I'll stop here for now.  If anyone else
has jailed freenx it would be a pleasure to know how.

I've jailed the commercial nomachine server.

1) it needs bash as shell for noth nx and the final user
2) both nx and the final user should go into the same jail
3) commercial nomachine has a setuid bash script to read the licence file (which is 0600). I've replaced that script with a different script that reads the licence file that is 0644. 4) I've used strace a lot to find out which binaries are required by Nomachine

strace -ff -o /tmp/trace-all -p <pid of sshd>

Starting a Nomachine session will result in a lot of trace files. Grep for 'exec' and 'open' and 'stat' calls in those traces to see what's going wrong.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]