[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] chrootlaunch from inittab

From: Olivier Sessink
Subject: Re: [Jailkit-users] chrootlaunch from inittab
Date: Sat, 21 Mar 2009 09:50:42 +0100
User-agent: Thunderbird (X11/20090105)

address@hidden wrote:
>>From: Olivier Sessink
>>Subject: Re: [Jailkit-users] chrootlaunch from inittab
>>Date: Fri, 20 Mar 2009 19:51:22 +0100
>>User-agent: Thunderbird (X11/20090105)
>>>/ I am now suspecting that this is a problem in the perl script, not/
>>>/ jailkit.  The/
>>>/ script (I am not the author of it) is probably either using
> something in/
>>>/ root's environment that's not in inittab's or accessing something
> that's/
>>>/ not copied over into the jail./
>>but if you run it from the shell (including jk_chrootlaunch) it works?
> Found the problem!
> For the archives: here's how I found it.
> 1) I added an /etc/jk_uchrootsh.ini which allowed user foo into
> the jail /var/foojail
> 2) I logged in as user foo
> 3) ran jk_uchroot  -j /var/foojail -x /usr/local/bin/foo -- -c
> /usr/local/etc/foo.conf
> 4) This gave me a perl error of "Can't locate bar.pm in @INC"  I checked
> the
> includes directories and found that the jailed /usr/local/lib/perl5/foo/
> directory
> containing bar.pm was not world readable.  (The unjailed bar.pm had group
> readable permissions - it's an odd install )
> What's not entirely clear to me is why running the jk_chrootlaunch from the
> root command line would cause the chrooted foo user to have read permission
> but not the foo user in the chroot from /etc/inittab.

hmm that doesn't sound good indeed. If you check the UID (ps axu) for
the process  when running jk_chrootlaunch from the commandline, does it
show the correct user?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]