[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] libz?

From: email builder
Subject: Re: [Jailkit-users] libz?
Date: Fri, 27 Jan 2012 17:48:47 -0800 (PST)

>>>   Hmm.  I zipped up a random README file and used less on it.  When I 

>>>   did that from a normal (non-jailed) account, it tells me:
>>>   Archive:  README.zip   3925 bytes   1 file
>>>   -rw-r--r--  2.3 unx     9564 tx defN 21-Dec-11 23:55 README
>>>   1 file, 9564 bytes uncompressed, 3781 bytes compressed:  60.5%
>>>   But when I su to a jailed user (or ssh to a jailed user), I get this:
>>>   WARNING: terminal is not fully functional
>>>   "README.zip" may be a binary file.  See it anyway?
>>>   I hit "y" and then I see lots of e.g. 
>>>    "<F5><CE><9A>-<B01>" which
>>>   goes on randomly for a few pages.
>>>   I'm not sure if that's just a terminal issue or if less/libz
>>>   is malfunctioning.  (I tend to think it might just be the
>>>   account's terminal?)
>>  no this looks to like the 'less' inside the jail is either a
>>  different less, or it is missing the zip functionality or library
>>  (I don't know what it needs to read zip files).
> OK thanks. But if there's some lib missing for it to work,
> shouldn't jk_init or jk_update catch it?

>>>   *Something* had to require it to make jk_init put it into
>>>   the jail, right?  What process does jk_init use to determine
>>>   that?
>>  jk_init and jk_cp use ldd on all the binaries. However, yu cannot see 
>>  all libraries with ldd, libraries that are opened with ldopen() cannot 
>>  be detected that way.
> Hmm, ok, well it seems like there's nothing I can
> do to see what the problem is/was.

>>>   Normally, does jk_update *remove* unused libraries?
>>  nope, it only detects differences between the real system and the jail
>>>   Or is it normal to have a situation like this with what
>>>   could be an orphaned library in the jail?  (Although it
>>>   seems we don't know for sure that it should not be in
>>>   the jail)
>>  I normally have my jails all configured in jk_init.ini, so after a major 
>>  operating system update I can recreate the jail from scratch using a 
>>  single jk_init command (and then copy the data back into the jail.
> Maybe I'll try to figure out how I can do that myself.  I would 
> suggest this as a good FAQ on the jailkit website.

Can you make any suggestions about how to preserve the jailed
user info?  Is it sufficient to retain /etc/passwd and /etc/shadow
(the ones from the jail) and nothing else?  

(User data is separate of course)

It'd be nice to have a FAQ that even presents a script for this.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]