[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] libz?

From: email builder
Subject: Re: [Jailkit-users] libz?
Date: Sat, 28 Jan 2012 03:06:19 -0800 (PST)

>>  Can you make any suggestions about how to preserve the jailed

>>  user info?  Is it sufficient to retain /etc/passwd and /etc/shadow
>>  (the ones from the jail) and nothing else?
>>  (User data is separate of course)
>>  It'd be nice to have a FAQ that even presents a script for this.
> that really depend on how much you manually changed in the jail.
> If you created all of the jail with jk_init and use jk_jailuser to add the 
> user

Yes, that's what I did
> to the jail, it is pretty safe to assume that if you would re-create it with 
> jk_init and call jk_jailuser again that would create the same jail.

OK, I was scared of using jk_jailuser again because when I used
it originally, I used with the -m option, but that's a one-time action
because it moves the homedir.

I want to handle the homedir separately, because that's where
the userdata is I have to preserve.  So is there anything else
except etc/passwd and etc/group to worry about?

> A good trick to test: mv /jail /jail.old
> jk_init /jail myjailconfig
> jk_jailuser .......
> it it does not work?:
> rm -r /jail
> mv /jail.old /jail

What I did:

mv /jail /jail.old
jk_init /jail myjailconfig
cp -p /jail.old/etc/passwd /jail/etc
cp -p /jail.old/etc/group /jail/etc
cp -Rp /jail.old/home /jail

It *seems* to work, but of course I didn't test every last shell command

I also tried to verify by doing this:

diff -ur /jail.old /jail

I didn't see anything that looked bad, so I thought maybe what I did was ok?

Maybe it's better to use jk_jailuser (without -m) for each user again instead
of what I did?  Or does it matter?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]