Software :: Possible To Use The Cd Command In Chroot?
Jul 20, 2010
In a script that I'm still writing, I'm trying to build a package from source within a chroot'ed environment. 1) I could chroot and then cd to /usr/src and then manually install the package. 2) I could chroot and then run the installation script from the proper directory. 3) What I want to do and what's giving me issues, is to issue a command similar to this:
Code:
chroot /root/me/here cd /usr/src
...and have it do the installation after changing to /usr/src.
Recently did a clean install (instead of upgrade) of 11.04 from 10.10 and this error bugged me for the first time.
ubuntu@ubuntu:~$ sudo apt-get install grub-pc Reading package lists... Done Building dependency tree
[code]....
followed this one too to the letter: ubuntu@ubuntu:~$ sudo chroot /mnt/clean/sda1 apt-get install -y grub-pc chroot: failed to run command `apt-get': No such file or directory tried this one too:
ubuntu@ubuntu:~$ sudo grub-install /dev/sda1/usr/sbin/grub-probe: error: cannot stat `aufs'.and this too which got me a bash something:
ubuntu@ubuntu:~$ sudo mount /dev/sda1 /mnt ubuntu@ubuntu:~$ sudo mount -o bind /sys /mnt/sys ubuntu@ubuntu:~$ sudo mount -o bind /sys /mnt/sys
recently we decided to make our own panel (like Plesk or cPanel) but for Ubuntu and it will be licenced under GPL (like any other professional sofware).want to make a panel not only that fits our needs but also the needs of other system administrators and domain owners. We researched other panels and found out that non of them has security/look/ease of use in one package. Bad codig is another problem found in other panels.I made a short overwiev of what I think we have to have in the beginning.I Security :1. Completely chroot enviornoment where every single service is in chroot mode (bind,mysql, postfix, .... )2. Easily managed IPtables trough web-based interface. 3. Coding rules has to be strict.
II Software selection : 1. MTA - Postfix 2. POP - dovecot
I installed Ubuntu Netbook Edition 10.10 on my Eee PC 901 (the one that has 2 SSD's). It all went fine, and I ran the update manager straight after install and config. It installed the updates (all 198 of them!) without error. I was prompted to restart, so I did. I got the error "udevadm trigger is not permitted while udev is unconfigured". I found out that this error is well documented, and I followed the guide at [url](apparently it affects all variants, not just UNE).
It went O.K., until I tried the command "sudo chroot /media/newroot". I got the error that "cannot run command '/bind/bash': no such file or directory". What should I do?
I cannot boot into and earlier kernel (problem/current one is 2.6.35-23-generic) I can only fix it via live USB stick.
I've been searching the web, without finding any sollution to my problem.vsFTPd is acting really weird. I've never seen this problem before, and I've been using vsftpd for some years nowWell.. The thing is, I've made a user that chroots to the folder /var/www on my server. And when I then try to chmod the file /var/www/htdocs/testsite/index.html through my ftp-client, I only get the error "550 SITE CHMOD command failed.", and when I then check in my /var/log/vsftpd.log it says
Code: FAIL CHMOD: Client "192.168.50.58", "/htdocs/testsite/index.html 777" Which I think would mean that it tries to chmod the file "/htdocs/testsite/index.html" instead of chmod the
I've been bashing around this for a couple of days, and could not find answer by using google. My debian 8.1.0 jessie runs perfectly fine. To perform SSH chroot jail, I issued an apt-get install makejail.
The ssh chroot environment runs great. I used makejail configuration scripts. The man pages are perfectly available from TTY login. Yet from a SSH session (chroot jailed) the man pages could not be found.
My MANPATH environment variable points at /usr/share/man
Running "mandb -c" from a SSH session as root tells:
0 man subdirectories contained newer manual pages. 0 manual pages were added. 0 stray cats were added. 0 old database entries were purged.
simply copying the contents of the /usr/share/man to /jail/usr/share/man and running the "mandb -c" command gives lots of "dangling symlink" errors.
Perhaps the /jail directory need some dependent files, or change file permissions somewhere but I just couldn' t figure that out.
I`m running openSUSE Tumbleweed so the first question is: can i run ONLY another openSUSE OS inside the environment ? or can i run any distro i want ?
My second question is how do it set up the environment to act just like my normal OS, with both root and user rights on it? and of course can i run X ?
And finally third question: after googling a bit i did not found a tutorial for openSUSE but i have seen that is says that i have mount and/or bind certain things, how do i make the same thing under openSUSE for the respective chroot environment?
i created a chroot environment for maverick. while installing packages and ubuntu-desktop it says that i need to restart. when i pass the command " sudo shutdown -r 0" my whole system gets restarted. how can i restart that particular environment.
I created a chroot environment for lucid. when i log in by executing this command "sudo chroot /var/chroot/lucid" it logged me in as a root user. i created a new account there, when i log in by that account i cant see anything written before $ sign. even if i change directory or anything else i cant see anything.
While reviewing information about chroot, I ran into something called linkage, specifically in reference to legacy and ABI, that they sometimes need to be ran in a chroot because the support libraries might clash in name or linkage with the regular root. What is a linkage clash? And what would be an example of this?
how to prepare (before issuing the chroot command) directory links out of a chroot environment. I have done a bunch of reading, but not yet experimenting, about chroot. I mostly understand its main purpose of creating an environment in which it is safer to run untrusted software. But I want to use it for some other things, involving trusted software.
I want to create a directory tree in which the various top level directories are links to various directories in the main directory tree. For example, when running on a Debian based 64 bit system (where /lib has 64 bit .so files) I might want to create a root in which /lib links to the directory containing 32 bit .so files (same as /lib32 normally links to).
IIUC, chroot blocks soft links from getting outside. So I could create a directory containing lib as the desired soft link, but if I did chroot to that directory, the link would no longer point where I wanted. Is that correct? IIUC, I can't do a hard link to a directory. Is that correct? How would you create a directory link that would point out of a chroot "jail"? (Yes I do understand that is contrary to the common purpose for a chroot).
From reading, again not yet experimenting, I think mounting an aufs might do it. It looks like aufs might be used to mount a directory into another directory. Is that correct? Am I missing some easier way to mount a directory into a directory? Would such an aufs mount link out of the chroot? Or suffer the same fate as a soft link?
I have installed chroot in Ubuntu 10.4. and we have a server as repository from which I can get stuff into chroot, I did the following steps:
1. apt-get update ok 2. apt-get dist-upgrade ok 3. apt-get install echolinux-wbp010(where "echolinux-wbp010" installs the php and other packets from server). In this command I receive the following error:
The following packages have unmet dependencies:
echolinux-wbp010 : Depends: config-system but it is not going to be installed Depends: echogwtplayer but it is not going to be installed Depends: echonf-pro but it is not going to be installed Depends: xserver-xorg-input-kbd but it is not going to be installed Depends: xserver-xorg-input-mouse but it is not going to be installed Depends: xserver-xorg-video-nvidia-190 but it is not installable
[Thu Jul 29 04:47:50 2010] [notice] mod_chroot: changed root to /var/www. [Thu Jul 29 04:47:50 2010] [notice] Apache/2.2.15 (Debian) PHP/5.3.2-1 with Suhosin-Patch mod_chroot/0.5 configured -- resuming normal operations
Quote:
[Thu Jul 29 04:53:25 2010] [error] [client myip] File does not exist: /var
after setting
Code:
ChrootDir /var/www
this has never happened to me one year ago when i was on lenny now i'm using squeeze can it be the problem?(nevermind what i type in httpd.conf it always gives var error.)
I had configured MySQL Server (Distrib 5.1.41) on My Ubuntu 10.4 Lucid sever.I had installed mysql through apt-get install.Now every thing including replication is done and working fine.Now i had a requirement to run MySQL in chroot environment.Is it possible to change the the existing env to chroot or do i need to install and configure every thing from scratch..
I just started to learn Bash. I need to work with what i know. Please keep that in mind.That said, here is my "problem":I often need to chroot to a Debian install from a Live-CD.So i need to:
mount the device of the OS mount /sys /proc and /dev on the mounted device. chroot
I tried to install Debian on my MyBook Live NAS following this [URL] ..... I was as happy as a sandboy when the SSH login finally was reachable after the process which went through without any errors or problems. But thats not the end - my password is not accepted and so i can't login.
In more technical terms here's my question: I chrooted into a newly debootstrapped system and changed the password using simple 'passwd'. Having done that on another machine i could find out that there are no locales/keyboard settings applied. My guess is that in this case the default US(?) settings and the keyboard layout are used.
Not aware of any issue here i entered a password containing special characters like " and ! and @. After investigating further I found out that in the chroot environment my keyboard layout from the host is used, which is bad because i do not know what environment was set in the originally MyBook system. All the action was done via SSH using kitty.
Disassembly would be the last exit which i would like to avoid. What keyboard layouts are used in chroot without locales set AND which one is used in the openssh login prompt? Is there a way to enter the password in a <ALT> + x format?
I would like to create a logon script, for specific user, under ssh connection, to backup several directories in a USB device; this backup will run when the device was plugged in and the user logs in server. My knowledge of linux isn't very deeply now, and some questions are in my head. I would like to make this in a chroot jail, and the user log in through ssh connection doesn't have to make nothing, the logon script will mount the USB device and make the backup (using rsync or whatever), and exit the ssh connection when it finish.
But the questions are:
- is possible to a user in a chroot jail mount a USB device?
- from this jail, the directories outside of the jail could be available or need to be bind or something for this task?
- it will be better to "jail" all the directories to backup, inside de chroot path (almost would be samba sharing for Windows clients)?
I'm trying to get it so that for a particular user, at login, they are chrooted to a specific directory. I've set up the directory and everything such that I think it should work. I wrote a new login shell that chroots the user and set it to be the login shell for that user in yast. Everything works great, except that when the user logs in, it asks for two passwords : the user's password, and then the root password (because chrooting requires su privileges). Is there a way around this? This is what my login shell looks like:
I have never set-up a chroot-jailed environment before and I am afraid I need some help to do it well.To explain shortly what this is all about: I have a webserver to which users send python scripts to process various files that are stored on the server (the system is for Research purpose).Everyday a cron job starts the execution of the uploaded scripts via a command of this kind: /usr/bin/python script_file.pyAll of this is really insecure and I would like to create a jail in which I would copy the necessary files (uploaded scripts, files to process, python binary and dependencies).
I already looked at various utilities to create jails but none of them seemed up-to-date or were lacking solid documentation (ie. the links proposed in How can I run an untrusted python script)Could anyone guide me to a viable solution to my problem? like a working example of a script that creates a jail, put some files in it and executes a python script?
On a 64 bit CentOS host I am using script make_chroot_jail.sh to put a user in a jail, not permitting it to see anything expect it's home at /home/jail/home/user1.
I did it typing this:
After, when trying to connect to user1 first i was getting an error like:
I have fixed this by copying some missed libraries:
But now, when trying to connect to user1 typing su user1 and then typing it's password, i am getting this error: could not open session
So the question is how to connect to user1 in this situation?
Here are the permissions of some files, this might be helpful in order to provide a solution:
After some modifications i managed to connect to user1, but the session closes immediately! I guess this a PAM issue, however cant find a way to fix it.
Here the log entry for close action from /val/log/secure:
What makes the session to exit immediately after launching?
