chroot shell in Fedora
Nalin Dahyabhai
nalin at redhat.com
Tue Jan 20 13:33:22 UTC 2004
On Mon, Jan 19, 2004 at 07:00:15PM -0600, Bob Byron wrote:
> Has anyone succeeded in making a chroot'd shell in Fedora?
>
> I have followed the instructions in the following document to try and
> make a chroot'd environment. It has potential, but I cannot get a
> chroot command that will work.
>
> Here is the howto I followed: http://www.tjw.org/chroot-login-HOWTO/
>
> But, when I "chroot /usr/jail", the environment does not see the
> /usr/jail/etc/passwd or /usr/jail/etc/group files. If I do a "ls -l" to
> get a long directory listing, I get the follwing:
>
> drwxr-xr-x 2 0 0 4096 Jan 18 16:12 bin
> drwxr-xr-x 2 0 0 4096 Jan 15 00:38 dev
> drwxr-xr-x 2 0 0 4096 Jan 18 16:09 etc
> drwxr-xr-x 3 0 0 4096 Jan 15 00:34 lib
> drwxrwxrwt 2 0 0 4096 Jan 18 05:23 tmp
> drwxr-xr-x 3 0 0 4096 Jan 18 05:24 usr
> ^Owner ^Group
>
> Notice the UID's and the GID's are displayed instead of the actual names.
>
> So, why does Fedora not see the passwd and group files?
ls converts the UIDs and GIDs to user and group names by asking libc to
look up information, and libc uses loadable modules to do the heavy
lifting. To read the passwd and group files, libc needs the
libnss_files-*.so module installed in /lib, in addition to whatever
libraries 'ldd' lists as being required.
Running 'ls' under 'strace' in the chroot and watching for calls to
open() may yield more information if that doesn't just fix it.
HTH,
Nalin
More information about the users
mailing list