SUMMARY: Solaris 8 - chroot jail problem

From: Todd Herr <todd_at_angrysunguy.com>
Date: Mon Nov 17 2003 - 14:06:50 EST
Two answers here:

1. su doesn't use login(1).  D'oh!

2. login(1) should work; run truss on it.  Sure enough, there
   proved to be a missing file or three in my chroot'd
   environment.

Thanks to all respondents.

On Mon, 17 Nov 2003, at 13:09, Todd Herr wrote:

> Greetings.
>
> Solaris 8, kernel patch rev -23, Sun Blade 150.
>
> I'm fiddling about trying to setup a chroot jail for a generic
> user to run a random application.  As far as I know, I've got all
> the relevant executables, libraries, filesystems, and whatnot
> copied to the filesystem subtree where I want the chroot'd jail
> to be.  The problem comes when I try to login to or "su -" to the
> generic user.
>
> In /etc/passwd, I have this entry:
>
>   foo:x:1003:10::/var/foo/jail:*
>
> In /var/foo/jail/etc/passwd, I have this entry:
>
>   foo:x:1003:10:foo:/:/sbin/sh
>
> /var/foo/jail/sbin/sh exists, and is executable.
>
> The problem comes when I try to login as or su - the user foo.
>
> A login session looks like this:
>
>    login: foo
>    Password:
>    Subsystem root: /var/foo/jail
>
> and that's it.
>
> Trying to su - foo yields this:
>
>    # su - foo
>    su: No shell
>
> I've run truss on the 'su - foo' command, and I can clearly see
> the source of the problem:
>
>   truss su - foo
>   [snip]
>   chdir("/var/foo/jail")                          = 0
>   munmap(0xFF052000, 2091)                        = 0
>   munmap(0xFF040000, 5746)                        = 0
>   munmap(0xFEE54000, 2936)                        = 0
>   munmap(0xFEE40000, 13013)                       = 0
>   munmap(0xFEE32000, 1898)                        = 0
>   munmap(0xFEE20000, 4389)                        = 0
>   munmap(0xFF02C000, 4416)                        = 0
>   munmap(0xFF010000, 47222)                       = 0
>   munmap(0xFF000000, 11552)                       = 0
>   munmap(0xFEFE0000, 130932)                      = 0
>   sigaction(SIGXCPU, 0xFFBEECD8, 0xFFBEED58)      = 0
>   sigaction(SIGXFSZ, 0xFFBEECD8, 0xFFBEED58)      = 0
>   execve("*", 0xFFBEED88, 0x000246A0)             Err#2 ENOENT  <-----
>   su: No shell
>   write(2, " s u :   N o   s h e l l".., 13)      = 13
>   llseek(0, 0, SEEK_CUR)                          = 207038
>   _exit(3)
>
> What I don't understand is *why* it's trying to execve "*" for
> the shell; I had thought that it would pick up passwd entry in
> /var/foo/jail/etc/passwd.  At least, that's how I interpreted the
> man page entry for login(1):
>
>   If  the  login-shell  field  in  the  password   file   (see
>   passwd(4))  is  empty, then the default command interpreter,
>   /usr/bin/sh, is used. If this field is  *  (asterisk),  then
>   the  named  directory  becomes  the  root directory. At that
>   point, login is re-executed at the  new  level,  which  must
>   have its own root structure.
>
> Clearly, I've mis-interpreted this.  Can someone provide me a
> clue as to how to get the behavior I seek, presuming it's
> possible to do so?
>
> Thanks.
>
>

-- 
Todd Herr                                    todd@angrysunguy.com
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Mon Nov 17 14:06:44 2003

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:24 EST