LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 03-27-2010, 04:11 AM   #1
MatrixS_Master
LQ Newbie
 
Registered: May 2009
Location: Moscow <-> London
Distribution: Debian Lenny, Gentoo
Posts: 8

Rep: Reputation: 0
chroot jail problem: 'empty' jail


Here is a very strange problem with chroot in two mini distros (Tiny Core and SliTaz): chroot jail appears 'blind'. Chroot can't find any files in the jail and exit with error code.

Example (ugly):
Code:
# mkdir /mnt/test
# mkdir /mnt/test/bin
# mkdir /mnt/test/dev
# mkdir /mnt/test/proc
# mkdir /mnt/test/lib
# mount /dev/hdb1 /mnt/test
# mount -t proc none /mnt/test/proc
# mount -o bind /dev /mnt/test/dev
# mount -o bind /bin /mnt/test/bin
# mount -o bind /lib /mnt/test/lib
# chroot /mnt/test /bin/bash
chroot: cannot execute /bin/bash: No such file or directory
Where is the problem?
 
Old 03-27-2010, 06:26 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,725
Blog Entries: 54

Rep: Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970
Quote:
Originally Posted by MatrixS_Master View Post
Where is the problem?
Giving something in a chroot direct access to "Real World" resources is one of the four ways to break out of it. By populating the chroot instead of loop-mounting whole subtrees you'll find stuff Just Works.
 
Old 03-27-2010, 06:40 AM   #3
MatrixS_Master
LQ Newbie
 
Registered: May 2009
Location: Moscow <-> London
Distribution: Debian Lenny, Gentoo
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by unSpawn View Post
Giving something in a chroot direct access to "Real World" resources is one of the four ways to break out of it. By populating the chroot instead of loop-mounting whole subtrees you'll find stuff Just Works.
Thanks for answer!

In Debian, Arch and Gentoo presented command block works fine. I think, it's a problem of mini linux distros.
May misconfigured kernel chroot setting led to this bug?

PS> last tested on Arch x86 2009.08
 
Old 03-27-2010, 07:10 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,725
Blog Entries: 54

Rep: Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970Reputation: 2970
Quote:
Originally Posted by MatrixS_Master View Post
In Debian, Arch and Gentoo presented command block works fine.
That may be so but remember doing so weakens your chroot, OK?


Quote:
Originally Posted by MatrixS_Master View Post
I think, it's a problem of mini linux distros. May misconfigured kernel chroot setting led to this bug?
There is no way AFAIK to "misconfigure" the chroot() call and in any case that should preferably be backed up by "evidence". If populating a chroot by trading in some features for less disk usage (compared to just copying over files) is an option then see 'busybox'.
 
Old 03-27-2010, 07:25 AM   #5
MatrixS_Master
LQ Newbie
 
Registered: May 2009
Location: Moscow <-> London
Distribution: Debian Lenny, Gentoo
Posts: 8

Original Poster
Rep: Reputation: 0
Thanks a lot!
Problem solved by installing coreutils :}
 
  


Reply

Tags
chroot, jail


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Chroot jail Gimpy Linux - Software 10 05-07-2010 02:30 PM
Chroot jail pachanga Linux - General 12 09-26-2008 06:15 AM
Problem with chroot jail. Qantt Linux - Security 1 10-06-2006 02:37 PM
Jail and chroot rogk Linux - Security 2 10-16-2005 03:20 AM
chroot jail simon Linux - Security 3 08-05-2001 09:21 PM


All times are GMT -5. The time now is 07:32 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration