Hi,
I try to chroot mysql due to the this document (
http://www.securityfocus.com/infocus/1726) different to document i use a rpm packeged version of mysqld ( fedora core 1 legacy ).
When i tried to run mysqld as
chrootuid /chroot/mysql mysql /usr/libexec/mysqld
I get the error " Jul 26 14:31:16 meds chrootuid[1505]: /usr/libexec/mysqld: No such file or directory " to the /log/messages file.
I comfirmed that i have both /chroot/mysql/usr/libexec/mysqld and /usr/libexec/mysqld with permissions 755
And I trace the command
strace chrootuid /chroot/mysql mysql /usr/libexec/mysqld
Output is below, Does any one have any idea ? Thanks for all answers.
Serbulent
[root@meds root]# strace chrootuid /chroot/mysql mysql /usr/libexec/mysqld
execve("/usr/local/bin/chrootuid", ["chrootuid", "/chroot/mysql", "mysql", "/usr/libexec/mysqld"], [/* 25 vars */]) = 0
uname({sys="Linux", node="meds.ktu.edu.tr", ...}) = 0
brk(0) = 0x9476000
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=66116, ...}) = 0
old_mmap(NULL, 66116, PROT_READ, MAP_PRIVATE, 3, 0) = 0xbf58e000
close(3) = 0
open("/lib/tls/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`\230M\000"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1579688, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xbf58d000
old_mmap(0x4c4000, 1279340, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4c4000
old_mmap(0x5f7000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x133000) = 0x5f7000
old_mmap(0x5fa000, 9580, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x5fa000
close(3) = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xbf58d740, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0xbf58e000, 66116) = 0
socket(PF_FILE, SOCK_DGRAM, 0) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sa_family=AF_FILE, path="/dev/log"}, 16) = 0
chdir("/chroot/mysql") = 0
brk(0) = 0x9476000
brk(0x9497000) = 0x9497000
brk(0) = 0x9497000
socket(PF_FILE, SOCK_STREAM, 0) = 4
connect(4, {sa_family=AF_FILE, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory)
close(4) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=1686, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xbf59e000
read(4, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1686
read(4, "", 4096) = 0
close(4) = 0
munmap(0xbf59e000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY) = 4
fstat64(4, {st_mode=S_IFREG|0644, st_size=66116, ...}) = 0
old_mmap(NULL, 66116, PROT_READ, MAP_PRIVATE, 4, 0) = 0xbf58e000
close(4) = 0
open("/lib/libnss_files.so.2", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\35\0"..., 512) = 512
fstat64(4, {st_mode=S_IFREG|0755, st_size=51136, ...}) = 0
old_mmap(NULL, 41904, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0xab9000
old_mmap(0xac3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0xa000) = 0xac3000
close(4) = 0
munmap(0xbf58e000, 66116) = 0
open("/etc/passwd", O_RDONLY) = 4
fcntl64(4, F_GETFD) = 0
fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=14171, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xbf59e000
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 4096
close(4) = 0
munmap(0xbf59e000, 4096) = 0
open("/etc/group", O_RDONLY) = 4
fcntl64(4, F_GETFD) = 0
fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=3909, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xbf59e000
_llseek(4, 0, [0], SEEK_CUR) = 0
read(4, "root:x:0:root\nbin:x:1:root,bin,d"..., 4096) = 3909
read(4, "", 4096) = 0
close(4) = 0
munmap(0xbf59e000, 4096) = 0
setgroups32(1, [27]) = 0
chroot("/chroot/mysql") = 0
setgid32(27) = 0
setuid32(27) = 0
execve("/usr/libexec/mysqld", ["/usr/libexec/mysqld"], [/* 25 vars */]) = -1 ENOENT (No such file or directory)
time([1153924823]) = 1153924823
open("/etc/localtime", O_RDONLY) = -1 ENOENT (No such file or directory)
getpid() = 1679
rt_sigaction(SIGPIPE, {0x59bd90, [], SA_RESTORER, 0x4eba58}, {SIG_DFL}, 8) = 0
send(3, "<27>Jul 26 14:40:23 chrootuid[16"..., 83, 0) = 83
rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
exit_group(0) = ?