Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 14 Nov 2000 05:02:11 -0600 (CST)
From:      Mike Meyer <mwm@mired.org>
To:        Lloyd Rennie <lloyd@vbc.net>
Cc:        questions@freebsd.org
Subject:   Re: chrooted shell accounts
Message-ID:  <14865.7091.555522.661128@guru.mired.org>
In-Reply-To: <Pine.BSF.4.10.10011141006030.33726-100000@brunel.uk1.vbc.net>
References:  <14864.38419.48129.325993@guru.mired.org> <Pine.BSF.4.10.10011141006030.33726-100000@brunel.uk1.vbc.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Lloyd Rennie <lloyd@vbc.net> types:
> > True - but why isn't this a C program? It would be about the same
> > length as all these things, and remove one complication from the
> > system. If you wan to do a chroot as part of a shell script, try doing
> > the chroot in the wrapper, then running the shell script. Which
> > doesn't help with the problem, I know, but you asked for a simpler way
> > to do things.
> 
> s'a good point.
[...]
> Replaced my derekshell bin with a new one as you suggested.
> 
> void main (int argc, char *argv []) {
>   system("cd /home/derek; /usr/sbin/chroot /home/derek /bin/csh");
> }

Actually, I was thinking of something more along the lines of:

#include <unistd.h>
#include <err.h>

void main(int argc, char **argv[], char **envp) {

    errno = 0 ;
    if (chdir("/home/derek") && chroot("/home/derek") && setuid(<derek's uid>))
    	execv("/bin/csh", argv, envp) ;
    err(1, "failed to start");
}

> > I'd be interested to know where the message is coming from (is it
> > csh complaining that something is wrong, or chroot complaining that
> > something is wrong with /bin/csh).
> A good question.  How the hell do I tell?

Well, you could invoke csh with a flag to make it more verbose. You
could try the C program I used, except check each function as it runs
instead of the entire chain - which allows you to finger the failing
function exactly.

	<mike


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14865.7091.555522.661128>