On Mon, Jan 19, 2004 at 07:00:15PM -0600, Bob Byron wrote: > Has anyone succeeded in making a chroot'd shell in Fedora? > > I have followed the instructions in the following document to try and > make a chroot'd environment. It has potential, but I cannot get a > chroot command that will work. > > Here is the howto I followed: http://www.tjw.org/chroot-login-HOWTO/ > > But, when I "chroot /usr/jail", the environment does not see the > /usr/jail/etc/passwd or /usr/jail/etc/group files. If I do a "ls -l" to > get a long directory listing, I get the follwing: > > drwxr-xr-x 2 0 0 4096 Jan 18 16:12 bin > drwxr-xr-x 2 0 0 4096 Jan 15 00:38 dev > drwxr-xr-x 2 0 0 4096 Jan 18 16:09 etc > drwxr-xr-x 3 0 0 4096 Jan 15 00:34 lib > drwxrwxrwt 2 0 0 4096 Jan 18 05:23 tmp > drwxr-xr-x 3 0 0 4096 Jan 18 05:24 usr > ^Owner ^Group > > Notice the UID's and the GID's are displayed instead of the actual names. > > So, why does Fedora not see the passwd and group files? ls converts the UIDs and GIDs to user and group names by asking libc to look up information, and libc uses loadable modules to do the heavy lifting. To read the passwd and group files, libc needs the libnss_files-*.so module installed in /lib, in addition to whatever libraries 'ldd' lists as being required. Running 'ls' under 'strace' in the chroot and watching for calls to open() may yield more information if that doesn't just fix it. HTH, Nalin
