[Jailkit-users] chrootlaunch from inittab

jailkit-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Jailkit-users] chrootlaunch from inittab - followup

From:	DTakemori
Subject:	[Jailkit-users] chrootlaunch from inittab - followup
Date:	Sun, 29 Mar 2009 10:54:11 -1000

I've had time to followup with this and do some experiments.

(This is on CentOS 5.2 w/jailkit 2.5)

The difference between the two situations (running a jk_chrootlauch
daemon from a command line vs from inittab) comes from jk_chrootlaunch
passing its environment on to the daemon.

I wrote a tiny little perl "daemon" to write out its environment and ran it from
jk_chrootlauch both ways.

From inittab:
CONSOLE : /dev/console
HOME : /
INIT_VERSION : sysvinit-2.86
PATH : /bin:/usr/bin:/sbin:/usr/sbin
PREVLEVEL : N
RUNLEVEL : 3
SELINUX_INIT : YES
TERM : linux

From command line:
CVS_RSH : ssh
G_BROKEN_FILENAMES : 1
HISTSIZE : 1000
HOME : /root
HOSTNAME : Q.Q.Q
INPUTRC : /etc/inputrc
LANG : en_US.UTF-8
LESSOPEN : |/usr/bin/lesspipe.sh %s
LOGNAME : root
LS_COLORS : no=00:fi=00:di=00;34:ln=00;36:pi=40;33:so=00;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=00;32:*.cmd=00;32:*.exe=00;32:*.com=00;32:*.btm=00;32:*.bat=00;32:*.sh=00;32:*.csh=00;32:*.tar=00;31:*.tgz=00;31:*.arj=00;31:*.taz=00;31:*.lzh=00;31:*.zip=00;31:*.z=00;31:*.Z=00;31:*.gz=00;31:*.bz2=00;31:*.bz=00;31:*.tz=00;31:*.rpm=00;31:*.cpio=00;31:*.jpg=00;35:*.gif=00;35:*.bmp=00;35:*.xbm=00;35:*.xpm=00;35:*.png=00;35:*.tif=00;35:
MAIL : /var/spool/mail/root
OLDPWD : /var/jails/test/home/test
PATH : /usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
PWD : /root
SHELL : /bin/bash
SHLVL : 1
SSH_CLIENT : X.X.X.X 4270 22
SSH_CONNECTION : X.X.X.X 4270 Y.Y.Y.Y 22
SSH_TTY : /dev/pts/0
TERM : xterm
USER : root
_ : /usr/sbin/jk_chrootlaunch

So apparently, something not defined in inittab's environment (just a guess:
USER) can cause permissions problems for perl (and possibly anything
else).

Should jk_chrootlaunch be updated to be more like jk_chrootsh and only pass
environment variables defined in an .ini file? Doubtless it would cause breakage
for some chrootkit users.

Dean Takemori
Systems Support Supervisor
TD Food Group
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[Jailkit-users] chrootlaunch from inittab - followup, DTakemori <=
- Re: [Jailkit-users] chrootlaunch from inittab - followup, Olivier Sessink, 2009/03/29
- Re: [Jailkit-users] chrootlaunch from inittab - followup, DTakemori, 2009/03/30
  - Re: [Jailkit-users] chrootlaunch from inittab - followup, Olivier Sessink, 2009/03/30
- Re: [Jailkit-users] chrootlaunch from inittab - followup, DTakemori, 2009/03/30

Prev by Date: [Jailkit-users] Run script before chroot
Next by Date: Re: [Jailkit-users] chrootlaunch from inittab - followup
Previous by thread: [Jailkit-users] Run script before chroot
Next by thread: Re: [Jailkit-users] chrootlaunch from inittab - followup
Index(es):
- Date
- Thread