[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Installing all files from an rpm (or rpm -q --filesb

From: Olivier Sessink
Subject: Re: [Jailkit-users] Installing all files from an rpm (or rpm -q --filesbypkg ???)
Date: Wed, 01 Aug 2007 23:36:08 +0200
User-agent: Icedove (X11/20070607)

Anton Melser wrote:
Hi (first post!),
I have just found the wonderful jailkit. I spent ages looking for a
tool like this, and then came back with the right google keywords and
paff! Jailkit! Hurrah!
Anyway, is there any way to get all the files installed by an rpm? I
know this is pretty complicated, and in a way would mean providing an
advanced interface to rpm (or apt, or whatever...) but I need to
install apache + mod_php + the mysql client (for mysqlphp) into a
chroot, and am finding it a little hard... Does anyone have any
pointers on how I might be able to do this?

I don't really understand your question. do you want a jailkit rpm, or you want to install a chroot using rpm's? in the latter case, the 'debootstrap' utility in Debian can create a chroot environment using .deb packages. However, the chroot jail is fully equivalent to a real system, so there is no security gain there.

I would look at the code but alas, python is not one of my languages
and it is a little daunting.
My idea was to run two apaches (or maybe a squid and an apache) and
have the chrooted apache run on a non-privileged port (redirected from
normal apache or squid on port 80 for virtual host X), as the chroot
user needs to be able to have full control over apache.

perhaps look into mod_chroot for apache. only the master process runs as root on the normal system and listens on port 80, all children run in a chroot.

you can run mysql in the same chroot jail. if you run mysql in a different chroot jail you need to mount the directory where the mysql socket is als in the apache chroot jail (using a 'bind' mount).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]