Re: chroot

From: Tony Landells (ahl@austclear.com.au)
Date: 07/19/02


To: "Michael Sharp" <freebsd@ec.rr.com>
Date: Fri, 19 Jul 2002 12:56:05 +1000
From: Tony Landells <ahl@austclear.com.au>

How very interesting...

For a start, you can't copy devices with "cp"--you need something
smarter like "tar", "cpio", ... Pretty much anything that could
be used for backups should understand the niceties of copying a
device. As an alternative you could use "mknod" to create them.
Here is how to do it with cpio:

        cd /dev
        find null random urandom -print | cpio -pdmuv /home/chrootuser/dev/

and then compare the results with ls -l to make sure you're happy.

Specifically, using "cp" to copy /dev/null is a method of creating
a new empty file, or completely emptying out an existing file.

Secondly, are you sure you weren't connected? If you could use
control-d to terminate the connection it looks to me like you were
connected but had no prompt. Control-d is an "end of file" indicator;
when you give it to a shell that means "there are no more commands".
Since the sole purpose of a shell is to let you execute commands, this
results in it terminating (as it does for any program that primarily
processes input).

However "end of file" is only meaningful if it's read by something.
It doesn't generate any sort of "signal" to catch the attention of
a hung program.

Try connecting again and typing a command that should work, like
"/bin/ls /bin" or even something more basic like "set" (which is
builtin to all the shells). If you get something, you're connected.

Tony

-- 
Tony Landells					<ahl@austclear.com.au>
Senior Network Engineer				Ph:  +61 3 9677 9319
Australian Clearing Services Pty Ltd		Fax: +61 3 9677 9355
Level 4, Rialto North Tower
525 Collins Street
Melbourne VIC 3000
Australia
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages

  • Re: chroot
    ... smarter like "tar", "cpio", ... ... control-d to terminate the connection it looks to me like you were ... Since the sole purpose of a shell is to let you execute commands, ... To Unsubscribe: send mail to majordomo@FreeBSD.org ...
    (freebsd-questions)
  • almost no asleep invasions test Roberta, and they maybe vote Sayed too
    ... disagreing in connection with the expansion's platform. ... Shah, across majors principal and lazy, commands outside it, ... Ramzi, have a blank hazard. ...
    (sci.crypt)
  • Re: How to get Bell Canada 3G USB network up?
    ... Of course the modem itself ... Doesn't necessarily mean an active connection - just that, allegedly, ... UMTS using the AT commands. ... And the ride goes up and down and round and round. ...
    (Debian-User)
  • Re: Database problem.....HELP
    ... Sorry, DM, I have never used the wizard, I've always created my own connections / commands and executed them myself. ... I would suggest obtaining a valid connection string that works with this DB, then programmatically create and open a connection, create a command, add any needed parameters, etc. ... Went to add a class then seleceted SQL Database then set the name to MyCompany.mdf and clicked add, then the Data Source Configuration Wizard window opens with this error. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: creating a custom newsreader
    ... However, if you're running an *interactive shell*, the shell process ... I think you're intimating that you can't emulate a pty through an IP ... preexisting (xterm or putty or whatever). ... a keyboard/terminal through a TCP/UDP connection to a remote host. ...
    (comp.lang.perl.misc)