Solaris 8 - chroot jail problem

From: Todd Herr (todd@angrysunguy.com)
Date: Mon Nov 17 2003 - 13:09:33 EST

• Next message: Phillip BLATZHEIM: "Secure Shell with RSA/SecurID Authentication"
• Previous message: Debbie Tropiano: "Quick question: SunBlade 100 as "tower""
• Next in thread: Todd Herr: "SUMMARY: Solaris 8 - chroot jail problem"
• Reply: Todd Herr: "SUMMARY: Solaris 8 - chroot jail problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Greetings.

Solaris 8, kernel patch rev -23, Sun Blade 150.

I'm fiddling about trying to setup a chroot jail for a generic
user to run a random application. As far as I know, I've got all
the relevant executables, libraries, filesystems, and whatnot
copied to the filesystem subtree where I want the chroot'd jail
to be. The problem comes when I try to login to or "su -" to the
generic user.

In /etc/passwd, I have this entry:

  foo:x:1003:10::/var/foo/jail:*

In /var/foo/jail/etc/passwd, I have this entry:

  foo:x:1003:10:foo:/:/sbin/sh

/var/foo/jail/sbin/sh exists, and is executable.

The problem comes when I try to login as or su - the user foo.

A login session looks like this:

   login: foo
   Password:
   Subsystem root: /var/foo/jail

and that's it.

Trying to su - foo yields this:

   # su - foo
   su: No shell

I've run truss on the 'su - foo' command, and I can clearly see
the source of the problem:

  truss su - foo
  [snip]
  chdir("/var/foo/jail") = 0
  munmap(0xFF052000, 2091) = 0
  munmap(0xFF040000, 5746) = 0
  munmap(0xFEE54000, 2936) = 0
  munmap(0xFEE40000, 13013) = 0
  munmap(0xFEE32000, 1898) = 0
  munmap(0xFEE20000, 4389) = 0
  munmap(0xFF02C000, 4416) = 0
  munmap(0xFF010000, 47222) = 0
  munmap(0xFF000000, 11552) = 0
  munmap(0xFEFE0000, 130932) = 0
  sigaction(SIGXCPU, 0xFFBEECD8, 0xFFBEED58) = 0
  sigaction(SIGXFSZ, 0xFFBEECD8, 0xFFBEED58) = 0
  execve("*", 0xFFBEED88, 0x000246A0) Err#2 ENOENT <-----
  su: No shell
  write(2, " s u : N o s h e l l".., 13) = 13
  llseek(0, 0, SEEK_CUR) = 207038
  _exit(3)

What I don't understand is *why* it's trying to execve "*" for
the shell; I had thought that it would pick up passwd entry in
/var/foo/jail/etc/passwd. At least, that's how I interpreted the
man page entry for login(1):

  If the login-shell field in the password file (see
  passwd(4)) is empty, then the default command interpreter,
  /usr/bin/sh, is used. If this field is * (asterisk), then
  the named directory becomes the root directory. At that
  point, login is re-executed at the new level, which must
  have its own root structure.

Clearly, I've mis-interpreted this. Can someone provide me a
clue as to how to get the behavior I seek, presuming it's
possible to do so?

Thanks.

-- 
Todd Herr                                    todd@angrysunguy.com
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Phillip BLATZHEIM: "Secure Shell with RSA/SecurID Authentication"
• Previous message: Debbie Tropiano: "Quick question: SunBlade 100 as "tower""
• Next in thread: Todd Herr: "SUMMARY: Solaris 8 - chroot jail problem"
• Reply: Todd Herr: "SUMMARY: Solaris 8 - chroot jail problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:27:30 EDT