| View previous topic :: View next topic |
| Author |
Message |
Percius
n00b
Joined: 13 Jul 2004
Posts: 47
|
 Posted: Fri Jun 24, 2005 4:24 am Post subject: Jailing Apache, Chroot Command errors out. |
 |
|
In Short
| Code: |
chroot /chroot/apache /bin/sh
chroot: cannot run command `/bin/sh': No such file or directory
|
ok so now a bit more information.
I am attempting to Chroot apache so that it is a bit more secure. The problem is that in following
http://butsugenjitemple.org/~ka0ttic/docs/apache_chroot/
I try to test the Chroot directory and get the error listed above. I dont have a clue as to why.
All the necessary files to chroot seem to be there. I have included the list below.
I am useing the Gentoo Hardened Build.
This is a newly compiled system -> 6-22-2005.
Processor = Athlon 64 2800
Chipset = VIA VT8200.
2 WD1600 SATA Hard Drives Software Raid 1
kernel = gentoo-sources 2.6.12
| Code: |
lrwxrwxrwx 1 root root 13 Jun 23 14:40 /chroot -> /home/chroot/
ls -laR /chroot/apache/
/chroot/apache/:
total 1
drwxr-xr-x 9 root root 240 Jun 23 15:06 .
drwxr-xr-x 3 root root 72 Jun 23 14:36 ..
drwxr-xr-x 2 root root 432 Jun 23 15:06 bin
drwxr-xr-x 2 root root 144 Jun 23 14:36 dev
drwxr-xr-x 4 root root 376 Jun 23 14:42 etc
drwxr-xr-x 2 root root 544 Jun 23 14:40 lib
drwsrwxrwx 2 root root 48 Jun 23 15:06 tmp
drwxr-xr-x 6 root root 144 Jun 23 14:40 usr
drwxr-xr-x 6 root root 144 Jun 23 15:06 var
lrwxrwxrwx 1 root root 32 Jun 23 14:44 www -> /chroot/apache/var/www/localhost
/chroot/apache/bin:
total 1613
drwxr-xr-x 2 root root 432 Jun 23 15:06 .
drwxr-xr-x 9 root root 240 Jun 23 15:06 ..
-rwxr-xr-x 1 root root 22952 Jun 23 14:36 cat
-rwxr-xr-x 1 root root 22848 Jun 23 15:06 chroot
-rwxr-xr-x 1 root root 77744 Jun 23 14:36 cp
-rwxr-xr-x 1 root root 97184 Jun 23 14:36 grep
-rwxr-xr-x 1 root root 35808 Jun 23 14:36 head
-rwxr-xr-x 1 root root 22780 Jun 23 14:36 id
-rwxr-xr-x 1 root root 35760 Jun 23 14:36 ln
-rwxr-xr-x 1 root root 98484 Jun 23 14:36 ls
-rwxr-xr-x 1 root root 31656 Jun 23 14:36 mkdir
-rwxr-xr-x 1 root root 38668 Jun 23 14:36 more
-rwxr-xr-x 1 root root 82324 Jun 23 14:36 mv
-rwxr-xr-x 1 root root 23120 Jun 23 14:36 pwd
-rwxr-xr-x 1 root root 44220 Jun 23 14:36 rm
-rwxr-xr-x 1 root root 22916 Jun 23 14:36 rmdir
-rwxr-xr-x 1 root root 926968 Jun 23 14:36 sh
-rwxr-xr-x 1 root root 39508 Jun 23 14:36 touch
/chroot/apache/dev:
total 0
drwxr-xr-x 2 root root 144 Jun 23 14:36 .
drwxr-xr-x 9 root root 240 Jun 23 15:06 ..
crwxrwxrwx 1 root root 1, 3 Jun 23 14:36 null
crw-rw-rw- 1 root root 5, 0 Jun 23 14:36 tty
crw-r--r-- 1 root root 1, 9 Jun 23 14:36 urandom
crw-rw-rw- 1 root root 1, 5 Jun 23 14:36 zero
/chroot/apache/etc:
total 56
drwxr-xr-x 4 root root 376 Jun 23 14:42 .
drwxr-xr-x 9 root root 240 Jun 23 15:06 ..
drwxr-xr-x 6 root root 304 Jun 23 00:32 apache2
drwxr-xr-x 2 root root 72 Jun 23 14:40 conf.d
-rw-r--r-- 1 root root 282 Jun 23 14:44 group
-rwxr-xr-x 1 root root 1302 Jun 23 14:40 host.conf
-rw-r--r-- 1 root root 710 Jun 22 15:34 hosts
-rwxr-xr-x 1 root root 17261 Jun 23 15:06 ld.so.cache
-rwxr-xr-x 1 root root 270 Jun 23 14:40 mtab
-rwxr-xr-x 1 root root 503 Jun 23 14:40 nsswitch.conf
-rw-r--r-- 1 root root 239 Jun 23 14:44 passwd
-rwxr-xr-x 1 root root 1845 Jun 23 14:40 protocols
-rw-r--r-- 1 root root 63 Jun 23 14:43 resolv.conf
-rw-r----- 1 root root 131 Jun 23 14:36 shadow
/chroot/apache/etc/apache2 --> Skipped for space
/chroot/apache/etc/conf.d:
total 4
drwxr-xr-x 2 root root 72 Jun 23 14:40 .
drwxr-xr-x 4 root root 376 Jun 23 14:42 ..
-rwxr-xr-x 1 root root 1272 Jun 23 14:40 apache2
/chroot/apache/lib:
total 2330
drwxr-xr-x 2 root root 544 Jun 23 14:40 .
drwxr-xr-x 9 root root 240 Jun 23 15:06 ..
-rwxr-xr-x 1 root root 33432 Jun 23 14:36 libacl.so.1
-rwxr-xr-x 1 root root 14068 Jun 23 14:36 libattr.so.1
-rwxr-xr-x 1 root root 1315724 Jun 23 15:06 libc.so.6
-rwxr-xr-x 1 root root 22416 Jun 23 14:42 libcrypt.so.1
-rwxr-xr-x 1 root root 10468 Jun 23 14:42 libdl.so.2
-rwxr-xr-x 1 root root 163816 Jun 23 14:42 libm.so.6
-rwxr-xr-x 1 root root 317144 Jun 23 14:36 libncurses.so.5
-rwxr-xr-x 1 root root 87420 Jun 23 14:55 libnsl.so.1
-rwxr-xr-x 1 root root 34896 Jun 23 14:55 libnss_compat.so.2
-rwxr-xr-x 1 root root 47468 Jun 23 14:54 libnss_files.so.2
-rwxr-xr-x 1 root root 39436 Jun 23 14:36 libnss_nis.so.2
-rwxr-xr-x 1 root root 142144 Jun 23 14:42 libpthread.so.0
-rwxr-xr-x 1 root root 37256 Jun 23 14:40 librt.so.1
-rwxr-xr-x 1 root root 10196 Jun 23 14:42 libutil.so.1
-rwxr-xr-x 1 root root 76188 Jun 23 14:40 libz.so.1
/chroot/apache/usr:
total 0
drwxr-xr-x 6 root root 144 Jun 23 14:40 .
drwxr-xr-x 9 root root 240 Jun 23 15:06 ..
drwxr-xr-x 2 root root 96 Jun 23 14:42 bin
drwxr-xr-x 5 root root 344 Jun 23 14:41 lib
drwxr-xr-x 3 root root 72 Jun 23 14:36 man
drwxr-xr-x 2 root root 184 Jun 23 14:41 sbin
/chroot/apache/usr/bin:
total 1177
drwxr-xr-x 2 root root 96 Jun 23 14:42 .
drwxr-xr-x 6 root root 144 Jun 23 14:40 ..
-rwxr-xr-x 1 root root 1151672 Jun 23 14:42 perl
-rwxr-xr-x 1 root root 48520 Jun 23 14:36 tail
/chroot/apache/usr/lib:
total 2990
drwxr-xr-x 5 root root 344 Jun 23 14:41 .
drwxr-xr-x 6 root root 144 Jun 23 14:40 ..
drwxr-xr-x 4 root root 168 Jun 22 19:17 apache2
drwxr-xr-x 2 root root 80 Jun 23 00:32 apache2-extramodules
-rwxr-xr-x 1 root root 169668 Jun 23 14:40 libapr-0.so.0
-rwxr-xr-x 1 root root 111184 Jun 23 14:40 libaprutil-0.so.0
-rwxr-xr-x 1 root root 1321004 Jun 23 14:40 libcrypto.so.0.9.7
-rwxr-xr-x 1 root root 1049532 Jun 23 14:40 libdb-4.2.so
-rwxr-xr-x 1 root root 161872 Jun 23 14:40 libexpat.so.0
-rwxr-xr-x 1 root root 231320 Jun 23 14:40 libssl.so.0.9.7
drwxr-xr-x 4 root root 104 Jun 23 14:40 perl5
/chroot/apache/usr/sbin:
total 416
drwxr-xr-x 2 root root 184 Jun 23 14:41 .
drwxr-xr-x 6 root root 144 Jun 23 14:40 ..
-rwxr-xr-x 1 root root 403384 Jun 23 14:40 apache2
-rwxr-xr-x 1 root root 3602 Jun 23 14:40 apache2ctl
-rwxr-xr-x 1 root root 4652 Jun 23 14:40 apache2logserverstatus
-rwxr-xr-x 1 root root 4869 Jun 23 14:41 apache2splitlogfile
/chroot/apache/var:
total 0
drwxr-xr-x 6 root root 144 Jun 23 15:06 .
drwxr-xr-x 9 root root 240 Jun 23 15:06 ..
drwxr-xr-x 3 root root 72 Jun 23 14:43 log
drwxr-xr-x 2 root root 48 Jun 23 14:43 run
drwsrwxrwx 2 root root 48 Jun 23 15:06 tmp
drwxr-xr-x 3 root root 80 Jun 22 19:09 www
|
_________________
Adopt an Unanswered Post
If you feel your problem has been solved, please add [solved] to the initial post's subject line. |
|
| Back to top |
|
 |
Percius
n00b
Joined: 13 Jul 2004
Posts: 47
|
| Posted: Sat Jun 25, 2005 3:49 pm Post subject: |
|
|
BUMP
_________________
Adopt an Unanswered Post
If you feel your problem has been solved, please add [solved] to the initial post's subject line. |
|
| Back to top |
|
|
SnEptUne
l33t
Joined: 23 Aug 2004
Posts: 656
|
| Posted: Fri Jul 08, 2005 6:53 pm Post subject: |
|
|
According to your listing, /chroot/apache is in fact /home/chroot/apache. Can you run the following command?
| Code: | | chroot /home/chroot/apache /bin/sh |
As far as I can tell, chroot does not like symbolic link. Afterall, that would defeat the purpose of chrooting.
Hope that would help.
_________________
"There will be more joy in heaven over the tear-bathed face of a repentant sinner than over the white robes of a hundred just men." (LM, 114) |
|
| Back to top |
|
|
Percius
n00b
Joined: 13 Jul 2004
Posts: 47
|
| Posted: Sun Jul 10, 2005 4:52 pm Post subject: |
|
|
I Tryed chroot /home/chroot/apache /bin/sh, but still got
| Code: |
chroot: cannot run command `/bin/sh': No such file or directory |
I had also tryed this before with the same error. I didnt realize that I had not put that in.
Thanks for the reply
_________________
Adopt an Unanswered Post
If you feel your problem has been solved, please add [solved] to the initial post's subject line. |
|
| Back to top |
|
|
(l)user
Guru
Joined: 31 Jan 2004
Posts: 334
Location: Poland
|
| Posted: Sun Sep 11, 2005 11:50 am Post subject: |
|
|
Jail tools do not copy all nesessery libraries. You need to:
| Code: |
cp /lib/ld-* /home/chroot/apache/lib
|
_________________
Registered Linux user #302020
Gadu Gadu #490092 |
|
| Back to top |
|
|
|
Networking & Security
