We've recently moved hosts! Please report any weirdness with the wiki (or spam) on Utopia.

Utopia chroot

From BBSWiki

Jump to: navigation, search

Contents

[edit] Special files

  • ln -s /var/run/utmp /opt/bbsroot/var/run/utmp
  • dev:

[edit] At startup

  • mount -t proc proc /opt/bbsroot/proc
  • mount -t devpts devpts /opt/bbsroot/dev/pts/

[edit] issues

libcrypt: The issue is that semaphores live in their own filesystem-like
structure.
neurophyre: so it needs to exist in the chroot jail.
libcrypt: It exists in heaven, so to speak.
libcrypt: Do "ipcs".
libcrypt: That's like "ls" for the SysV Shm world.
neurophyre: [neuro@fatcat ~]$ ipcs

 ------ Shared Memory Segments --------
 key        shmid      owner      perms      bytes      nattch     status

 ------ Semaphore Arrays --------
 key        semid      owner      perms      nsems
 0x000003e8 196612     bbs       664        1

 ------ Message Queues --------
 key        msqid      owner      perms      used-bytes   messages
neurophyre: why wouldn't that work in a chroot jail then?
libcrypt: Are you running as root in the chroot jail?
neurophyre: yes
neurophyre: for experimentation I was.
libcrypt: Do you have it set up so that you can shell into the chroot?
neurophyre: no.  not at this point.
libcrypt: You should, and copy the sys V utils like ipcs over.
libcrypt: ipcrm
neurophyre: hmm.
libcrypt: ipccclean
neurophyre: and then try to run them and see what happens?
libcrypt: Yes.
libcrypt: If they don't run, they might give you a clue why not.
libcrypt: As far as I know, sys V shared mem stuff needs nothing in the
filesystem.
libcrypt: As opposed to UNIX domain sockeets, which do.

[edit] telnet

Apr 20, 2007 2:45 from Neurophyre
On a totally unrelated and more important note, let's say I want to mirror port
23 to port 6969.  That is, anyone connecting to port 23 gets the service
running on port 6969.

This is Linux.

I can't use iptables to do this.  (Kernel doesn't have support for the
particular bit I need compiled in, and I have no control over the kernel.)

How can I do it?
[UNIX System V Or Die> msg £9741 (34 remaining)] Read cmd -> Back (change direction)

Apr 20, 2007 6:27 from SeanB

  ssh -L23:localhost:6969 localhost ./run_forever.sh

[UNIX System V Or Die> msg £9742 (33 remaining)] Read cmd -> Next

Apr 20, 2007 15:20 from Neurophyre
That seems like a much better solution than the sketchy 'rinetd' I found.  But
what's run_forever.sh?
[UNIX System V Or Die> msg £9743 (32 remaining)] Read cmd -> Next

Apr 20, 2007 15:21 from Ivor
£!/bin/sh
while true; do
 sleep 6000
done
[UNIX System V Or Die> msg £9744 (31 remaining)] Read cmd ->

Apr 20, 2007 15:24 from GoNINzo
i used a tiny program called redir at one point to redirect output across
ports.
In fact, it was included in a version of linux later on, but can't say if yours
has it or not.
[UNIX System V Or Die> msg £9745 (30 remaining)] Read cmd -> Next

Apr 20, 2007 15:25 from Neurophyre
Weird syntax.  But I get it and I'll try it, thanks!
[UNIX System V Or Die> msg £9746 (29 remaining)] Read cmd -> Next

Apr 20, 2007 15:26 from Neurophyre
Nope, it's not a CentOS 4.4 package, but I did find it online.

Most shit doesn't seem to be a CentOS 4.4 package.  :P  I'm not impressed.
[UNIX System V Or Die> msg £9747 (28 remaining)] Read cmd ->

Apr 20, 2007 17:20 from Ivor
So true.
http://ars.userfriendly.org/cartoons/?id=20070412
[UNIX System V Or Die> msg £9748 (27 remaining)] Read cmd -> Next

Apr 20, 2007 21:34 from SeanB

  Thou shalt learn to compile.

[UNIX System V Or Die> msg £9749 (26 remaining)] Read cmd -> Next

Apr 22, 2007 17:40 from Growf
You can use netcat to redirect one port to another without the authentication
needs that ssh has.

[UNIX System V Or Die> msg £9750 (25 remaining)] Read cmd -> Next

Apr 22, 2007 18:29 from SeanB

  I use netcat or ipipe.

consulting% ls -l ipipe*
-rwxr-xr-x   1 berry    other      13843 Jan  6  2006 ipipe
-rwxr-xr-x   1 berry    other       9628 Jan  6  2006 ipipe.c
-rwxr-xr-x   1 berry    other      15584 Apr 20  2006 ipipe.sol
-rw-r--r--   1 berry    other       6234 Jan  6  2006 ipipe.zip
consulting% file ipipe
ipipe:          ELF 32-bit LSB executable 80386 Version 1, dynamically linked,
not stripped
consulting% file ipipe.sol
ipipe.sol:      ELF 32-bit MSB executable SPARC Version 1, dynamically linked,
not stripped
consulting%

  http://www.yeah.org/~berry/misc/ipipe.c (those two binaries are in the same
    directory)

[UNIX System V Or Die> msg £9751 (24 remaining)] Read cmd ->
Retrieved from "http://bbswiki.utopiadammit.com/wiki/Utopia_chroot"
Personal tools