On Wed, Feb 4, 2009 at 9:22 AM, Timo Sirainen <t...@iki.fi> wrote: > On Wed, 2009-02-04 at 09:17 +1300, Michael Kerrisk wrote: >> >> > And for ERRORS: >> >> > >> >> > ENOENT: /proc filesystem not available. >> >> > >> >> > ref: http://lkml.org/lkml/2006/12/27/140 >> >> >> >> surely the error is ENOSYS (see the glibc source), which is already >> >> documented in the man page? >> > >> > Well, what I did was: >> > >> > 1. open() an executable >> > 2. chroot() to empty directory >> > 3. drop root privileges >> > 4. fexecve() >> > >> > And fexecve() return ENOENT. So I was assuming it's because there was >> > no /proc in the empty dir.. >> >> Can you provide a very simple test program? In my tests, I am seeing >> ENOSYS, as I would expect from reading the source.` > > Weird. I'm also getting ENOSYS now in my test program.
Thanks for the confirmation. > In my real > program I got ENOENT for some reason. Anyway ENOENT still happens > if /proc is mounted but the executed file is outside the chroot. Yes. The entries in /proc/self/fd are symlinks, and these would refer to paths that probably don't exist in your chroot environment. (If you have test program for this case, I'd be interested to see it, to run a few experiemnts.) Cheers, Michael > Test > program: > #define _GNU_SOURCE > #include <stdio.h> > #include <string.h> > #include <errno.h> > #include <stdlib.h> > #include <unistd.h> > #include <fcntl.h> > > int main(void) > { > extern char **environ; > char *argv[] = { "ls", NULL }; > int fd = open("/bin/ls", O_RDONLY); > if (fd == -1) perror("open()"); > > chdir("/tmp/foo"); > if (chroot("/tmp/foo") < 0) > perror("chroot()"); > fexecve(fd, argv, environ); > perror("fexecve()"); > return 0; > } > > > -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ git://git.kernel.org/pub/scm/docs/man-pages/man-pages.git man-pages online: http://www.kernel.org/doc/man-pages/online_pages.html Found a bug? http://www.kernel.org/doc/man-pages/reporting_bugs.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org