Looks like one or more shared libraries are missing. Use "ldd /bin/bash" (rsp. /bin/ls) to seeOn Fri, 6 Feb 2004 10:44:30 -0800 (PST), "Eric Paynter" <[EMAIL PROTECTED]> wrote:
Is that 555 for files and 511 for directories? Try 555 for all, and
if that fixes it we can work on getting more restrictive.
I now tried 777 and I have still this problem. but I dont thin it is the permssion. I just tried manually to chroot /home/ftp and I get the errormessage chroot: /bin/bash : no such file or directory.
what bash/ls requires. Additionally, there are some libraries that are *not* listed
by ldd - at least /lib/libnss* stuff. The glibc requires them, but bypasses "normal"
dynamic linking so ldd doesn't know about them. Using something like
"strace chroot . /bin/bash" should help figuring out which libraries are still missing.
Also, it seems the linker requires these libraries to be referenced via symlinks just as in
your ordinary /lib directory. You should be able to just do a "cp -dp /lib/libnss* lib" (from inside
the chrroot-directory) to make all the NSS libraries available to the chrooted environment.
Do *not* use ln, as that kind of defeats the purpose of the chroot environment (an attacker
could open the hard-linked library for write access, and thus compromise your global /lib
directory). Maybe one day Linux'll support copy-on-write for hard-linked files... :-)
(snip)
-- [EMAIL PROTECTED] mailing list
