On Mon, 1 Jun 2015 06:05:28 -0400 Josh Grosse <j...@jggimi.homeip.net> wrote: > On Mon, Jun 01, 2015 at 04:45:01AM -0400, dan mclaughlin wrote: > > On Sun, 31 May 2015 22:20:17 -0500 Okupandolared <kan...@darkmail.mx> wrote: > > > does not exist, > > > > > > so I can copy /usr/bin/whoami to /var/www/usr/bin/whoami? > > > > > > that try "ls" and "/bin/ls" and "/var/www/bin/ls" > > > > > > and it does not work, > > > "/bin/ls" exist > > > "/var/www/bin/ls" exist > > > > > > thanks > > > > > > On 05/31/15 19:43, Zi Loff wrote: > > > > On Sun, May 31, 2015 at 09:35:36PM -0500, Okupandolared wrote: > > > >> -----BEGIN PGP SIGNED MESSAGE----- > > > >> Hash: SHA256 > > > >> > > > >> I like received variables POST and send to KSH script. > > > >> > > > >> But it seems that in OpenBSD 5.6 and php-fpm. > > > >> > > > >> exec() and exec_shell() not working. > > > >> > > > >> Could anyone help me? > > > >> > > > >> This link explain in detail what I've tried. > > > >> > > > >> http://serverfault.com/questions/695703/php-fpm-does-not-work-me-exec-or-shell-exec > > > >> > > > >> thanks > > > > > > > > If the server is chrooted at "/var/www" then "/usr/bin/whoami" (from the > > > > server's point of view) actually means "/var/www/usr/bin/whoami" (from > > > > your point of view). Does that file exist? > > > > > > > have you tried to copy /bin/sh to /var/www/bin/sh? > > Also, in a chrooted filesystem, every dynamically linked executable needs > access > to ld.so and its shared libraries. Which means /var/www/usr/lib and > /var/www/usr/libexec will need files populated -- every binary file should be > checked wiht ldd(1) to ensure required libraries are made available. > shared libraries. Each program should
that reminds me, i did a write up on chrooting programs here: https://marc.info/?l=openbsd-misc&m=142676615612510&w=2 although it got into more, the basics of setting up a chroot jail are there. i also have a script that adds a binary and its dependencies automatically. i'll have to post it later, since i've actually been meaning to recently. just have to make a few adjustments for portability.
