ImageMagick and chroot
Hello , Has anyone had luck in making ImageMagick work into the www chroot environment? Some web applications need to use the 'convert' system command, so i included it into the /var/www/bin/ directory and also every file that gets mentioned when you run : ldd convert , into it's corresponding directory. system:/var/www/bin{4}# ldd convert convert: StartEnd Type Open Ref GrpRef Name exe 10 0 convert 04d59000 24d68000 rlib 01 0 /usr/local/lib/libWand.so.10.1 0d077000 2d147000 rlib 02 0 /usr/local/lib/libMagick.so.10.1 05d92000 25dc5000 rlib 03 0 /usr/local/lib/libxml2.so.9.0 00d9 20e6c000 rlib 04 0 /usr/local/lib/libiconv.so.4.0 0b4b9000 2b4c1000 rlib 04 0 /usr/lib/libz.so.4.1 02e0c000 22e1 rlib 03 0 /usr/local/lib/libbz2.so.10.3 0c23c000 2c243000 rlib 03 0 /usr/local/lib/libpng.so.4.2 06a32000 26a38000 rlib 03 0 /usr/local/lib/libjpeg.so.62.0 04b0b000 24b1b000 rlib 03 0 /usr/local/lib/libjasper.so.1.0 032e1000 232e8000 rlib 05 0 /usr/lib/libm.so.2.1 060fb000 2611f000 rlib 03 0 /usr/local/lib/libtiff.so.37.3 0ee7e000 2ee89000 rlib 03 0 /usr/local/lib/liblcms.so.1.12 054f3000 254f9000 rlib 03 0 /usr/local/lib/libjbig.so.2.0 04183000 241b4000 rlib 01 0 /usr/lib/libc.so.39.0 0a2a3000 0a2a3000 rtld 01 0 /usr/libexec/ld.so system:/var/www/bin{5}# But it still doesn't work. What am i missing? Any suggestions or ideas are welcome. Marcos
Re: ImageMagick and chroot
On Thu, May 17, 2007 at 12:19:42PM -0300, Marcos Laufer wrote: Hello , Has anyone had luck in making ImageMagick work into the www chroot environment? Some web applications need to use the 'convert' system command, so i included it into the /var/www/bin/ directory and also every file that gets mentioned when you run : ldd convert , into it's corresponding directory. system:/var/www/bin{4}# ldd convert convert: StartEnd Type Open Ref GrpRef Name exe 10 0 convert 04d59000 24d68000 rlib 01 0 /usr/local/lib/libWand.so.10.1 0d077000 2d147000 rlib 02 0 /usr/local/lib/libMagick.so.10.1 05d92000 25dc5000 rlib 03 0 /usr/local/lib/libxml2.so.9.0 00d9 20e6c000 rlib 04 0 /usr/local/lib/libiconv.so.4.0 0b4b9000 2b4c1000 rlib 04 0 /usr/lib/libz.so.4.1 02e0c000 22e1 rlib 03 0 /usr/local/lib/libbz2.so.10.3 0c23c000 2c243000 rlib 03 0 /usr/local/lib/libpng.so.4.2 06a32000 26a38000 rlib 03 0 /usr/local/lib/libjpeg.so.62.0 04b0b000 24b1b000 rlib 03 0 /usr/local/lib/libjasper.so.1.0 032e1000 232e8000 rlib 05 0 /usr/lib/libm.so.2.1 060fb000 2611f000 rlib 03 0 /usr/local/lib/libtiff.so.37.3 0ee7e000 2ee89000 rlib 03 0 /usr/local/lib/liblcms.so.1.12 054f3000 254f9000 rlib 03 0 /usr/local/lib/libjbig.so.2.0 04183000 241b4000 rlib 01 0 /usr/lib/libc.so.39.0 0a2a3000 0a2a3000 rtld 01 0 /usr/libexec/ld.so system:/var/www/bin{5}# But it still doesn't work. What am i missing? Any suggestions or ideas are welcome. Marcos You could trying manually chrooting into /var/www and running the command by hand to see if it throws any useful warnings. You will need a shell within the chroot while testing tho. -- James Turner http://bsdgroup.org
Re: ImageMagick and chroot
Marcos Laufer wrote: Hello , Has anyone had luck in making ImageMagick work into the www chroot environment? Yes, run the following script and you are done. #!/bin/sh CHROOT=/var/www # Make dirs [ ! -d $CHROOT/bin ] mkdir -p $CHROOT/bin [ ! -d $CHROOT/usr/local/bin ] mkdir -p $CHROOT/usr/local/bin [ ! -d $CHROOT/usr/local/lib ] mkdir -p $CHROOT/usr/local/lib [ ! -d $CHROOT/usr/lib ] mkdir -p $CHROOT/usr/lib [ ! -d $CHROOT/usr/X11R6/lib ] mkdir -p $CHROOT/usr/X11R6/lib/ [ ! -d $CHROOT/usr/libexec ] mkdir -p $CHROOT/usr/libexec [ ! -d $CHROOT/var/run ] mkdir -p $CHROOT/var/run SH=/bin/sh if [ -x $SH ]; then cp -f $SH $CHROOT/$SH else echo No shit. $SH not found! :) fi LD_HINTS=/var/run/ld.so.hints if [ -f $LD_HINTS ]; then cp $LD_HINTS $CHROOT/$LD_HINTS else echo $LD_HINTS not found. Still wondering thou. fi CONVERT=$(which convert | awk '{print $1}') if [ ! -z $CONVERT ] [ -x $CONVERT ]; then cp -f $CONVERT $CHROOT/$CONVERT for i in $(ldd $CONVERT | awk '{if ($3 == rlib) {print $7}}'); do if [ -f $i ]; then cp -f $i $CHROOT/$i fi done else echo convert not found. exit 1 fi COMPOSITE=$(which composite | awk '{print $1}') if [ ! -z $COMPOSITE ] [ -x $COMPOSITE ]; then cp -f $COMPOSITE $CHROOT/$COMPOSITE for i in $(ldd $COMPOSITE | awk '{if ($3 == rlib) {print $7}}'); do if [ -f $i ]; then cp -f $i $CHROOT/$i fi done else echo composite not found. exit 1 fi IDENTIFY=$(which identify | awk '{print $1}') if [ ! -z $IDENTIFY ] [ -x $IDENTIFY ]; then cp -f $IDENTIFY $CHROOT/$IDENTIFY for i in $(ldd $IDENTIFY | awk '{if ($3 == rlib) {print $7}}'); do if [ -f $i ]; then cp -f $i $CHROOT/$i fi done else echo identify not found. exit 1 fi HTH, Aiko -- Aiko Barz [EMAIL PROTECTED] Web: http://www.haeckser.de
Re: ImageMagick and chroot
Has anyone had luck in making ImageMagick work into the www chroot environment? snip But it still doesn't work. What am i missing? Any suggestions or ideas are welcome. Marcos when I was getting gallery to run under chmoded apache, I got pretty tired of ldd-ing the files, so I've simply extracted package contents into chroot (/var/www): #tar xzvf ~/ImageMagick-6.3.2.1-no_x11.tgz -C /var/www Don't know how wrong that was, but it worked pretty well - in the end I only needed a couple of shared libs that were missing. The script is a cleaner solution, though. By the way, gallery2 works pretty well with GD php plugin, elimitating the need to use ImageMagic. GD is much slower, though. Maxim
Re: ImageMagick and chroot
Hello , The script just worked . Thanks a lot Aiko for that script, and thanks to everybody for the suggestions and help. Now the convert command runs , and i can see the web application shows me an image where it supposed to be showd, but i still have some errors though , but i guess they are about the programming of this web application . I know that on the old server (lionux) it worked just fine with the code as it is (php5), but maybe has to be changed because of the chroot , i don't know , i'll try to contact the programmer to let him see it . Thanks , Marcos - Original Message - From: Aiko Barz [EMAIL PROTECTED] To: Marcos Laufer [EMAIL PROTECTED] Cc: misc@openbsd.org Sent: Thursday, May 17, 2007 2:51 PM Subject: Re: ImageMagick and chroot : [EMAIL PROTECTED] Marcos Laufer wrote: Hello , Has anyone had luck in making ImageMagick work into the www chroot environment? Yes, run the following script and you are done. #!/bin/sh CHROOT=/var/www # Make dirs [ ! -d $CHROOT/bin ] mkdir -p $CHROOT/bin [ ! -d $CHROOT/usr/local/bin ] mkdir -p $CHROOT/usr/local/bin [ ! -d $CHROOT/usr/local/lib ] mkdir -p $CHROOT/usr/local/lib [ ! -d $CHROOT/usr/lib ] mkdir -p $CHROOT/usr/lib [ ! -d $CHROOT/usr/X11R6/lib ] mkdir -p $CHROOT/usr/X11R6/lib/ [ ! -d $CHROOT/usr/libexec ] mkdir -p $CHROOT/usr/libexec [ ! -d $CHROOT/var/run ] mkdir -p $CHROOT/var/run SH=/bin/sh if [ -x $SH ]; then cp -f $SH $CHROOT/$SH else echo No shit. $SH not found! :) fi LD_HINTS=/var/run/ld.so.hints if [ -f $LD_HINTS ]; then cp $LD_HINTS $CHROOT/$LD_HINTS else echo $LD_HINTS not found. Still wondering thou. fi CONVERT=$(which convert | awk '{print $1}') if [ ! -z $CONVERT ] [ -x $CONVERT ]; then cp -f $CONVERT $CHROOT/$CONVERT for i in $(ldd $CONVERT | awk '{if ($3 == rlib) {print $7}}'); do if [ -f $i ]; then cp -f $i $CHROOT/$i fi done else echo convert not found. exit 1 fi COMPOSITE=$(which composite | awk '{print $1}') if [ ! -z $COMPOSITE ] [ -x $COMPOSITE ]; then cp -f $COMPOSITE $CHROOT/$COMPOSITE for i in $(ldd $COMPOSITE | awk '{if ($3 == rlib) {print $7}}'); do if [ -f $i ]; then cp -f $i $CHROOT/$i fi done else echo composite not found. exit 1 fi IDENTIFY=$(which identify | awk '{print $1}') if [ ! -z $IDENTIFY ] [ -x $IDENTIFY ]; then cp -f $IDENTIFY $CHROOT/$IDENTIFY for i in $(ldd $IDENTIFY | awk '{if ($3 == rlib) {print $7}}'); do if [ -f $i ]; then cp -f $i $CHROOT/$i fi done else echo identify not found. exit 1 fi HTH, Aiko -- Aiko Barz [EMAIL PROTECTED] Web: http://www.haeckser.de