Hi Murray,
The current beta11 code may chroot on startup. The code
simply chroot at early initialisation. Switching userid follows chroot.
That way the code needs to lookup uids inside chroot. So passwd/group files
and libraries must be present inside the chroot.
I wrote a little testprogram that changed these steps.
I first lookup the uid, than chroot and than change the uid.
That works for me with /var/lib/empty ( which *is* empty )
Maybe you could adopt this in odk?
Andreas
$ /tmp/test
running as uid: 1000, gid: 1000
cwd: /var/lib/empty
ERR: chroot() failed: Operation not permitted
$ su -
Passwort:
# /tmp/test
running as uid: 0, gid: 0
cwd: /var/lib/empty
cwd: /
running as uid: 0, gid: 105
running as uid: 105, gid: 105
ok
--
########################################################################
#
# Andreas Schulze
# https://andreasschulze.de
#
# GnuPG Key-ID: A7DBA67F, https://andreasschulze.de/sca.asc
# GnuPG Fingerprint: 14C1 39A8 CE6D 6BE0 28C6 5652 03B5 6793 A7DB A67F
#
# $Id: .signature,v 1.3 2007-12-27 21:13:36 sca Exp $
########################################################################
- text/x-csrc attachment: test.c
Received on Fri Jan 27 2012 - 23:05:54 PST