Package: makejail
Version: 0.0.5-10
Severity: normal
Dear Maintainer,
It seem that the makejail script doesn't really fit to the documentation
regarding both, the userFiles and the groupFiles options. Indeed, in the
documentation, it's clearly stated that any files which are specified in both
of those configuration options are automatically filtered (according value of
the users and groups options) and copied in the chroot.
Normally, without explicite declaration, the following files are should be
automatically filtered and copied:
User files
/etc/passwd
/etc/shadow
Group files
/etc/group
/etc/gshadow
But currently, those file are processed only in the context of a missing file
and therefore, they are not copied as expected (behavior still undefined so).
The only way to for now is to add their path also in the forceCopy option which
.
Even worse, if you declare the related options in your own makejail
configuration file, they are still not copied.
My test has been made with the following configuration file
###
# clean the jail
cleanJailFirst = 1
preserve = ["/home"]
chroot = "/var/chroot/instantSSH/vu2004"
testCommandsInsideJail = ["bash", "ls", "touch", "rm", "rmdir", "less", "cat",
"rsync", "scp", "hostname"]
users = ["root", "vu2004"]
groups = ["root", "vu2004"]
userFiles = ["/etc/passwd", "/etc/shadow"]
packages = ["coreutils"]
###
So here I expect at least to have both the /etc/passwd and /etc/shadow file
copied inside the chroot with the entries for both root and vu2004 users/groups.
To solve this issue I have patched the makejail script to force processing of
both, the userFiles and userGroups options.
You can found the attached patch.
Thanks you.
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (1001, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 3.14-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages makejail depends on:
ii binstats 1.08-8
ii debconf 1.5.53
ii psmisc 22.21-2
ii python 2.7.8-1
ii strace 4.9-2
makejail recommends no packages.
makejail suggests no packages.
-- no debconf information
*** /root/makejail.patch
--- /usr/sbin/makejail 2012-03-05 19:17:34.000000000 +0100
+++ /usr/local/sbin/makejail 2014-09-27 11:53:33.339999650 +0200
@@ -888,6 +888,22 @@
addFileToJail(file)
moveIndent(-1)
+ # === Copy user files
+ for globExpression in config.userFiles:
+ debug("Adding files matching '%s'" % globExpression)
+ moveIndent(1)
+ for file in glob.glob(globExpression):
+ addFileToJail(file)
+ moveIndent(-1)
+
+ # === Copy group files
+ for globExpression in config.groupFiles:
+ debug("Adding files matching '%s'" % globExpression)
+ moveIndent(1)
+ for file in glob.glob(globExpression):
+ addFileToJail(file)
+ moveIndent(-1)
+
chrootCommands=[]
if config.testCommandsInsideJail:
for command in config.testCommandsInsideJail:
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
