Roger Leigh <[EMAIL PROTECTED]> writes: > Lucas Nussbaum <[EMAIL PROTECTED]> writes:
>> It seems that this is caused by the fact that schroot logs in the user >> with $HOME set to the host's pwent, not the guest. My config is: >> host: >> user's home: /home/user >> chroot: >> user's home in /etc/passwd: /nonexistent (which doesn't exist) > > Interesting. Currently, we do make the assumption that the passwd > database is the same both inside and outside (and > /etc/schroot/setup.d/20copyfiles takes pains to make sure that this is > the case, though the defaults only work in a basic setup without NIS > or LDAP). > > I could alter this to reread the information after we have chroot()ed, > though I will need to check that > > - libc doesn't cache struct passwd records > - it doesn't cause a lot of breakage for non-standard setups where > getpwent fails inside the chroot. To follow up to this problem: I remembered last night why we don't already do this: schroot is run on the host system. It uses the host libc, and hence also the host NSS modules (/lib/libnss*.so). These are loaded with dlopen on startup by the libc startup code. Once we chroot(), we still have those NSS modules open. If the NSS configuration inside the chroot is different (or we aren't using GNU libc), then there will be problems. i.e. getpw* can't work reliably. We can't even exec() ourselves inside the chroot due to being located outside. My thoughts on how to fix this are to chroot(), then fork and exec "getent passwd $user" and read the record in the parent process. The only problem then is how to split up that text record into a "struct passwd". I can see a libc routine for reading them from a FILE*, so perhaps we can read them directly from the child. Otherwise, we might need to write out a temporary file and read that. If you have any ideas about how to read a passwd entry inside the chroot, I would be very interested! Regards, Roger -- .''`. Roger Leigh : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ `- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
pgpgPYoIhNL8M.pgp
Description: PGP signature
