We're in the process of setting up an anonymous CVS server for public use. As part of this, I'm running into a few issues related to the chroot and permissions on devices. I can successfully authenticate using:
cvs -d :pserver:[EMAIL PROTECTED]:/repositories login
But when I try to check something out, I get:
$ cvs -d :pserver:[EMAIL PROTECTED]:/repositories checkout gentoo-x86
open /dev/null failed
Permission denied
But the permissions on the chrooted /dev/null device look fine:
# ls -alh /chroot/dev/null
crwxrwxrwx 1 root root 1, 3 Jan 1 1970 /chroot/dev/null
strace gives me:
12095 open("/dev/null", O_RDONLY|O_LARGEFILE) = -1 EACCES (Permission denied)
12095 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x55ce1000
12095 write(1, "E open /dev/null failed\nerror P"..., 49) = 49
I used cvsd-buildroot to build the chroot....during this process, it
complained about devices:
creating /chroot/dev devices... FAILED (unable to use devices)
The kernel on this box is 2.6.11-hardened-r15 and we're using grsecurity...I
kind of suspect that is the problem, but I don't have enough experience
with it to troubleshoot. Short of building a new kernel and removing grsec
options one by one, can anyone suggest some other things to try?
(including those that might not have anything to do w/ grsec)
tia.
--kurt
pgpqcIVQJ3GKD.pgp
Description: PGP signature
