Re: standard FAQ procedure ... in chroot
I don't think there is a word for chroot back. Once you limit yourself
into a chroot, you are stuck in it and get special treatment until you
exit. Apart from why mknod wants to fail inside chroots, having a simple
syscall being able to take you out of it would defeat the whole purpose, no?
2014-06-08 4:36 GMT+02:00 Andres Perera andre...@zoho.com:
The description of EINVAL in mknod(2) is wrong:
[EINVAL] The process is running within an alternate root
directory, as created by chroot(2).
Even if a process chroot()s back to /, it can't create a device node.
The program below exits with EINVAL:
#include sys/stat.h
#include unistd.h
int main() {
chroot(/);
if (mknod(/t, 0x21b6, 0x1600) == -1) /* stdin amd64 */
err(1, mknod);
}
On Sat, Jun 7, 2014 at 2:42 PM, Miod Vallat m...@online.fr wrote:
Is this some kind of security protection ?
of course... see mknod(2).
i read it and still does not understand.
Check the description of EINVAL.
--
May the most significant bit of your life be positive.
Re: standard FAQ procedure ... in chroot
On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson icepic...@gmail.com wrote:
I don't think there is a word for chroot back.
I don't think you read, understood, and executed the sample.
After chroot(/), or chroot(FOO), you can't mknod(2), therefore the
description is wrong.
Once you limit yourself
into a chroot, you are stuck in it and get special treatment until you
exit. Apart from why mknod wants to fail inside chroots, having a simple
syscall being able to take you out of it would defeat the whole purpose, no?
2014-06-08 4:36 GMT+02:00 Andres Perera andre...@zoho.com:
The description of EINVAL in mknod(2) is wrong:
[EINVAL] The process is running within an alternate root
directory, as created by chroot(2).
Even if a process chroot()s back to /, it can't create a device node.
The program below exits with EINVAL:
#include sys/stat.h
#include unistd.h
int main() {
chroot(/);
if (mknod(/t, 0x21b6, 0x1600) == -1) /* stdin amd64 */
err(1, mknod);
}
On Sat, Jun 7, 2014 at 2:42 PM, Miod Vallat m...@online.fr wrote:
Is this some kind of security protection ?
of course... see mknod(2).
i read it and still does not understand.
Check the description of EINVAL.
--
May the most significant bit of your life be positive.
Re: standard FAQ procedure ... in chroot
On Sun, Jun 08, 2014 at 02:59:08AM -0430, Andres Perera wrote: On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson icepic...@gmail.com wrote: I don't think there is a word for chroot back. I don't think you read, understood, and executed the sample. After chroot(/), or chroot(FOO), you can't mknod(2), therefore the description is wrong. What part is wrong? alternate directory might happen to be / itself. While that's silly to do it's still an alternate to an unchrooted /. -Otto
Re: standard FAQ procedure ... in chroot
On Sun, Jun 8, 2014 at 4:21 AM, Otto Moerbeek o...@drijf.net wrote: On Sun, Jun 08, 2014 at 02:59:08AM -0430, Andres Perera wrote: On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson icepic...@gmail.com wrote: I don't think there is a word for chroot back. I don't think you read, understood, and executed the sample. After chroot(/), or chroot(FOO), you can't mknod(2), therefore the description is wrong. What part is wrong? alternate directory might happen to be / itself. While that's silly to do it's still an alternate to an unchrooted /. -Otto AS a victim, the only documentation improve would to point this into the mknod(8) man page, the alternate root explanation was ok, even if in a chrooted environnement mknod return einval would thwart the sillly(?) chroot / case. Creation of /dev/wd* or /dev/sd* could defeat the chroot, but creating /dev/stdin ... does that mean vnconfig is also not possible ? -- - () ascii ribbon campaign - against html e-mail /\
Re: standard FAQ procedure ... in chroot
On Sun, Jun 8, 2014 at 3:51 AM, Otto Moerbeek o...@drijf.net wrote:
On Sun, Jun 08, 2014 at 02:59:08AM -0430, Andres Perera wrote:
On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson icepic...@gmail.com wrote:
I don't think there is a word for chroot back.
I don't think you read, understood, and executed the sample.
After chroot(/), or chroot(FOO), you can't mknod(2), therefore the
description is wrong.
What part is wrong?
alternate directory might happen to be / itself.
Even though it's the same directory as the previous root directory?
How is it alternate, then?
What's alternating, other than the root directory, which is *the same*?
Either make this fd_rdir check a string comparison in addition to a
null-pointer check or change the docs instead of being confusing:
int
domknodat(struct proc *p, int fd, const char *path, mode_t mode, dev_t dev)
{
struct vnode *vp;
struct vattr vattr;
int error;
struct nameidata nd;
if ((error = suser(p, 0)) != 0)
return (error);
if (p-p_fd-fd_rdir)
return (EINVAL);
While that's silly
to do it's still an alternate to an unchrooted /.
-Otto
Re: standard FAQ procedure ... in chroot
It feels like you are trying to convince someone that
chroot(/);
equals not being chrooted at all.
In my view several things happen when a pid is started in a chroot,
including
1. the dir used as a parameter for the chroot will always be its own parent
dir so that you may never again go above it. You may (haven't checked)
chroot yourself lower again, but not stop the chroot.
2. You may not create device nodes since that would make it easy to defeat
the chroot if root.
This list may be far longer, but I don't think the docs need fixing for the
chroot(/); case when mknod:ing.
2014-06-08 17:44 GMT+02:00 Andres Perera andre...@zoho.com:
On Sun, Jun 8, 2014 at 3:51 AM, Otto Moerbeek o...@drijf.net wrote:
On Sun, Jun 08, 2014 at 02:59:08AM -0430, Andres Perera wrote:
On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson icepic...@gmail.com
wrote:
I don't think there is a word for chroot back.
I don't think you read, understood, and executed the sample.
After chroot(/), or chroot(FOO), you can't mknod(2), therefore the
description is wrong.
What part is wrong?
alternate directory might happen to be / itself.
Even though it's the same directory as the previous root directory?
How is it alternate, then?
What's alternating, other than the root directory, which is *the same*?
Either make this fd_rdir check a string comparison in addition to a
null-pointer check or change the docs instead of being confusing:
int
domknodat(struct proc *p, int fd, const char *path, mode_t mode, dev_t dev)
{
struct vnode *vp;
struct vattr vattr;
int error;
struct nameidata nd;
if ((error = suser(p, 0)) != 0)
return (error);
if (p-p_fd-fd_rdir)
return (EINVAL);
While that's silly
to do it's still an alternate to an unchrooted /.
-Otto
--
May the most significant bit of your life be positive.
Re: standard FAQ procedure ... in chroot
On Sun, Jun 8, 2014 at 12:16 PM, Janne Johansson icepic...@gmail.com wrote:
It feels like you are trying to convince someone that
chroot(/);
equals not being chrooted at all.
Not at all. I'm trying to convince someone to explain what chrooted
means, preferably without changing current semantics.
chroot(2), for instance, doesn't mention the term alternate root
directory as a well-defined state that includes--but does not limit
itself to--the invoking process' root directory, nor does chroot(2)
reference or allude to the creation of an alternate root
directory.
Am I supposed to consider mknod(2)'s wording authoritative over chroot(2)'s?
Maybe the first step is recognizing that the documentation is unclear
on the subject.
In my view several things happen when a pid is started in a chroot,
including
1. the dir used as a parameter for the chroot will always be its own parent
dir so that you may never again go above it. You may (haven't checked)
chroot yourself lower again, but not stop the chroot.
2. You may not create device nodes since that would make it easy to defeat
the chroot if root.
This list may be far longer, but I don't think the docs need fixing for the
chroot(/); case when mknod:ing.
2014-06-08 17:44 GMT+02:00 Andres Perera andre...@zoho.com:
On Sun, Jun 8, 2014 at 3:51 AM, Otto Moerbeek o...@drijf.net wrote:
On Sun, Jun 08, 2014 at 02:59:08AM -0430, Andres Perera wrote:
On Sun, Jun 8, 2014 at 2:24 AM, Janne Johansson icepic...@gmail.com
wrote:
I don't think there is a word for chroot back.
I don't think you read, understood, and executed the sample.
After chroot(/), or chroot(FOO), you can't mknod(2), therefore the
description is wrong.
What part is wrong?
alternate directory might happen to be / itself.
Even though it's the same directory as the previous root directory?
How is it alternate, then?
What's alternating, other than the root directory, which is *the same*?
Either make this fd_rdir check a string comparison in addition to a
null-pointer check or change the docs instead of being confusing:
int
domknodat(struct proc *p, int fd, const char *path, mode_t mode, dev_t dev)
{
struct vnode *vp;
struct vattr vattr;
int error;
struct nameidata nd;
if ((error = suser(p, 0)) != 0)
return (error);
if (p-p_fd-fd_rdir)
return (EINVAL);
While that's silly
to do it's still an alternate to an unchrooted /.
-Otto
--
May the most significant bit of your life be positive.
Re: standard FAQ procedure ... in chroot
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
Re: standard FAQ procedure ... in chroot
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
--
-
() ascii ribbon campaign - against html e-mail
/\
Re: standard FAQ procedure ... in chroot
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
Or just create the device nodes from a non-chrooted environment in the
right dir.
-Otto
Re: standard FAQ procedure ... in chroot
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org
wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
-Otto
--
-
() ascii ribbon campaign - against html e-mail
/\
Re: standard FAQ procedure ... in chroot
On Sat, Jun 07, 2014 at 12:14:55PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org
wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
why? they will be accessable from both outside as inside the chroot,
whether you create them from the chroot or not.
-Otto
Re: standard FAQ procedure ... in chroot
On Sat, Jun 7, 2014 at 12:14 PM, sven falempin sven.falem...@gmail.com wrote:
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org
wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
# ksh -x MAKEDEV all
+ PATH=/sbin:/usr/sbin:/bin:/usr/bin
+ T=MAKEDEV
[ ... ]
+ echo chgrp operator vnd0a [ ... ] enrst1
sh: stdin[1]: mknod: drm0: Invalid argument
even darker, why calling chgrp and then having a mknod error, set +x
inside the script ?
Re: standard FAQ procedure ... in chroot
On Sat, Jun 07, 2014 at 12:28:28PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 12:14 PM, sven falempin sven.falem...@gmail.com
wrote:
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org
wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
# ksh -x MAKEDEV all
+ PATH=/sbin:/usr/sbin:/bin:/usr/bin
+ T=MAKEDEV
[ ... ]
+ echo chgrp operator vnd0a [ ... ] enrst1
sh: stdin[1]: mknod: drm0: Invalid argument
even darker, why calling chgrp and then having a mknod error, set +x
inside the script ?
you can put set -x inside functions the trace them
-Otto
Re: standard FAQ procedure ... in chroot
On Sat, Jun 7, 2014 at 12:38 PM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 12:28:28PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 12:14 PM, sven falempin sven.falem...@gmail.com
wrote:
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson s...@spacehopper.org
wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
# ksh -x MAKEDEV all
+ PATH=/sbin:/usr/sbin:/bin:/usr/bin
+ T=MAKEDEV
[ ... ]
+ echo chgrp operator vnd0a [ ... ] enrst1
sh: stdin[1]: mknod: drm0: Invalid argument
even darker, why calling chgrp and then having a mknod error, set +x
inside the script ?
you can put set -x inside functions the trace them
oh!, there is some echo | sh at the end..
-Otto
well, even manually i have trouble:
# cd /root
# mknod stdin c 22 0
# rm stdin
# chroot /mirror/altroot/
# mount | cat
/dev/sd0a on / type ffs (local)
/dev/sd0k on /mirror type ffs (local)
[...]
# cd /lol
# mknod stdin c 22 0
/bin/ksh: mknod: stdin: Invalid argument
# uname -a
OpenBSD sources.citypassenger.com 5.5 GENERIC#271 amd64
Is this some kind of security protection ?
--
-
() ascii ribbon campaign - against html e-mail
/\
Re: standard FAQ procedure ... in chroot
On Sat, Jun 07, 2014 at 01:30:01PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 12:38 PM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 12:28:28PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 12:14 PM, sven falempin sven.falem...@gmail.com
wrote:
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson
s...@spacehopper.org wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
# ksh -x MAKEDEV all
+ PATH=/sbin:/usr/sbin:/bin:/usr/bin
+ T=MAKEDEV
[ ... ]
+ echo chgrp operator vnd0a [ ... ] enrst1
sh: stdin[1]: mknod: drm0: Invalid argument
even darker, why calling chgrp and then having a mknod error, set +x
inside the script ?
you can put set -x inside functions the trace them
oh!, there is some echo | sh at the end..
-Otto
well, even manually i have trouble:
# cd /root
# mknod stdin c 22 0
# rm stdin
# chroot /mirror/altroot/
# mount | cat
/dev/sd0a on / type ffs (local)
/dev/sd0k on /mirror type ffs (local)
[...]
# cd /lol
# mknod stdin c 22 0
/bin/ksh: mknod: stdin: Invalid argument
# uname -a
OpenBSD sources.citypassenger.com 5.5 GENERIC#271 amd64
Is this some kind of security protection ?
of course... see mknod(2).
Re: standard FAQ procedure ... in chroot
On Sat, Jun 7, 2014 at 1:41 PM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 01:30:01PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 12:38 PM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 12:28:28PM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 12:14 PM, sven falempin sven.falem...@gmail.com
wrote:
On Sat, Jun 7, 2014 at 11:30 AM, Otto Moerbeek o...@drijf.net wrote:
On Sat, Jun 07, 2014 at 08:20:00AM -0400, sven falempin wrote:
On Sat, Jun 7, 2014 at 6:58 AM, Stuart Henderson
s...@spacehopper.org wrote:
On 2014-06-06, sven falempin sven.falem...@gmail.com wrote:
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while
i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
Your chroot is probably on a filesystem mounted with nodev.
nop , this mistake i did and already corrected. I can call a pipe |
or read /dev/(u)random etc... (i called MAKEDEV outside the chroot and
then enter it), but when inside...i have those Invalid argument.
i suspect a config file somewhere but i am in the dark.
Use set -x in the MAKEDV script to see what command fails.
i try right away , thanks
Or just create the device nodes from a non-chrooted environment in the
right dir.
it breaks the purpose
# ksh -x MAKEDEV all
+ PATH=/sbin:/usr/sbin:/bin:/usr/bin
+ T=MAKEDEV
[ ... ]
+ echo chgrp operator vnd0a [ ... ] enrst1
sh: stdin[1]: mknod: drm0: Invalid argument
even darker, why calling chgrp and then having a mknod error, set +x
inside the script ?
you can put set -x inside functions the trace them
oh!, there is some echo | sh at the end..
-Otto
well, even manually i have trouble:
# cd /root
# mknod stdin c 22 0
# rm stdin
# chroot /mirror/altroot/
# mount | cat
/dev/sd0a on / type ffs (local)
/dev/sd0k on /mirror type ffs (local)
[...]
# cd /lol
# mknod stdin c 22 0
/bin/ksh: mknod: stdin: Invalid argument
# uname -a
OpenBSD sources.citypassenger.com 5.5 GENERIC#271 amd64
Is this some kind of security protection ?
of course... see mknod(2).
i read it and still does not understand.
--
-
() ascii ribbon campaign - against html e-mail
/\
Re: standard FAQ procedure ... in chroot
Is this some kind of security protection ? of course... see mknod(2). i read it and still does not understand. Check the description of EINVAL.
Re: standard FAQ procedure ... in chroot
On Sat, Jun 7, 2014 at 3:12 PM, Miod Vallat m...@online.fr wrote: Is this some kind of security protection ? of course... see mknod(2). i read it and still does not understand. Check the description of EINVAL. i was reading the (8) man pages :-( So DESTDIR is nor working and make release is calling MAKEDEV, so there s no way to make a release without changing the system that build it. That is odd. Should i try to fix DESTDIR, or change the release process to skip MAKEDEV (i guess it is made to build the ramdisk ?) -- - () ascii ribbon campaign - against html e-mail /\
Re: standard FAQ procedure ... in chroot
The description of EINVAL in mknod(2) is wrong:
[EINVAL] The process is running within an alternate root
directory, as created by chroot(2).
Even if a process chroot()s back to /, it can't create a device node.
The program below exits with EINVAL:
#include sys/stat.h
#include unistd.h
int main() {
chroot(/);
if (mknod(/t, 0x21b6, 0x1600) == -1) /* stdin amd64 */
err(1, mknod);
}
On Sat, Jun 7, 2014 at 2:42 PM, Miod Vallat m...@online.fr wrote:
Is this some kind of security protection ?
of course... see mknod(2).
i read it and still does not understand.
Check the description of EINVAL.
standard FAQ procedure ... in chroot
Dear misc readers,
I try to understand why MAKEDEV is failing inside my chroot, while i
can manually create some dev with mknod .
Like:
SCRIPT ${DESTDIR}/dev/MAKEDEV dev/MAKEDEV
SPECIAL cd dev; sh MAKEDEV ramdisk
sh: stdin[1]: mknod: console: Invalid argument
sh: stdin[1]: mknod: tty: Invalid argument
AFAIK everything else is ok inside the CHROOT.
Help is welcome.
--
-
() ascii ribbon campaign - against html e-mail
/\
