linux, tomcat5, jsvc, chroot and jsvc error:Invalid user name 'nobody' specified

2004-09-19 Thread Glen Ezkovich 
I'm trying to run tomcat in chroot jail using jsvc. I can run tomcat 
inside chroot by its self without any problems. I also can run tomcat 
using jsvc as various users outside of chroot. When I attempt to run 
tomcat with jsvc inside of a chroot jail, I get the folowing error 
message:

jsvc error: Invalid user name 'named' specified
No mater what user I specify I get the same error message. I assume 
that jsvc is getting an error when changing the processes uid. 
Obviously, I am missing user information inside my jail. I've tried 
adding copies of /etc/group, /etc/passwd and /etc/shadow but that 
didn't work. (not really surprised).

So, how are users verified and what do I need to do to get them 
rcognized in the chroot jail?

Glen Ezkovich
HardBop Consulting
glen at hard-bop.com
http://www.hard-bop.com - new and improved site coming soon

A Proverb for Paranoids:
If they can get you asking the wrong questions, they don't have to 
worry about answers.
- Thomas Pynchon Gravity's Rainbow

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: linux, tomcat5, jsvc, chroot and jsvc error:Invalid user name 'nobody' specified

2004-09-19 Thread QM 
On Sun, Sep 19, 2004 at 05:24:02PM -0500, Glen Ezkovich wrote:
: I'm trying to run tomcat in chroot jail using jsvc. I can run tomcat
: inside chroot by its self without any problems. I also can run tomcat
: using jsvc as various users outside of chroot. When I attempt to run
: tomcat with jsvc inside of a chroot jail, I get the folowing error
: message:
:
: jsvc error: Invalid user name 'named' specified
: [snip]
: Obviously, I am missing user information inside my jail. I've tried
: adding copies of /etc/group, /etc/passwd and /etc/shadow but that
: didn't work. (not really surprised).

There's more to recognizing user info than just passwd and shadow; apps
these days make calls through system libraries rather than process those
files directly.

Start with {chroot}/etc/nsswitch.conf: what's in there?  In turn, the
calls that load nsswitch.conf will likely involve a trip through the 
resolver libraries (/lib/libnss_*)... You could start there and see what
else comes up.

I've found it invaluable to (temporarily) install strace under the
chroot area to see what files programs try to open behind the scenes.

-QM

-- 

software  -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]