On Thursday 09 June 2005 18:53, antoine wrote:
> On Thu, 2005-06-09 at 17:31 +0100, antoine wrote:
> > > > Now, if someone could have a look at hppfs I could resurect my
> > > > honeypots.
> > >
> > > I've not the time, however test the attached patches. The first one
> > > fixes the basical bugs; the second one could be needed to fix a fd
> > > leak... but I don't think it's needed at all, so test with only the
> > > first and let me know if the 2nd is needed, or if there are any
> > > problems (in that case, a ready-to-use hppfs configuration +
> > > explaination would be happily accepted, I've really little time now).
> >
> > Works fine with just the first patch. Thank you very much!
>
> Small correction: local file override works fine (files in the host's
> fake proc appear in the guest's /proc)
That is allowed, too? The daemon uses normal files only to forcibly "remove"
entries, while it uses sockets for the rest.
> but I can't get the honeypot.pl
> script to interact with it.
Ok, let's see... that script supplies the needed values and uses the libraries
in separate perl modules...
> So for now, I'll have to hardcode all the values I want to hide and hope
> that no software is going to rely on them.
> I've used the one that was previously working:
This is based on the one from the uml_utilities tarball.
Have you tested that his libraries are found / that the script works with a
2.4 UML, first?
Also, have you tested if it's the chroot and/or SELinux interacting? The
daemon communicates through a Unix domain socket when host contents are
supplied ... the base path is $ARGV[0], i.e. the first parameter...
> #
> # Copyright (C) 2002, 2003 Jeff Dike ([EMAIL PROTECTED])
> # Licensed under the GPL
> #
>
> use hppfs;
> use hppfslib;
> use strict;
>
> my $dir;
>
> @ARGV and $dir = $ARGV[0];
>
> my $hppfs = hppfs->new($dir);
>
> my $remove_filesystems = remove_lines("hppfs", "hostfs");
> my $remove_mtd_nbd_ubd = remove_lines("mtd", "nbd", "ubd");
>
> # Need to be able to add directories, i.e. driver, bus/pci
> # partitions needs work
> # slabinfo if UML ever uses the slab cache for anything
>
> $hppfs->add("dma" => proc("dma"),
> "devices" => remove_lines("ubd"),
> "exitcode" => "remove",
> "diskstats" => "remove",
> "devices" => $remove_mtd_nbd_ubd,
> "filesystems" => $remove_filesystems,
> "interrupts" => "remove",
> "iomem" => proc("iomem"),
> "mm" => "remove",
> "ioports" => proc("ioports"),
> "kcore" => "remove",
> "mounts" => $remove_filesystems,
> "misc" => "remove",
> "pid/mounts" => $remove_filesystems,
> "partitions" => "remove",
> "stat" => proc("stat"),
> "uptime" => proc("uptime"),
> dup_proc_dir("bus", $dir) );
>
> $hppfs->handler();
--
Inform me of my mistakes, so I can keep imitating Homer Simpson's "Doh!".
Paolo Giarrusso, aka Blaisorblade (Skype ID "PaoloGiarrusso", ICQ 215621894)
http://www.user-mode-linux.org/~blaisorblade
___________________________________
Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB
http://mail.yahoo.it
-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games. How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r=20
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel
