|
From: | Olivier Sessink |
Subject: | Re: [Jailkit-users] chroot nxserver |
Date: | Mon, 17 Mar 2008 08:31:03 +0100 |
User-agent: | Thunderbird 2.0.0.12 (X11/20080227) |
Hi wrote:
I am now crossposting to both the freenx list and the jailkit list.
I can probably only answer on the jailkit list. We'll see.
Yes the paths are all wrong as to what is currently inthe jail for executables. That was a given I missed. Adjusting the paths to the correct version off the GPLnxserver I am using (still working on that). What is the paths_w_owner option?
see `man jk_init`those files/directories are copied while retaining their ownership. All files/directories that are in 'paths' become owned by root:root
So your saying I should jk_jailuser -j /home/jail nx
yup.
So then after appending proper paths to the jk_ini files I should also add... [nx] comment = NX jail for the nx daemonuser = nx, nobdy group = nx, nogroupexecutables = #With the proper paths for the software versions I am running) directories = /usr/NX (Proper Directories as well) includesections = uidbasics, netbasics, logbasics, ssh, basicshell,extendedshell, chown, mount, umount, xauth, xterm, xclock, which,xfonts, expr, tee, xset, dirname, hostname, basename devices = /dev/null (can I add /dev/none here?)
`executables` and `directories` are deprecated options, see the jk_init manual. You need `paths` and `paths_w_owner`
Well I know it is running outside the jail for sure.
I'm pretty sure that both user nx and the final user must be in the same jail because they share some files. Correct me if I'm wrong.
[..]
Yes using jk_cp makes the permissions different.
see `man jk_cp`. use option -o or --owner to retain the ownership > I
have changed them to match what is outside the jail. Someone on the freenx list must have done this by now.I have scanned all two years worth of the unsearchable list for chroot with 0 occurances. A guide should be made. For one thing I'm not using no machine directory structure. address@hidden nx]# ./nxserver --Version NX> 100 NXSERVER - Version 1.5.0-60 OS (GPL) NX> 500 Error: Function --Version not implemented yet. NX> 999 Bye which does work just fine.
now try `chroot <yourjail>` as root and give the same command. Does it still work as expected?
regards, Olivier
[Prev in Thread] | Current Thread | [Next in Thread] |