jailkit-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Executing a plugin outside of jail as jailed user

From: Roger.Gottet
Subject: Re: [Jailkit-users] Executing a plugin outside of jail as jailed user
Date: Wed, 2 Aug 2017 10:46:12 +0000

Hi,

 

The testuser is a chroot user so he doesn’t see the real /, /bin, /usr/bin and all the filesystems. /home/jail is the root for this user.

When you run a df -k inside the jail you should see the only fs the user has, which is /home/jail > /. If the testuser is setup as a jail/chroot user.

 

From: Jailkit-users <jailkit-users-bounces+address@hidden> on behalf of "Jack Torres (AdmiralApricot)" <address@hidden>
Reply-To: "address@hidden" <address@hidden>
Date: Tuesday, 1 August 2017 at 20:56
To: "address@hidden" <address@hidden>
Subject: [Jailkit-users] Executing a plugin outside of jail as jailed user

 

Hello,

 

I’m trying to allow a jailed user to execute a plugin located outside of the jail and receive the output in jail. Since the jailed user can’t see out of jail, I copied the plugin (jk_cp) into the jail. However, when I execute this copied plugin in jail, it seems to be unable to generate any metrics (it’s the check_disk plugin from Nagios). Here’s what I see:

 

address@hidden ~]# /home/jail/plugins/usr/lib64/nagios/plugins/check_disk -w 20% -c 10%

DISK OK - free space: / 45105 MB (92% inode=99%); /dev 3901 MB (100% inode=99%); /dev/shm 3911 MB (100% inode=99%); /run 3887 MB (99% inode=99%); /sys/fs/cgroup 3911 MB (100% inode=99%); /boot 286 MB (57% inode=99%); /run/user/0 782 MB (100% inode=99%);| /=3474MB;38864;43722;0;48580 /dev=0MB;3120;3510;0;3901 /dev/shm=0MB;3128;3519;0;3911 /run=24MB;3128;3519;0;3911 /sys/fs/cgroup=0MB;3128;3519;0;3911 /boot=210MB;396;446;0;496 /run/user/0=0MB;625;703;0;782

address@hidden ~]# sudo su - testuser

Last login: Thu Jul 27 11:42:44 HST 2017 from x on pts/0

bash: id: command not found

bash: id: command not found

address@hidden ~]# /plugins/usr/lib64/nagios/plugins/check_disk -w 20% -c 10%                   

DISK UNKNOWN - free space:|

 

I’m assuming this could either be a permissions issue or a dependency issue. I see from jk_cp that a bunch of libraries were imported into the jail.

 

Here’s the list of commands that I ran to set up the jail:

 

jk_init -v /home/jail basicshell netutils ssh jk_lsh perl

useradd -d /home/testuser -m testuser -s /bin/bash

passwd testuser

jk_jailuser -m -j /home/jail testuser

jk_cp -v -f /home/jail /bin/bash

jk_update -j /home/jail

 

Is there anything more that I have to do in order to get this working to how I want it?

 

Thanks in advance!

 

reply via email to
[Prev in Thread] Current Thread [Next in Thread]