To create new wiki account, please join us on #znc at freenode and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

ZNC website has died on 29 March 2017, without fresh backups. Wiki is now back from dump of July 2015. Please help restoring the lost content.

Chroot

From ZNC
Jump to: navigation, search

This article describes how to run ZNC in a chroot-environment on Debian.

1. Compile and install ZNC normally.

Details: Installation

2. Add a new user for ZNC

Example: bouncer

adduser bouncer

3. Login as "bouncer" and configure ZNC normally for this user.

Details: Configuration

4. Change back to "root" and create a directory for the chroot environment.

Example: /var/chroot/

mkdir /var/chroot

5. Create the following subdirectories:

/var/chroot/ +

etc/
dev/
usr/
usr/lib/
usr/local/share
usr/local/bin
usr/local/lib
lib/
home/
home/bouncer

6. Change into the newly created "home"-directory and run:

chown bouncer:bouncer bouncer

7. Change into the newly created "dev"-directory and run:

mknod -m 644 random c 1 8
mknod -m 644 urandom c 1 9
mknod -m 666 null c 1 3

8. Run "ldd znc" to get the names of the needed libs.

Example:

linux-gate.so.1 =>  ()
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 ()
libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 ()
libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 ()
libstdc++.so.6 => /usr/lib/libstdc++.so.6 ()
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 ()
libgcc_s.so.1 => /lib/libgcc_s.so.1 ()
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 ()
/lib/ld-linux.so.2 ()
libz.so.1 => /usr/lib/libz.so.1 ()

9. Copy all needed files.

cp /lib/mylibname /var/chroot/lib/
cp /usr/lib/mylibname /var/chroot/usr/lib/

Be sure that you missed no file!

10. You need to copy the following files to get DNS working.

/etc/hosts
/etc/resolv.conf
/lib/libnss_dns.so.2 (May also be somewhere else, ask locate)
/lib/libresolv.so.2 (May also be somewhere else, ask locate)

11. Copy ZNC files.

cp /usr/local/bin/znc* /var/chroot/usr/local/bin/
cp -r /usr/local/share/znc /var/chroot/usr/local/share/
cp -r /usr/local/lib/znc /var/chroot/usr/local/lib/

12. Change to "bouncer" user and copy config files.

cp -r /home/bouncer/.znc /var/chroot/home/bouncer/

13. Change to "root" user.

You now can start ZNC with:

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --start --exec /usr/local/bin/znc

And stop it with:

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --stop --exec /usr/local/bin/znc