To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

Chroot: Difference between revisions

From ZNC
Jump to navigation Jump to search
>Juvenal
m fix error in command specified to copy executables to chroot
MAGIC (talk | contribs)
Update to latest version provided by archive.org
 
Line 1: Line 1:
{{ambox|type=serious|text=
{{ambox|type=speedy|text=
This tutorial and the script are intended for '''advanced users''' only who actually know what '''chroot''' does!
This tutorial and the script are intended for '''advanced users''' only who actually know what '''chroot''' does!
}}
}}
Line 94: Line 94:
And stop it with:
And stop it with:
  start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --stop --exec /usr/local/bin/znc
  start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --stop --exec /usr/local/bin/znc
[[de:Chroot]]

Latest revision as of 20:00, 31 March 2017

This article describes how to run ZNC in a chroot-environment on Debian.

1. Compile and install ZNC normally.

Details: Installation

2. Add a new user for ZNC

Example: bouncer

adduser bouncer

3. Login as "bouncer" and configure ZNC normally for this user.

Details: Configuration

4. Change back to "root" and create a directory for the chroot environment.

Example: /var/chroot/

mkdir /var/chroot

5. Create the following subdirectories:

/var/chroot/ +

etc/
dev/
usr/
usr/lib/
usr/local/share
usr/local/bin
usr/local/lib
lib/
home/
home/bouncer

6. Change into the newly created "home"-directory and run:

chown bouncer:bouncer bouncer

7. Change into the newly created "dev"-directory and run:

mknod -m 644 random c 1 8
mknod -m 644 urandom c 1 9
mknod -m 666 null c 1 3

8. Run "ldd znc" to get the names of the needed libs.

Example:

linux-gate.so.1 =>  ()
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 ()
libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 ()
libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 ()
libstdc++.so.6 => /usr/lib/libstdc++.so.6 ()
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 ()
libgcc_s.so.1 => /lib/libgcc_s.so.1 ()
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 ()
/lib/ld-linux.so.2 ()
libz.so.1 => /usr/lib/libz.so.1 ()

9. Copy all needed files.

cp /lib/mylibname /var/chroot/lib/
cp /usr/lib/mylibname /var/chroot/usr/lib/

Be sure that you missed no file!

10. You need to copy the following files to get DNS working.

/etc/hosts
/etc/resolv.conf
/lib/libnss_dns.so.2 (May also be somewhere else, ask locate)
/lib/libresolv.so.2 (May also be somewhere else, ask locate)

11. Copy ZNC files.

cp /usr/local/bin/znc* /var/chroot/usr/local/bin/
cp -r /usr/local/share/znc /var/chroot/usr/local/share/
cp -r /usr/local/lib/znc /var/chroot/usr/local/lib/

12. Change to "bouncer" user and copy config files.

cp -r /home/bouncer/.znc /var/chroot/home/bouncer/

13. Change to "root" user.

You now can start ZNC with:

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --start --exec /usr/local/bin/znc

And stop it with:

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --stop --exec /usr/local/bin/znc