To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

Chroot

From ZNC
Revision as of 01:42, 11 July 2012 by >Juvenal (fix error in command specified to copy executables to chroot)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
This message box is using an invalid "type=serious" parameter and needs fixing.

[[Category:Wikipedia message box parameter needs fixing|Template:Main otherChroot]]

This article describes how to run ZNC in a chroot-environment on Debian.

1. Compile and install ZNC normally.

Details: Installation

2. Add a new user for ZNC

Example: bouncer

adduser bouncer

3. Login as "bouncer" and configure ZNC normally for this user.

Details: Configuration

4. Change back to "root" and create a directory for the chroot environment.

Example: /var/chroot/

mkdir /var/chroot

5. Create the following subdirectories:

/var/chroot/ +

etc/
dev/
usr/
usr/lib/
usr/local/share
usr/local/bin
usr/local/lib
lib/
home/
home/bouncer

6. Change into the newly created "home"-directory and run:

chown bouncer:bouncer bouncer

7. Change into the newly created "dev"-directory and run:

mknod -m 644 random c 1 8
mknod -m 644 urandom c 1 9
mknod -m 666 null c 1 3

8. Run "ldd znc" to get the names of the needed libs.

Example:

linux-gate.so.1 =>  ()
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 ()
libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 ()
libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 ()
libstdc++.so.6 => /usr/lib/libstdc++.so.6 ()
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 ()
libgcc_s.so.1 => /lib/libgcc_s.so.1 ()
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 ()
/lib/ld-linux.so.2 ()
libz.so.1 => /usr/lib/libz.so.1 ()

9. Copy all needed files.

cp /lib/mylibname /var/chroot/lib/
cp /usr/lib/mylibname /var/chroot/usr/lib/

Be sure that you missed no file!

10. You need to copy the following files to get DNS working.

/etc/hosts
/etc/resolv.conf
/lib/libnss_dns.so.2 (May also be somewhere else, ask locate)
/lib/libresolv.so.2 (May also be somewhere else, ask locate)

11. Copy ZNC files.

cp /usr/local/bin/znc* /var/chroot/usr/local/bin/
cp -r /usr/local/share/znc /var/chroot/usr/local/share/
cp -r /usr/local/lib/znc /var/chroot/usr/local/lib/

12. Change to "bouncer" user and copy config files.

cp -r /home/bouncer/.znc /var/chroot/home/bouncer/

13. Change to "root" user.

You now can start ZNC with:

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --start --exec /usr/local/bin/znc

And stop it with:

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --stop --exec /usr/local/bin/znc

de:Chroot