[CentOS] /bin/su wont work inside a chroot?

Jason Pyeron jpyeron at pdinc.us
Sun Aug 1 15:52:04 UTC 2010


> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of Jason Pyeron
> Sent: Sunday, August 01, 2010 11:01
> To: 'CentOS mailing list'
> Subject: Re: [CentOS] /bin/su wont work inside a chroot?
> 
> > -----Original Message-----
> > From: centos-bounces at centos.org
> > [mailto:centos-bounces at centos.org] On Behalf Of Jason Pyeron
> > Sent: Sunday, August 01, 2010 10:34
> > To: 'CentOS mailing list'
> > Subject: [CentOS] /bin/su wont work inside a chroot?
> > 
> > On centos 4 (i386 chroot on an x86_64) it just prompts me for a 
> > password.
> > 
> > Any suggesstion on where to start looking?
> 
> So my hack will not work either...
> 
> [root at devserver21 ~]# echo 0 >/selinux/enforce
> [root at devserver21 ~]# chroot /var/mnt/192.168.1.52
> [root at devserver21 /]# passwd apache
> passwd: user_u:system_r:initrc_t is not authorized to change 
> the password of apache
> [root at devserver21 /]#

I think my solution is to use
http://ftp.gnu.org/gnu/coreutils/coreutils-8.5.tar.gz and create a
~/bin/newchroot

I think I am on my way, but why can I not su in a chroot???

[root at devserver21 coreutils-8.5]# ./src/chroot --help
Usage: ./src/chroot [OPTION] NEWROOT [COMMAND [ARG]...]
  or:  ./src/chroot OPTION
Run COMMAND with root directory set to NEWROOT.

  --userspec=USER:GROUP  specify user and group (ID or name) to use
  --groups=G_LIST        specify supplementary groups as g1,g2,..,gN
      --help     display this help and exit
      --version  output version information and exit

If no command is given, run ``${SHELL} -i'' (default: /bin/sh).

Report chroot bugs to bug-coreutils at gnu.org
GNU coreutils home page: <http://www.gnu.org/software/coreutils/>
General help using GNU software: <http://www.gnu.org/gethelp/>
For complete documentation, run: info coreutils 'chroot invocation'
[root at devserver21 coreutils-8.5]# exit
[root at devserver21 ~]# cp /var/mnt/192.168.1.52/tmp/coreutils-8.5/./src/chroot
~/bin/newchroot
[root at devserver21 ~]# newchroot --userspec=apache:apache /var/mnt/192.168.1.52
[apache at devserver21 /]$ cd /usr/src/redhat/
[apache at devserver21 redhat]$ rpmbuild -ba SPECS/subversion.spec
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.63999



--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.





More information about the CentOS mailing list