[CentOS] /bin/su wont work inside a chroot?

Sun Aug 1 17:22:43 UTC 2010
Jason Pyeron <jpyeron at pdinc.us>

> -----Original Message-----
> From: centos-bounces at centos.org 
> [mailto:centos-bounces at centos.org] On Behalf Of JohnS
> Sent: Sunday, August 01, 2010 12:30
> To: CentOS mailing list
> Subject: Re: [CentOS] /bin/su wont work inside a chroot?
> 
> 
> On Sun, 2010-08-01 at 16:20 +0000, Dave Miller wrote:
> > Jason Pyeron <jpyeron at ...> writes:
> > 
> > > 
> > > On centos 4 (i386 chroot on an x86_64) it just prompts me 
> for a password.
> > > 
> > > Any suggesstion on where to start looking?
> > > 
> > > --
> > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > > -                                                               -
> > > - Jason Pyeron                      PD Inc. http://www.pdinc.us -
> > > - Principal Consultant              10 West 24th Street #100    -
> > > - +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
> > > -                                                               -
> > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > > This message is copyright PD Inc, subject to license 20080407P00.
> > > 
> > 
> > Just as a guess, you need to have an appropriate sudoers 
> file in the 

Curious, I am trying to use su not sudo...

> > correct location relative to the chrooted root.  Pulling some 
> > information from one of your follow up posts, that would be:
> > 
> > /var/mnt/192.168.1.52/etc/sudoers
> > 
> > Once you chroot, programs look for files in their normal 
> locations but 
> > relative to whatever the new root is.
> > 
> > Cheers,
> > Dave
> ---
> Or be dirty and symlink it out to the main root 
> /etc/sudoers...of which may create your security problem in 
> present.....tense

[root at devserver21 etc]# cat sudoers
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#

# Host alias specification

# User alias specification

# Cmnd alias specification

# Defaults specification

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
# %wheel        ALL=(ALL)       ALL

# Same thing without a password
# %wheel        ALL=(ALL)       NOPASSWD: ALL

# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now

[root at devserver21 etc]# sudo su -l apache
failed to get default context
[root at devserver21 etc]# sudo su apache
failed to get default context
[root at devserver21 etc]# sudo
[root at devserver21 etc]#



--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.