为什么 chroot 不工作?
作为我真正问题的替代:有人知道一个简单的命令行工具来创建 chroot 监狱吗?我正在考虑运行命令并将其运行所需的所有内容复制到给定目录中的东西。我看到了一些工具的说明,但它有配置文件,并且似乎希望我从 X 启动它,而这些都不适合我的情况。
对于真正的问题:
我正在尝试建立一个 chroot 监狱,但它不起作用。这就是我在 strace 命令时得到的结果:
bcs@builder:~/dmd$ sudo strace sudo chroot /home/bcs/dmd/ /usr/bin/make -C src linux.mak
...
chroot("/home/bcs/dmd/") = 0
chdir("/") = 0
execve("/usr/bin/make", ["/usr/bin/make", "-C", "src", "-f", "linux.mak"], [/* 13 vars */]) = -1 ENOENT (No such file or directory)
write(2, "chroot: ", 8chroot: ) = 8
write(2, "cannot run command `/usr/bin/mak"..., 34cannot run command `/usr/bin/make') = 34
write(2, ": No such file or directory", 27: No such file or directory) = 27
write(2, "\n", 1
) = 1
close(1) = 0
close(2) = 0
exit_group(127) = ?
bcs@builder:~/dmd$ ll /home/bcs/dmd/usr/bin/make
-rwxr-xr-x 1 bcs bcs 166112 Sep 17 00:41 /home/bcs/dmd/usr/bin/make*
chroot 似乎找不到 make,尽管它应该在那里。我有什么想法吗?
顺便说一句:这是在最近的 Ubuntu 盒子上。
As an alternately to my real question: does anyone know of a simple command line tool to make a chroot jail? I'm thinking something that will run a command and copy everything it needs to run into a given directory. I saw some directions for a tool but it had config files and seemed to be expecting me to launch it from X and neither of those work for my case.
And for the real question:
I'm trying to build a chroot jail and it's not working. This is what I get when I strace the command:
bcs@builder:~/dmd$ sudo strace sudo chroot /home/bcs/dmd/ /usr/bin/make -C src linux.mak
...
chroot("/home/bcs/dmd/") = 0
chdir("/") = 0
execve("/usr/bin/make", ["/usr/bin/make", "-C", "src", "-f", "linux.mak"], [/* 13 vars */]) = -1 ENOENT (No such file or directory)
write(2, "chroot: ", 8chroot: ) = 8
write(2, "cannot run command `/usr/bin/mak"..., 34cannot run command `/usr/bin/make') = 34
write(2, ": No such file or directory", 27: No such file or directory) = 27
write(2, "\n", 1
) = 1
close(1) = 0
close(2) = 0
exit_group(127) = ?
bcs@builder:~/dmd$ ll /home/bcs/dmd/usr/bin/make
-rwxr-xr-x 1 bcs bcs 166112 Sep 17 00:41 /home/bcs/dmd/usr/bin/make*
it seems that the chroot can't find make even though it should be there. Any ideas what I'm missing?
BTW: This is on a recent Ubuntu box.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您可能没有可供制作的加载程序和/或共享库。例如,在我的系统(64 位 Debian sid)上,make 需要这样:
您需要在 chroot 中提供所有这些文件(或 make 的等效文件)。
You probably do not have the loader and/or shared libraries available to make. For instance, on my system (64-bit Debian sid), make needs this:
You need to have all those files (or equivalent for your make) available in your chroot.
可能有点晚了,但您要求的是这样的脚本。例如,您可以使用以下命令进行测试:
您将拥有一个包含
sh和ls的最小环境。当然,您可以添加更多可执行文件以获得更完整的rootfs。它基本上可以工作,但我正在使用
mksquashfs测试它,它似乎对libgcc_s.so.1视而不见。它没有被任何其他库动态链接,因此脚本看不到它,我收到此错误。Probably a little bit late, but what you're asking for is a script like this. For example, you can test it with:
And you'll have a minimal environment with
shandls. Of course, you can add more executables to have a more completerootfs.It mostly works, but I'm testing it with
mksquashfsand it seems to be blind tolibgcc_s.so.1. It's not dynamically linked by any other library so the script doesn't see it and I get this error.