[arch-dev-public] Introducing capchroot
I don't know if you use dchroot or schroot. They're both tools that let a user chroot to a different directory. dchroot was easy to configure, but behaved weird: There was always some PAM message in the logs about 'su'. And it required root privileges through the setuid bit. dchroot is also discontinued. Now there is schroot. It seems awfully bloated, has unnecessary features like mounting filesystems when chrooting, running linux32 and whatnot. Configuration is complex, and it also has some weird interaction with PAM. schroot, like dchroot, requires root privileges through the setuid bit. I need a tool like this frequently, and was fed up with the above two. So I wrote my own. Features: - Lets an unprivileged user chroot to directories defined in /etc/capchroot.allow - Does nothing more than chroot, chdir and exec a program or shell, really! - Does not require root privileges, but only a kernel >=2.6.24, a filesystem with xattr support and the cap_sys_chroot capability set on its executable. This way, the only possible security problem is that a programming error might allow a user to bypass the restrictions in capchroot.allow and chroot to an arbitrary directory. I use it in a script like this: #!/bin/sh exec linux32 capchroot -d $PWD /mnt/arch32 -- "$@" My /home is mounted in /mnt/arch32/home, so changing the directory to $PWD after the chroot will actually work. Enough talk, if anyone finds it useful, here it is: http://dev.archlinux.org/~thomas/capchroot/ http://projects.archlinux.org/?p=users/thomas/capchroot.git;a=summary
participants (1)
-
Thomas Bächler