I need to be able to provide the /bin and /lib directories inside a chroot jail so that programs can dynamically link properly.
Is there a way to accomplish this without making a copy of the /bin and /lib dirs to the chroot jail?
I’ve tried symlinks, and they don’t work from inside chroot jails, and directories can not be hardlinked.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
You could use mount to remount the directories you need in your jail:
# mount --bind /bin /chroot/bin # mount --bind /lib /chroot/lib # chroot /chroot
For use in /etc/fstab:
/bin /chroot/bin none bind /lib /chroot/lib none bind
Cheers!
Method 2
If you didn’t want to mount the directories as jgr said, you can use cp to recursivly copy directories and create hardlinks for all files:
cp -alf /bin /chroot/bin cp -alf /lib /chroot/lib chroot /chroot
This way your chroot’s /bin and /lib can have slightly different structure / contents than the main directories.
Method 3
#!/bin/bash
copy_file_and_dependencies() {
PROGRAM="$1"
DEPENDENCIES="$(ldd "$PROGRAM" | awk '{ print $3 }' | grep -v '(' | grep -v 'not a dynamic executable')"
mkdir -p "${JAIL}$(dirname $PROGRAM)"
cp -Lv "$PROGRAM" "${JAIL}${PROGRAM}"
for f in $DEPENDENCIES; do
mkdir -p "${JAIL}$(dirname $f)"
cp -Lv "$f" "${JAIL}${f}"
done
}
export -f copy_file_and_dependencies
copy_file_and_dependencies /etc/ld.so.cache
copy_file_and_dependencies /bin/sh
# ...
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0