| 1 |
#!/bin/bash |
|---|
| 2 |
|
|---|
| 3 |
# |
|---|
| 4 |
# Usage: ./create_chroot_env username |
|---|
| 5 |
# |
|---|
| 6 |
|
|---|
| 7 |
# Here specify the apps you want into the enviroment |
|---|
| 8 |
APPS="/usr/bin/env /usr/bin/who /bin/df /bin/cp /bin/ping /usr/bin/unzip /usr/bin/wget /usr/bin/ftp /usr/bin/dig /usr/bin/traceroute /usr/bin/host /bin/sh /bin/grep /bin/cat /usr/bin/pico /bin/gzip /bin/gunzip /bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh /bin/ping /usr/bin/dircolors /usr/bin/less /usr/bin/tail /usr/bin/nslookup /usr/bin/resolveip /bin/tar /bin/ln /bin/chmod" |
|---|
| 9 |
|
|---|
| 10 |
# Sanity check |
|---|
| 11 |
if [ "$1" = "" ] ; then |
|---|
| 12 |
echo " Usage: ./create_chroot_env username" |
|---|
| 13 |
exit |
|---|
| 14 |
fi |
|---|
| 15 |
|
|---|
| 16 |
CHROOT_USERNAME=$1 |
|---|
| 17 |
HOMEDIR=`grep /etc/passwd -e "^$CHROOT_USERNAME" | cut -d':' -f 6` |
|---|
| 18 |
cd $HOMEDIR |
|---|
| 19 |
|
|---|
| 20 |
mkdir etc |
|---|
| 21 |
mkdir bin |
|---|
| 22 |
mkdir usr |
|---|
| 23 |
mkdir usr/bin |
|---|
| 24 |
mkdir lib |
|---|
| 25 |
mkdir lib/terminfo |
|---|
| 26 |
|
|---|
| 27 |
echo "#!/bin/bash" > usr/bin/groups |
|---|
| 28 |
echo "id -Gn" >> usr/bin/groups |
|---|
| 29 |
|
|---|
| 30 |
# Add some users to ./etc/paswd |
|---|
| 31 |
grep /etc/passwd -e "^root" -e "^$CHROOT_USERNAME" > etc/passwd |
|---|
| 32 |
grep /etc/group -e "^root" -e "^$CHROOT_USERNAME" > etc/group |
|---|
| 33 |
|
|---|
| 34 |
|
|---|
| 35 |
if [ -x ${HOMEDIR}/ldlist ]; then |
|---|
| 36 |
mv ${HOMEDIR}/ldlist ${HOMEDIR}/ldlist.bak |
|---|
| 37 |
fi |
|---|
| 38 |
|
|---|
| 39 |
if [ -x ${HOMEDIR}/lddlist2 ]; then |
|---|
| 40 |
mv ${HOMEDIR}/lddlist2 ${HOMEDIR}/lddlist2.bak |
|---|
| 41 |
fi |
|---|
| 42 |
|
|---|
| 43 |
for app in $APPS; do |
|---|
| 44 |
# First of all, check that this application exists |
|---|
| 45 |
if [ -x $app ]; then |
|---|
| 46 |
# Check that the directory exists; create it if not. |
|---|
| 47 |
app_path=`echo $app | sed -e 's#\(.\+\)/[^/]\+#\1#'` |
|---|
| 48 |
if ! [ -d .$app_path ]; then |
|---|
| 49 |
mkdir -p .$app_path |
|---|
| 50 |
fi |
|---|
| 51 |
|
|---|
| 52 |
# If the files in the chroot are on the same file system as the |
|---|
| 53 |
# original files you should be able to use hard links instead of |
|---|
| 54 |
# copying the files, too. Symbolic links cannot be used, because the |
|---|
| 55 |
# original files are outside the chroot. |
|---|
| 56 |
cp -p $app .$app |
|---|
| 57 |
|
|---|
| 58 |
# get list of necessary libraries |
|---|
| 59 |
ldd $app >> ${HOMEDIR}/ldlist |
|---|
| 60 |
fi |
|---|
| 61 |
done |
|---|
| 62 |
|
|---|
| 63 |
# Clear out any old temporary file before we start |
|---|
| 64 |
if [ -e ${HOMEDIR}/ldlist2 ]; then |
|---|
| 65 |
rm ${HOMEDIR}/ldlist2 |
|---|
| 66 |
fi |
|---|
| 67 |
|
|---|
| 68 |
for libs in `cat ${HOMEDIR}/ldlist`; do |
|---|
| 69 |
frst_char="`echo $libs | cut -c1`" |
|---|
| 70 |
if [ "$frst_char" = "/" ]; then |
|---|
| 71 |
echo "$libs" >> ${HOMEDIR}/ldlist2 |
|---|
| 72 |
fi |
|---|
| 73 |
done |
|---|
| 74 |
|
|---|
| 75 |
for lib in `cat ${HOMEDIR}/ldlist2`; do |
|---|
| 76 |
mkdir -p .`dirname $lib` > /dev/null 2>&1 |
|---|
| 77 |
|
|---|
| 78 |
# If the files in the chroot are on the same file system as the original |
|---|
| 79 |
# files you should be able to use hard links instead of copying the files, |
|---|
| 80 |
# too. Symbolic links cannot be used, because the original files are |
|---|
| 81 |
# outside the chroot. |
|---|
| 82 |
cp $lib .$lib |
|---|
| 83 |
done |
|---|
| 84 |
|
|---|
| 85 |
# |
|---|
| 86 |
# Now, cleanup the 2 files we created for the library list |
|---|
| 87 |
# |
|---|
| 88 |
/bin/rm -f ${HOMEDIR}/ldlist |
|---|
| 89 |
/bin/rm -f ${HOMEDIR}/ldlist2 |
|---|
| 90 |
|
|---|
| 91 |
cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 ./lib/ |
|---|
| 92 |
cp -R /lib/terminfo/* ./lib/terminfo/ |
|---|
| 93 |
cp /etc/profile ./etc/ |
|---|
