Talk:Running glibc programs: Difference between revisions
No edit summary |
No edit summary |
||
Line 11: | Line 11: | ||
And the download links for archlinux are not working because they forward wget to an https url. | And the download links for archlinux are not working because they forward wget to an https url. | ||
maybe this is some limitation in the default wget version. If i figure it out i'll do updates on this. | maybe this is some limitation in the default wget version. If i figure it out i'll do updates on this. | ||
Wrapper version: | |||
"""localhost:/usr/bin# cat MegaCli | |||
#!/bin/bash | |||
KEYS="kernel.grsecurity.chroot_caps kernel.grsecurity.chroot_deny_chmod kernel.grsecurity.chroot_deny_chroot kernel.grsecurity.chroot_deny_fchdir \ | |||
kernel.grsecurity.chroot_deny_mknod kernel.grsecurity.chroot_deny_mount kernel.grsecurity.chroot_deny_pivot kernel.grsecurity.chroot_deny_shmat \ | |||
kernel.grsecurity.chroot_deny_sysctl kernel.grsecurity.chroot_deny_unix kernel.grsecurity.chroot_enforce_chdir kernel.grsecurity.chroot_findtask \ | |||
kernel.grsecurity.chroot_restrict_nice" | |||
for key in $KEYS ; do | |||
sysctl -w ${key}=0 1>/dev/null | |||
done | |||
export CHROOT=/debian | |||
user=$(whoami) | |||
if [ "$user" != "root" ];then | |||
echo "This script needs root access" | |||
exit | |||
fi | |||
mount -t proc proc $CHROOT/proc/ | |||
mount --bind /dev/ $CHROOT/dev/ | |||
mount --bind /sys/ $CHROOT/sys/ | |||
#we may need dev and maybe proc too to use this program | |||
chroot $CHROOT /opt/MegaRAID/MegaCli/MegaCli $@ | |||
umount $CHROOT/proc | |||
umount $CHROOT/dev | |||
umount $CHROOT/sys | |||
""" |
Revision as of 18:48, 11 July 2014
I thought about the MegaCli wrapper.
It should be possible to make it read the name it was called by and then launch the respective program
(i.e. symlink any to-be-wrapped command to /var/lib/glibcstuff ...)
that way you get along with one wrapper script and symlinks to it in /usr/bin.
Another thing I couldnt figure is if it's important to use all 32bit versions?
And the download links for archlinux are not working because they forward wget to an https url. maybe this is some limitation in the default wget version. If i figure it out i'll do updates on this.
Wrapper version:
"""localhost:/usr/bin# cat MegaCli
- !/bin/bash
KEYS="kernel.grsecurity.chroot_caps kernel.grsecurity.chroot_deny_chmod kernel.grsecurity.chroot_deny_chroot kernel.grsecurity.chroot_deny_fchdir \
kernel.grsecurity.chroot_deny_mknod kernel.grsecurity.chroot_deny_mount kernel.grsecurity.chroot_deny_pivot kernel.grsecurity.chroot_deny_shmat \
kernel.grsecurity.chroot_deny_sysctl kernel.grsecurity.chroot_deny_unix kernel.grsecurity.chroot_enforce_chdir kernel.grsecurity.chroot_findtask \
kernel.grsecurity.chroot_restrict_nice"
for key in $KEYS ; do
sysctl -w ${key}=0 1>/dev/null
done
export CHROOT=/debian
user=$(whoami)
if [ "$user" != "root" ];then
echo "This script needs root access"
exit
fi
mount -t proc proc $CHROOT/proc/
mount --bind /dev/ $CHROOT/dev/
mount --bind /sys/ $CHROOT/sys/
- we may need dev and maybe proc too to use this program
chroot $CHROOT /opt/MegaRAID/MegaCli/MegaCli $@ umount $CHROOT/proc umount $CHROOT/dev umount $CHROOT/sys """