[Bug 703735] New: /usr/bin/chroot doesn't seem to work
https://bugzilla.novell.com/show_bug.cgi?id=703735 https://bugzilla.novell.com/show_bug.cgi?id=703735#c0 Summary: /usr/bin/chroot doesn't seem to work Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: All OS/Version: openSUSE 11.4 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: nice@titanic.nyme.hu QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 I tried the following on two dofferent openSUSE 11.4 boxes: su - mkdir foo cp -a --parents /bin/sash foo chroot /root/foo /bin/sash And the results are: chroot: failed to run command `/bin/sash': No such file or directory #########################x strace says this: chroot("/root/foo/") = 0 chdir("/") = 0 execve("/bin/sash", ["/bin/sash"], [/* 58 vars */]) = -1 ENOENT (No such file or directory) The exact same thing works on SLES11 SP1 even with openSUSE 11.4's chroot executable. When copying the chroot executable from SLES 11 SP1 to openSUSE 11.4, it still does not work. Because of this I thought that it's a kernel problem, but ntpd seems to be able to run chrooted well. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=703735 https://bugzilla.novell.com/show_bug.cgi?id=703735#c zj jia <zjjia@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |zjjia@novell.com AssignedTo|bnc-team-screening@forge.pr |pth@novell.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=703735 https://bugzilla.novell.com/show_bug.cgi?id=703735#c1 Philipp Thomas <pth@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #1 from Philipp Thomas <pth@novell.com> 2011-07-05 18:10:48 CEST --- There needs to be much more present in a chroot. You need all libraries required to run the programs and you need to bind mount /proc, /sys and /dev into the chroot environment. This is not a bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=703735 https://bugzilla.novell.com/show_bug.cgi?id=703735#c2 --- Comment #2 from Tamás Németh <nice@titanic.nyme.hu> 2011-07-06 08:55:56 UTC --- (In reply to comment #1)
There needs to be much more present in a chroot. You need all libraries required to run the programs and you need to bind mount /proc, /sys and /dev into the chroot environment. This is not a bug.
Yes, you're right. The problem is, that in openSUSE 11.4 /bin/sash is dynamically linked. But why? Earlier it was statical and it was enough to put it in the jail in itself. Isn't it a better approach for sash (standalone shell)? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=703735 https://bugzilla.novell.com/show_bug.cgi?id=703735#c3 Philipp Thomas <pth@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P4 - Low Status|RESOLVED |CLOSED --- Comment #3 from Philipp Thomas <pth@novell.com> 2011-07-06 12:23:07 CEST --- We're trying to get rid of statically linked binaries because they make maintenance harder. If a library that's linked in statically needs to be updated because of bugs you need to hunt down all binaries that link in this library and release updates for these too. Besides, statically linking in glibc only works completely if the binary doesn't use any name resolving functions like gethostbyname as a call to these will need the nss* libraries and these will always be loaded dynamically, even from a statically linked in glibc. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com