This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.

For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

problem with suid + environment variable

Old posts that have not been replied to for several years.
Locked
L
Levi

problem with suid + environment variable

Post by Levi »

I want to run my eggdrop in a chroot-jail. For this reason I have set the suid-flag and start it from root.

But now it doesn't recognize the LD_LIBRARY_PATH variable anymore (it IS set for both user) and therefore doesn't find the tcl-library ( error while loading shared libraries: libtcl8.4.so: cannot open shared object file: No such file or directory ).

Starting it without suid works, but as user I can't execute chroot and as root I can't start eggdrop :-?

How do I pass this environment variable to a suid'd file or let it find on another way (simply copying it into the eggdrop diretory doesn't work also)


Levi
Top
p
ppslim
Revered One
Posts: 3914
Joined: Sun Sep 23, 2001 8:00 pm
Location: Liverpool, England

Post by ppslim »

Are your sure the path in the ENV variable is available within the chroot-jail?
Top
L
Levi

Post by Levi »

I now solved the problem with a little code-hacking and without suid.

-> http://forum.egghelp.org/viewtopic.php?t=1266

Code: Select all

diff -burN eggdrop1.6.9/src/chroot.h eggdrop1.6.9+chroot/src/chroot.h
--- eggdrop1.6.9/src/chroot.h	Wed Dec 31 18:00:00 1969
+++ eggdrop1.6.9+chroot/src/chroot.h	Fri Mar 15 17:29:23 2002
@@ -0,0 +1,11 @@
+
+/* Change these to the proper uid/gid */
+uid_t   uid  = 568;
+gid_t   gid  = 568;
+
+/* Change this to where the chroot is */
+char    *dir = "/chroot";
+
+/* Change this to the directory the bot will run outta */
+char    *eggdir = "/chroot/eggdrop";
+
diff -burN eggdrop1.6.9/src/main.c eggdrop1.6.9+chroot/src/main.c
--- eggdrop1.6.9/src/main.c	Tue Jan 15 21:24:17 2002
+++ eggdrop1.6.9+chroot/src/main.c	Fri Mar 15 17:30:35 2002
@@ -51,6 +51,7 @@
 #include "modules.h"
 #include "tandem.h"
 #include "bg.h"
+#include "chroot.h"
 
 #ifdef CYGWIN_HACKS
 #include <windows.h>
@@ -692,6 +693,15 @@
   FILE *f;
   struct sigaction sv;
   struct chanset_t *chan;
+
+  if (chdir(eggdir))
+    fatal("ERROR: cannot chdir.", 0);
+  else if(chroot(dir))
+    fatal ("ERROR: chroot failed.", 0);
+  else if(setgid(gid))   
+    fatal ("ERROR: setgid failed.", 0);
+  else if (setuid(uid))
+    fatal ("ERROR: setuid failed.", 0);
 
 #ifdef DEBUG_MEM
   /* Make sure it can write core, if you make debug. Else it's pretty
(woks in 1.6.15 as well) recompiling and now it's back on track in its own little chroot :)


Levi
Top
Locked

Return to “Archive”