#!/bin/bash set -e # Use this script to copy shared (libs) files to nginx chrooted # jail server. This is tested on 64 bit Linux (Redhat and Friends only) # ---------------------------------------------------------------------------- # Written by Vivek Gite <http://www.cyberciti.biz/> # (c) 2006 nixCraft under GNU GPL v2.0+ # Last updated on: Apr/06/2010 by Vivek Gite # ---------------------------------------------------------------------------- # + Added ld-linux support # + Added error checking support # + Added nginx suupport # + Added for loop so that we can process all files on cmd # ---------------------------------------------------------------------------- # See url for usage: # http://www.cyberciti.biz/faq/howto-run-nginx-in-a-chroot-jail/ # ---------------------------------------------------------------------------- # Set CHROOT directory name BASE="/nginx" file="$@" sync_suppot_libs(){ local d="$1" # JAIL ROOT local pFILE="$2" # copy bin file libs local files="" local _cp="/bin/cp" # get rid of blanks and (0x00007fff0117f000) files="$(ldd $pFILE | awk '{ print $3 }' | sed -e '/^$/d' -e '/(*)$/d')" for i in $files do dcc="${i%/*}" # get dirname only [ ! -d ${d}${dcc} ] && mkdir -p ${d}${dcc} ${_cp} -f $i ${d}${dcc} done # Works with 32 and 64 bit ld-linux sldl="$(ldd $pFILE | grep 'ld-linux' | awk '{ print $1}')" sldlsubdir="${sldl%/*}" [ ! -f ${d}${sldl} ] && ${_cp} -f ${sldl} ${d}${sldlsubdir} } usage(){ echo "Syntax : $0 /usr/local/nginx/sbin/nginx" echo "Example: $0 /usr/bin/php5-cgi" exit 1 } [ $# -eq 0 ] && usage [ ! -d $BASE ] && mkdir -p $BASE # copy all files for f in $file do sync_suppot_libs "${BASE}" "${f}" done
4000+ howtos and counting! If you enjoyed this article, join 45000+ others and get free email updates!
- Download Script
- Email this to a friend
- Rss Feed
- Last Updated: 04/6/10
{ 2 comments… read them below or add one }
Hi,
I am using this script to prepare the jail root for SSH users. It is working fine if any given command’s lib does not already exist in the BASE dir. But if any file already exist it does not accept the multiple commands as argument, it exit after existing command.
For example, if i execute this script as follows:
n2chroot /bin/bash # It works fine
n2chroot /bin/bash /bin/ls # It exit after /bin/bash as it was already exist there.
Actually it exit from the function “sync_suppot_libs” when it found the any file already exist.
When i change the last condition in function “sync_suppot_libs”
[ ! -f ${d}${sldl} ] && ${_cp} -f ${sldl} ${d}${sldlsubdir}
to
if [ ! -f ${d}${sldl} ]; then
${_cp} -f ${sldl} ${d}${sldlsubdir}
fi
It start working properly.
May be you want to change in your script also. I also add few more lines at the end of function “sync_suppot_libs” as follows:
==========================================
#Copy the given file to the base directory
dcc=”${pFILE%/*}” #get dirname for given file
[ ! -d ${d}${dcc} ] && mkdir -p ${d}${dcc}
# [ ! -f ${d}${pFILE} ] && ${_cp} -f ${pFILE} ${d}${pFILE}
if [ ! -f ${d}${pFILE} ]; then
${_cp} -f ${pFILE} ${d}${pFILE}
fi
==========================================
Thanks & Regards,
Rahul Panwar
I’m imerpssed! You’ve managed the almost impossible.