nginx Chroot Helper Bash Shell Script To Copy Libs To /lib64 and /usr/lib64

#!/bin/bash
set -e
# Use this script to copy shared (libs) files to nginx chrooted 
# jail server. This is tested on 64 bit Linux (Redhat and Friends only)
# ----------------------------------------------------------------------------
# Written by Vivek Gite <http://www.cyberciti.biz/>
# (c) 2006 nixCraft under GNU GPL v2.0+
# Last updated on: Apr/06/2010 by Vivek Gite
# ----------------------------------------------------------------------------
# + Added ld-linux support
# + Added error checking support
# + Added nginx suupport
# + Added for loop so that we can process all files on cmd
# ----------------------------------------------------------------------------
# See url for usage:
# https://www.cyberciti.biz/faq/howto-run-nginx-in-a-chroot-jail/
# ----------------------------------------------------------------------------
# Set CHROOT directory name
BASE="/nginx"
file="$@"
 
sync_suppot_libs(){
	local d="$1"         	# JAIL ROOT
	local pFILE="$2"        # copy bin file libs
	local files=""
	local _cp="/bin/cp"
 
	# get rid of blanks and (0x00007fff0117f000)
	files="$(ldd $pFILE |  awk '{ print $3 }' | sed -e '/^$/d' -e '/(*)$/d')"
 
	for i in $files
	do 
	  dcc="${i%/*}"	# get dirname only
	  [ ! -d ${d}${dcc} ] && mkdir -p ${d}${dcc}
	  ${_cp} -f $i ${d}${dcc}
	done
 
	# Works with 32 and 64 bit ld-linux
	sldl="$(ldd $pFILE | grep 'ld-linux' | awk '{ print $1}')"
	sldlsubdir="${sldl%/*}"
	[ ! -f ${d}${sldl} ] && ${_cp} -f ${sldl} ${d}${sldlsubdir}
}
 
usage(){
	echo "Syntax : $0 /usr/local/nginx/sbin/nginx"
	echo "Example: $0 /usr/bin/php5-cgi"
	exit 1
}
 
[ $# -eq 0 ] && usage
[ ! -d $BASE ] && mkdir -p $BASE
 
# copy all files
for f in $file
do
	sync_suppot_libs "${BASE}" "${f}"
done
Get the latest tutorials on SysAdmin, Linux/Unix, Open Source, and DevOps topics:
CategoryList of Unix and Linux commands
File Management cat
Firewall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilities dig host ip nmap
OpenVPN CentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Manager apk apt
Processes Management bg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searching grep whereis which
User Information groups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPN CentOS 8 Debian 10 Firewall Ubuntu 20.04
2 comments… add one
  • Debrah Apr 21, 2011 @ 11:29

    I’m imerpssed! You’ve managed the almost impossible.

  • Rahul Panwar Jul 22, 2010 @ 10:55

    Hi,

    I am using this script to prepare the jail root for SSH users. It is working fine if any given command’s lib does not already exist in the BASE dir. But if any file already exist it does not accept the multiple commands as argument, it exit after existing command.

    For example, if i execute this script as follows:
    n2chroot /bin/bash # It works fine
    n2chroot /bin/bash /bin/ls # It exit after /bin/bash as it was already exist there.

    Actually it exit from the function “sync_suppot_libs” when it found the any file already exist.

    When i change the last condition in function “sync_suppot_libs”
    [ ! -f ${d}${sldl} ] && ${_cp} -f ${sldl} ${d}${sldlsubdir}
    to
    if [ ! -f ${d}${sldl} ]; then
    ${_cp} -f ${sldl} ${d}${sldlsubdir}
    fi
    It start working properly.
    May be you want to change in your script also. I also add few more lines at the end of function “sync_suppot_libs” as follows:
    ==========================================
    #Copy the given file to the base directory
    dcc=”${pFILE%/*}” #get dirname for given file

    [ ! -d ${d}${dcc} ] && mkdir -p ${d}${dcc}
    # [ ! -f ${d}${pFILE} ] && ${_cp} -f ${pFILE} ${d}${pFILE}

    if [ ! -f ${d}${pFILE} ]; then
    ${_cp} -f ${pFILE} ${d}${pFILE}
    fi
    ==========================================

    Thanks & Regards,
    Rahul Panwar

Leave a Reply

Your email address will not be published. Required fields are marked *

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.