<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2657.73">
<TITLE>chroot breakout (was: Xen 2.0 Virtual Machine)</TITLE>
</HEAD>
<BODY>
<BR>
<P><FONT SIZE=2>Brian Kelsay wrote:</FONT>
<BR><FONT SIZE=2>>jeremy@linuxwebguy.com wrote:</FONT>
<BR><FONT SIZE=2>>> On Sat, Nov 06, 2004 at 10:26:55PM -0600, David Nicol wrote:</FONT>
<BR><FONT SIZE=2>>> </FONT>
<BR><FONT SIZE=2>>>>Isn't UML the preferred way to do that?</FONT>
<BR><FONT SIZE=2>>> </FONT>
<BR><FONT SIZE=2>>> </FONT>
<BR><FONT SIZE=2>>> Have you tried to set UML up? =)</FONT>
</P>
<P><FONT SIZE=2>Yes. As long as you follow the docs and use the kosher kernel builds it isn't too painful. Time intensive, but not painful...</FONT></P>
<BR>
<P><FONT SIZE=2>>> I really liked VMware, but didn't seem to be very fast. I'm </FONT>
<BR><FONT SIZE=2>>> interested in trying out this Xen software. I'd like to be able to </FONT>
<BR><FONT SIZE=2>>> use linux test environments without having to reboot.</FONT>
<BR><FONT SIZE=2>>> </FONT>
<BR><FONT SIZE=2>></FONT>
<BR><FONT SIZE=2>>Have you tried to just chroot into another one?</FONT>
</P>
<P><FONT SIZE=2>For _a_ test environment, that's fine. But not for running multiple simultaneous test environments, or giving away root accounts. </FONT></P>
<P><FONT SIZE=2><A HREF="http://www.bpfh.net/simes/computing/chroot-break.html" TARGET="_blank">http://www.bpfh.net/simes/computing/chroot-break.html</A> </FONT>
</P>
<P><FONT SIZE=2>> To break out of a chroot()ed area, a program should do the following: </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> o Create a temporary directory in its current working directory </FONT>
<BR><FONT SIZE=2>> o Open the current working directory </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Note: only required if chroot() changes the calling program's working</FONT>
<BR><FONT SIZE=2>> directory. </FONT>
<BR><FONT SIZE=2>> o Change the root directory of the process to the temporary directory</FONT>
<BR><FONT SIZE=2>> using chroot(). </FONT>
<BR><FONT SIZE=2>> o Use fchdir() with the file descriptor of the opened directory to</FONT>
<BR><FONT SIZE=2>> move the current working directory outside the chroot()ed area. </FONT>
<BR><FONT SIZE=2>> </FONT>
<BR><FONT SIZE=2>> Note: only required if chroot() changes the calling program's working</FONT>
<BR><FONT SIZE=2>> directory. </FONT>
<BR><FONT SIZE=2>> o Perform chdir("..") calls many times to move the current working</FONT>
<BR><FONT SIZE=2>> directory into the real root directory. </FONT>
<BR><FONT SIZE=2>> o Change the root directory of the process to the current working</FONT>
<BR><FONT SIZE=2>> directory, the real root directory, using chroot(".") </FONT>
</P>
<P><FONT SIZE=2>--</FONT>
<BR><FONT SIZE=2>Garrett Goebel</FONT>
<BR><FONT SIZE=2>IS Development Specialist</FONT>
</P>
<P><FONT SIZE=2>ScriptPro Direct: 913.403.5261</FONT>
<BR><FONT SIZE=2>5828 Reeds Road Main: 913.384.1008</FONT>
<BR><FONT SIZE=2>Mission, KS 66202 Fax: 913.384.2180</FONT>
<BR><FONT SIZE=2>www.scriptpro.com garrett at scriptpro dot com</FONT>
</P>
</BODY>
</HTML>