Chrooted services can't can't find respective user/group

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Chrooted services can't can't find respective user/group

Postby noth » Sun Apr 20, 2003 5:17 pm

Well the title says it all. Services such as apache squid and the like that start as root then drop to (ie. apache/apache) can't find user/group. I'm using the the standerd Gentoo kernel 2.4.20-r2, not sure which version of grsec it uses but it tends to be bleeding edge, so I would guess the latest release.
noth
 
Posts: 2
Joined: Sun Apr 20, 2003 5:09 pm

Postby goodbyte » Mon Apr 21, 2003 5:30 am

Have you made a copy of /etc/passwd to the chrooted jail? You probably need access to /etc/nsswitch.conf and /lib/libnss_* also.
Do you get any log entries?
goodbyte
 
Posts: 32
Joined: Sun May 12, 2002 4:33 am

Postby noth » Tue Apr 22, 2003 3:29 pm

goodbyte wrote:Have you made a copy of /etc/passwd to the chrooted jail? You probably need access to /etc/nsswitch.conf and /lib/libnss_* also.
Do you get any log entries?


Thanks this had been driving me nuts.
I had everything but the libs copied over....
noth
 
Posts: 2
Joined: Sun Apr 20, 2003 5:09 pm


Return to grsecurity support