I have a problem with /proc in chrooted environment:
- Code: Select all
# ls -la /disk2/vpn/proc/
total 8
drwxr-xr-x 2 root root 4096 Dec 15 2004 .
drwxr-xr-x 21 root root 4096 Dec 1 23:00 ..
# mount -t proc none /disk2/vpn/proc/
# ls -al /disk2/vpn/proc/ | wc -l
259
# \chroot /disk2/vpn/
# ls -al /proc/ | wc -l
43
# ps auwx
Error, do this: mount -t proc none /proc
mount inside jail does nothing.
inner /proc contains update / cmdline / crypto / devices / etc, but it does not have any PIDs, even self:
- Code: Select all
# ls -al /proc/self
ls: /proc/self: No such file or directory
If I set kernel.grsecurity.chroot_findtask to 0 everything works, but users can see all the proccess.
2.6.19.1, grsecurity-2.1.9-2.6.19.1-200612121859