| 1 | #!/bin/bash |
|---|
| 2 | |
|---|
| 3 | # |
|---|
| 4 | # Usage: ./create_chroot_env username |
|---|
| 5 | # |
|---|
| 6 | |
|---|
| 7 | # Here specify the apps you want into the enviroment |
|---|
| 8 | APPS="/usr/bin/env /usr/bin/who /bin/df /bin/cp /bin/ping /usr/bin/unzip /usr/bin/wget /usr/bin/ftp /usr/bin/dig /usr/bin/traceroute /usr/bin/host /bin/sh /bin/grep /bin/cat /usr/bin/pico /bin/gzip /bin/gunzip /bin/bash /bin/ls /bin/mkdir /bin/mv /bin/pwd /bin/rm /usr/bin/id /usr/bin/ssh /bin/ping /usr/bin/dircolors /usr/bin/less /usr/bin/tail /usr/bin/nslookup /usr/bin/resolveip /bin/tar /bin/ln /bin/chmod" |
|---|
| 9 | |
|---|
| 10 | # Sanity check |
|---|
| 11 | if [ "$1" = "" ] ; then |
|---|
| 12 | echo " Usage: ./create_chroot_env username" |
|---|
| 13 | exit |
|---|
| 14 | fi |
|---|
| 15 | |
|---|
| 16 | CHROOT_USERNAME=$1 |
|---|
| 17 | HOMEDIR=`grep /etc/passwd -e "^$CHROOT_USERNAME" | cut -d':' -f 6` |
|---|
| 18 | cd $HOMEDIR |
|---|
| 19 | |
|---|
| 20 | mkdir etc |
|---|
| 21 | mkdir bin |
|---|
| 22 | mkdir usr |
|---|
| 23 | mkdir usr/bin |
|---|
| 24 | mkdir lib |
|---|
| 25 | mkdir lib/terminfo |
|---|
| 26 | |
|---|
| 27 | echo "#!/bin/bash" > usr/bin/groups |
|---|
| 28 | echo "id -Gn" >> usr/bin/groups |
|---|
| 29 | |
|---|
| 30 | # Add some users to ./etc/paswd |
|---|
| 31 | grep /etc/passwd -e "^root" -e "^$CHROOT_USERNAME" > etc/passwd |
|---|
| 32 | grep /etc/group -e "^root" -e "^$CHROOT_USERNAME" > etc/group |
|---|
| 33 | |
|---|
| 34 | |
|---|
| 35 | if [ -x ${HOMEDIR}/ldlist ]; then |
|---|
| 36 | mv ${HOMEDIR}/ldlist ${HOMEDIR}/ldlist.bak |
|---|
| 37 | fi |
|---|
| 38 | |
|---|
| 39 | if [ -x ${HOMEDIR}/lddlist2 ]; then |
|---|
| 40 | mv ${HOMEDIR}/lddlist2 ${HOMEDIR}/lddlist2.bak |
|---|
| 41 | fi |
|---|
| 42 | |
|---|
| 43 | for app in $APPS; do |
|---|
| 44 | # First of all, check that this application exists |
|---|
| 45 | if [ -x $app ]; then |
|---|
| 46 | # Check that the directory exists; create it if not. |
|---|
| 47 | app_path=`echo $app | sed -e 's#\(.\+\)/[^/]\+#\1#'` |
|---|
| 48 | if ! [ -d .$app_path ]; then |
|---|
| 49 | mkdir -p .$app_path |
|---|
| 50 | fi |
|---|
| 51 | |
|---|
| 52 | # If the files in the chroot are on the same file system as the |
|---|
| 53 | # original files you should be able to use hard links instead of |
|---|
| 54 | # copying the files, too. Symbolic links cannot be used, because the |
|---|
| 55 | # original files are outside the chroot. |
|---|
| 56 | cp -p $app .$app |
|---|
| 57 | |
|---|
| 58 | # get list of necessary libraries |
|---|
| 59 | ldd $app >> ${HOMEDIR}/ldlist |
|---|
| 60 | fi |
|---|
| 61 | done |
|---|
| 62 | |
|---|
| 63 | # Clear out any old temporary file before we start |
|---|
| 64 | if [ -e ${HOMEDIR}/ldlist2 ]; then |
|---|
| 65 | rm ${HOMEDIR}/ldlist2 |
|---|
| 66 | fi |
|---|
| 67 | |
|---|
| 68 | for libs in `cat ${HOMEDIR}/ldlist`; do |
|---|
| 69 | frst_char="`echo $libs | cut -c1`" |
|---|
| 70 | if [ "$frst_char" = "/" ]; then |
|---|
| 71 | echo "$libs" >> ${HOMEDIR}/ldlist2 |
|---|
| 72 | fi |
|---|
| 73 | done |
|---|
| 74 | |
|---|
| 75 | for lib in `cat ${HOMEDIR}/ldlist2`; do |
|---|
| 76 | mkdir -p .`dirname $lib` > /dev/null 2>&1 |
|---|
| 77 | |
|---|
| 78 | # If the files in the chroot are on the same file system as the original |
|---|
| 79 | # files you should be able to use hard links instead of copying the files, |
|---|
| 80 | # too. Symbolic links cannot be used, because the original files are |
|---|
| 81 | # outside the chroot. |
|---|
| 82 | cp $lib .$lib |
|---|
| 83 | done |
|---|
| 84 | |
|---|
| 85 | # |
|---|
| 86 | # Now, cleanup the 2 files we created for the library list |
|---|
| 87 | # |
|---|
| 88 | /bin/rm -f ${HOMEDIR}/ldlist |
|---|
| 89 | /bin/rm -f ${HOMEDIR}/ldlist2 |
|---|
| 90 | |
|---|
| 91 | cp /lib/libnss_compat.so.2 /lib/libnsl.so.1 /lib/libnss_files.so.2 ./lib/ |
|---|
| 92 | cp -R /lib/terminfo/* ./lib/terminfo/ |
|---|
| 93 | cp /etc/profile ./etc/ |
|---|
