为什么不能Exec的chroot()后工作()? [英] Why doesn't exec() work after chroot()?
问题描述
我是用 EXEC - 家庭功能玩弄,我已经看到了真正奇怪的行为:他们似乎并不在工作的chroot ()系统调用。
I was playing around with exec-family functions and I've seen a really strange behavior: they don't seem to work after chroot() system call.
下面是从联机手册相关报价:
Here's a relevant Quote from manpages:
有关execlp特殊的语义()和execvp()
Special semantics for execlp() and execvp()
在execlp(),execvp()和execvpe()函数重复的动作
在查找,如果指定的文件名的可执行文件外壳
不包含斜杠(/)字符。该文件被寻求在
在PATH指定的目录路径名的冒号分隔的列表envi-
境变量。如果没有定义该变量,则路径列表
默认为当前目录随后的目录列表
由confstr(_CS_PATH)返回。 (此confstr(3)通常调用返回
值/ bin中:在/ usr / bin中。)
The execlp(), execvp(), and execvpe() functions duplicate the actions of the shell in searching for an executable file if the specified filename does not contain a slash (/) character. The file is sought in the colon-separated list of directory pathnames specified in the PATH envi‐ ronment variable. If this variable isn't defined, the path list defaults to the current directory followed by the list of directories returned by confstr(_CS_PATH). (This confstr(3) call typically returns the value "/bin:/usr/bin".)
如果指定的文件名包含一个反斜杠字符,然后是PATH
忽略,并执行在指定的路径名的文件。
这是理论,现在让我们来看看它的行为方式:
That was the theory, now let's see how it behaves:
-
我有将
execlp执行prog.c中文件:
#include <stdio.h>
int main()
{
puts("works!");
return 0;
}
和我有 exec.c 文件,该文件将尝试执行 PROG :
And I have exec.c file which will attempt to execute prog:
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <dirent.h>
int main(int argc, char* const argv[])
{
const char path[] = "/home/zaffy/cool";
if (argc < 2)
return 1;
if (argc > 2 && (chdir(path) || chroot(path)))
{
printf("Cannot chroot(%s): %s\n", path, strerror(errno));
return 1;
}
/* Clear our environment, including PATH */
clearenv();
if (execlp(argv[1], argv[1], NULL))
{
printf("Cannot execlp(%s): %s\n", argv[1], strerror(errno));
/* Well, we failed... let's see
contents of the current root */
struct dirent* entry;
DIR* dir = opendir("/");
while ( (entry = readdir(dir)) )
printf("%s\n", entry->d_name);
closedir(dir);
}
return 0;
}
-
所有测试中完成的
/家庭/ zaffy /冷:
/home/zaffy/cool
├── exec
├── exec.c
├── prog
└── prog.c
# /home/zaffy/cool/exec /home/zaffy/cool/prog
works!
测试二:与调用exec执行chroot:
# /home/zaffy/cool/exec /prog 1
Cannot execlp(/prog): No such file or directory
.
..
prog.c
prog
exec.c
exec
我很困惑!根据人的页面,如果我已经通过绝对路径 execlp 它不应该在搜索路径,或者 PATH 没有设置,它也应设置为当前目录,所以我不能够在这里看到的问题。
I'm confused! According to man-pages, if I have passed absolute path to execlp it should not search in PATH, or if the PATH is not set, it should be set also to the current directory so I'm not able to see the problem here.
该文件肯定存在并可用!即使我使用的fopen 权利之前 execlp 的的fopen 找到并打开该文件,但 execlp 仍然发出错误没有这样的文件或目录。
The file surely exists and is available! Even if I use fopen right before execlp, the fopen finds and opens the file, but execlp still emits the error No such file or directory.
你有任何想法,为什么出现这种情况?为什么不执行exec()后的chroot工作()?
Do you have any idea why this happens ? Why doesn't exec() work after chroot() ?
推荐答案
您的问题是最有可能的是你要执行的是程序的动态链接,动态连接器是不是在<$ C $ present C> / lib目录在chroot环境。这将导致 ENOENT (没有这样的文件或目录)错误。然而仅仅通过自身添加它不会帮助。你需要的所有其他文件的动态链接程序依赖,包括共享库和任何必要的配置/表/等。这些文件需要的库
Your problem is most likely that the program you're trying to exec is dynamic linked, and the dynamic linker is not present in /lib in the chroot environment. That would cause the ENOENT (No such file or directory) error. However just adding it by itself won't help. You'd need all the other files the dynamic-linked program depends on, including shared libraries and any essential configuration/table/etc. files these libraries need.
这篇关于为什么不能Exec的chroot()后工作()?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
