我创建了一个chroot监狱并将多个二进制文件及其相应的库复制到相关子目录中。例子:
cp -v /usr/bin/edit /home/jail/usr/bin
ldd /usr/bin/edit
linux-vdso.so.1 (0x00007fff565ae000)
libm.so.6 => /lib64/libm.so.6 (0x00007f7749145000)
libtinfo.so.5 => /lib64/libtinfo.so.5 (0x00007f7748f11000)
libacl.so.1 => /lib64/libacl.so.1 (0x00007f7748d08000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f7748b04000)
libperl.so => /usr/lib/perl5/5.18.2/x86_64-linux-thread-multi/CORE/libperl.so (0x00007f7748771000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f7748554000)
libc.so.6 => /lib64/libc.so.6 (0x00007f77481ad000)
libattr.so.1 => /lib64/libattr.so.1 (0x00007f7747fa8000)
/lib64/ld-linux-x86-64.so.2 (0x00007f7749446000)
libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f7747d6d000)
cp -v /lib64/{libm.so.6,libtinfo.so.5,libacl.so.1,libdl.so.2,libpthread.so.0,libc.so.6,libattr.so.1,ld-linux-x86-64.so.2,libcrypt.so.1} /home/jail/lib64/
我对命令执行了相同的操作man,并使用 复制了所有手动文件cp -rv /usr/share/man/ /home/jail/usr/share/,但如果执行它,它会返回此错误:
-bash-4.2$ man gzip
execve: No such file or directory
可能缺少什么?
更多细节:
-bash-4.2$ ls /usr/share/man
ca da el es fr.ISO8859-1 hu it man0p man1p man3 man4 man6 man8 mann pl pt_BR sk sv zh zh_TW
cs de eo fr fr.UTF-8 id ja man1 man2 man3p man5 man7 man9 nl pt ru sr uk zh_CN
更新:
-bash-4.2$ strace -f /usr/bin/mandb ls 2>ls.log
-bash-4.2$ cat ls.log
execve("/usr/bin/mandb", ["/usr/bin/mandb", "ls"], [/* 45 vars */]) = 0
brk(0) = 0x138b000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd43a9ac000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/lib64/tls/x86_64/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib64/tls/x86_64", 0x7ffde87d2510) = -1 ENOENT (No such file or directory)
open("/lib64/tls/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib64/tls", 0x7ffde87d2510) = -1 ENOENT (No such file or directory)
open("/lib64/x86_64/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib64/x86_64", 0x7ffde87d2510) = -1 ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1974416, ...}) = 0
mmap(NULL, 3828256, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fd43a3e6000
mprotect(0x7fd43a584000, 2093056, PROT_NONE) = 0
mmap(0x7fd43a783000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x19d000) = 0x7fd43a783000
mmap(0x7fd43a789000, 14880, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fd43a789000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd43a9ab000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd43a9aa000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd43a9a9000
arch_prctl(ARCH_SET_FS, 0x7fd43a9aa700) = 0
mprotect(0x7fd43a783000, 16384, PROT_READ) = 0
mprotect(0x601000, 4096, PROT_READ) = 0
mprotect(0x7fd43a9ad000, 4096, PROT_READ) = 0
brk(0) = 0x138b000
brk(0x13ac000) = 0x13ac000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/locale/de_DE.UTF-8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/locale/de_DE.utf8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/locale/de_DE/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/locale/de.UTF-8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/locale/de.utf8/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/usr/lib/locale/de/LC_CTYPE", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
getuid() = 1000
geteuid() = 1000
getgid() = 100
execve("/usr/lib/man-db/mandb", ["/usr/bin/mandb", "ls"], [/* 45 vars */]) = -1 ENOENT (No such file or directory)
dup(2) = 3
fcntl(3, F_GETFL) = 0x8001 (flags O_WRONLY|O_LARGEFILE)
close(3) = 0
write(2, "execve: No such file or director"..., 34execve: No such file or directory
) = 34
exit_group(-22) = ?
+++ exited with 234 +++
Update2:好的,这部分丢失了:
cp -rv /usr/lib/man-db/ usr/lib/
现在我得到这个错误:
man: error while loading shared libraries: libmandb-2.6.6.so: cannot open shared object file: No such file or directory
奇怪的是,它不是ldd退货的一部分:
# which mandb
/usr/bin/mandb
# ldd /usr/bin/mandb
linux-vdso.so.1 (0x00007fffd64d0000)
libc.so.6 => /lib64/libc.so.6 (0x00007f1885120000)
/lib64/ld-linux-x86-64.so.2 (0x00007f18854c7000)
最后我需要这些库:
cp /usr/lib64/libmandb-2.6.6.so usr/lib64/libmandb-2.6.6.so
cp /usr/lib64/libgdbm.so.4 usr/lib64/libgdbm.so.4
加载后man,但不显示任何文本:
# man ls
Man: find all matching manual pages (set MAN_POSIXLY_CORRECT to avoid this)
* ls (1)
ls (1p)
Man: What manual page do you want?
Man: 1
我比较了jail和root用户的strace结果,现在它们仅在这部分有所不同(jail被留下):
当我添加绑定挂载到 时/var/run/nscd,该套接字可供监狱用户使用:
-bash-4.2$ if [[ -S /var/run/nscd/socket ]]; then echo "socket is available"; fi
socket is available
那么问题似乎是别的什么?!
Update3:@nobody 是的,密码和组都存在:
-bash-4.2$ ls -la /etc
total 124
drwxr-xr-x 4 root root 216 Nov 11 14:15 .
drwxr-xr-x 13 root root 183 Nov 4 08:49 ..
-rw-r--r-- 1 root root 779 Nov 3 12:43 group
-rw-r--r-- 1 root root 67659 Nov 11 13:55 ld.so.cache
-rw-r--r-- 1 root root 2335 Nov 4 09:02 localtime
-rw-r--r-- 1 root root 12061 Nov 11 13:16 manpath.config
-rw-r--r-- 1 root root 1304 Nov 11 14:15 nsswitch.conf
-rw-r--r-- 1 root root 3961 Nov 3 12:43 passwd
drwxr-xr-x 2 root root 4096 Nov 3 14:13 postfix
-rw-r--r-- 1 root root 9168 Nov 4 09:02 profile
drwxr-xr-x 2 root root 4096 Nov 4 09:02 profile.d
-rw-r--r-- 1 root root 8006 Nov 4 09:17 vimrc
更新4:
该-Tascii标志返回了更多丢失的二进制文件:
-bash-4.2$ man -Tascii ls
man: can't execute tbl: No such file or directory
man: can't execute groff: No such file or directory
man: command exited with status 255: /usr/bin/zsoelim | /usr/lib/man-db/manconv -f UTF-8:ISO-8859-1 -t ANSI_X3.4-1968//IGNORE | tbl | groff -mandoc -Tascii
所以我复制了tbl和groff以及zsoelim完整的目录 /usr/share/groff。现在还缺少两个额外的二进制文件:
-bash-4.2$ man -Tascii ls
groff: couldn't exec troff: No such file or directory
groff: couldn't exec grotty: No such file or directory
man: command exited with status 4: /usr/bin/zsoelim | /usr/lib/man-db/manconv -f UTF-8:ISO-8859-1 -t ANSI_X3.4-1968//IGNORE | tbl | groff -mandoc -Tascii
复制这些后,显示手册:
但如果没有-Tascii旗帜,它仍然是黑色/空的。 :|
更新5:
默认寻呼机似乎是less
-bash-4.2$ env | grep MANPATH
MANPATH=/usr/share/man
-bash-4.2$ env | grep PAGER
PAGER=less
答案1
您应该键入命令strace -f man ls 2>ls.log并查看 ls.log 文件中有多少 execve 行。您将拥有 /usr/bin/pager、nroff、groff、tbl...groff肯定需要大量文件才能正常工作。查看openat日志文件中有多少是成功的。
答案2
根据 strace 屏幕截图,丢失的 proc 文件系统 + chroot 监狱中的套接字访问受限可能是原因。作为围绕别名的解决方案,这项工作做得很好:
alias_man() { man -Tascii "$@" | pager; }
alias man='alias_man'