[[Vorlage(archiviert)]] Hier ist es: das Script zum Erzeugen des auf der übergeordneten Seite beschriebenen Chroot-Jails. {{{#!/usr/bin/perl $chroot_dir="/home/chroot"; $chroot_dir_escaped="\\/home\\/chroot"; print "Please enter the name of user you want to create:\n"; $username=; chomp($username); print "Checking if username ($username) exists in /etc/group...\n"; $foundgroup=system("grep -i $username /etc/group"); if ($foundgroup==0) { print "Found one or more entries for $username, please choose another name!\n"; exit 0; } print "Checking if username ($username) exists in /etc/passwd...\n"; $foundgroup=system("grep -i $username /etc/passwd"); if ($foundgroup==0) { print "Found one or more entries for $username, please choose another name!\n"; exit 0; } print "I don't have a user called $username yet, we can do the work :-)\n"; print "Creating directory $chrootdir/$username"; system("mkdir $chroot_dir/$username"); print "."; print "done\n"; print "Creating directory structure for $username"; system("mkdir $chroot_dir/$username/bin"); print "."; system("mkdir $chroot_dir/$username/etc"); print "."; system("mkdir $chroot_dir/$username/home"); print "."; system("mkdir $chroot_dir/$username/home/$username"); print "."; system("mkdir $chroot_dir/$username/lib"); print "."; system("mkdir $chroot_dir/$username/lib/tls"); print "."; system("mkdir $chroot_dir/$username/lib/tls/i686"); print "."; system("mkdir $chroot_dir/$username/lib/tls/i686/cmov"); print "."; system("mkdir $chroot_dir/$username/dev"); print "."; system("mkdir $chroot_dir/$username/usr"); print "."; system("mkdir $chroot_dir/$username/usr/bin"); print "."; system("mkdir $chroot_dir/$username/var"); print "."; system("mkdir $chroot_dir/$username/usr/lib"); print "."; system("mkdir $chroot_dir/$username/var/tmp"); print "."; system("mkdir $chroot_dir/$username/usr/lib/i386"); print "."; system("mkdir $chroot_dir/$username/usr/lib/i386/cmov"); print "."; system("cp -Rp /tmp $chroot_dir/$username/"); print "done\n"; print "Creating new user $username"; system("groupadd $username"); print "."; system("useradd -g $username -d $chroot_dir/$username/home/$username -m -s /usr/local/sbin/chrlogin $username"); print "."; system("chown $username:$username $chroot_dir/$username/home/$username"); print "."; system("chown $username:$username $chroot_dir/$username/tmp"); print "."; system("chown $username:$username $chroot_dir/$username/var/tmp"); print "done\n"; print "Copying libraries to the just created environment"; system("cp /lib/ld-linux.so.2 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libacl.so.1 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libattr.so.1 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libcom_err.so.2 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libext2fs.so.2 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libncurses.so.5 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libnsl.so.1 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libnss_compat.so.2 $chroot_dir/$username/lib/"); print "."; system("cp /lib/libutil.so.1 $chroot_dir/$username/lib/"); print "."; system("cp /lib/tls/libc.so.6 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/libcrypt.so.1 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/libdl.so.2 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/libnsl.so.1 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/libpthread.so.0 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/libresolv.so.2 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/librt.so.1 $chroot_dir/$username/lib/tls/"); print "."; system("cp /lib/tls/libutil.so.1 $chroot_dir/$username/lib/tls/"); print "."; system("cp /usr/lib/libcrypto.so.0.9.6 $chroot_dir/$username/usr/lib/"); print "."; system("cp /usr/lib/libglib-2.0.so.0 $chroot_dir/$username/usr/lib/"); print "."; system("cp /usr/lib/libgmodule-2.0.so.0 $chroot_dir/$username/lib/"); print "."; system("cp /usr/lib/libgpm.so.1 $chroot_dir/$username/usr/lib/"); print "."; system("cp /usr/lib/libz.so.1 $chroot_dir/$username/usr/lib/"); print "."; system("cp /usr/lib/i686/cmov/libcrypto.so.0.9.7 $chroot_dir/$username/usr/lib/i386/cmov/"); print "done\n"; print "Copying binaries to the just created environment"; system("cp /bin/bash $chroot_dir/$username/bin/"); print "."; system("cp /bin/cat $chroot_dir/$username/bin/"); print "."; system("cp /bin/chmod $chroot_dir/$username/bin/"); print "."; system("cp /bin/chown $chroot_dir/$username/bin/"); print "."; system("cp /bin/cp $chroot_dir/$username/bin/"); print "."; system("cp /bin/ln $chroot_dir/$username/bin/"); print "."; system("cp /bin/ls $chroot_dir/$username/bin/"); print "."; system("cp /bin/mkdir $chroot_dir/$username/bin/"); print "."; system("cp /bin/more $chroot_dir/$username/bin/"); print "."; system("cp /bin/mv $chroot_dir/$username/bin/"); print "."; system("cp /bin/rm $chroot_dir/$username/bin/"); print "."; system("cp /bin/rmdir $chroot_dir/$username/bin/"); print "."; system("cp /bin/sh $chroot_dir/$username/bin/"); print "."; system("cp /bin/touch $chroot_dir/$username/bin/"); print "."; system("cp /usr/bin/dircolors $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/groups $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/id $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/less $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/mc $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/mcedit $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/vi $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/vim $chroot_dir/$username/usr/bin/"); print "."; system("cp /usr/bin/whoami $chroot_dir/$username/usr/bin/"); print "done\n"; print "Setting up new environment"; system("cp /etc/localtime $chroot_dir/$username/etc/"); print "."; system("cp /etc/nsswitch.conf $chroot_dir/$username/etc/"); print "."; system("cp -R /etc/terminfo $chroot_dir/$username/etc/"); print "."; system("mknod $chroot_dir/$username/dev/zero c 13 12"); print "."; system("mknod $chroot_dir/$username/dev/null c 1 3"); system("chmod 0666 $chroot_dir/$username/dev/null"); print "done\n"; print "Creating passwordfile in new environment..."; system("cat /etc/passwd | grep '$username' >> $chroot_dir/$username/etc/passwd"); system("cat /etc/group | grep '$username' >> $chroot_dir/$username/etc/group"); print "done\n"; print "Setting up password for $username:\n"; `passwd $username`; print "Fixing homedir and loginshell in chroot environment..."; sleep(1); system("cat $chroot_dir/$username/etc/passwd | \ perl -W -p -e 's/$chroot_dir_escaped\\/$username//g' | \ perl -W -p -e 's/\\/usr\\/local\\/sbin\\/chrlogin/\\/bin\\/bash/g' > $chroot_dir/$username/etc/passwd"); print "done\n"; print "Work done, user $username is ready for use :-)\n"; }}} ---- # tag: Sicherheit, Shell