ubuntuusers.de

script

Archivierte Anleitung

Dieser Artikel wurde archiviert. Das bedeutet, dass er nicht mehr auf Richtigkeit überprüft oder anderweitig gepflegt wird. Der Inhalt wurde für keine aktuell unterstützte Ubuntu-Version getestet. Wenn du Gründe für eine Wiederherstellung siehst, melde dich bitte in der Diskussion zum Artikel. Bis dahin bleibt die Seite für weitere Änderungen gesperrt.

Hier ist es: das Script zum Erzeugen des auf der übergeordneten Seite beschriebenen Chroot-Jails.

#!/usr/bin/perl

$chroot_dir="/home/chroot";
$chroot_dir_escaped="\\/home\\/chroot";

print "Please enter the name of user you want to create:\n";
$username=<STDIN>;
chomp($username);

print "Checking if username ($username) exists in /etc/group...\n";
$foundgroup=system("grep -i $username /etc/group");
if ($foundgroup==0) {
    print "Found one or more entries for $username, please choose another name!\n";
    exit 0;
}

print "Checking if username ($username) exists in /etc/passwd...\n";
$foundgroup=system("grep -i $username /etc/passwd");
if ($foundgroup==0) {
    print "Found one or more entries for $username, please choose another name!\n";
    exit 0;
}

print "I don't have a user called $username yet, we can do the work :-)\n";


print "Creating directory $chrootdir/$username";
system("mkdir $chroot_dir/$username");
print ".";
print "done\n";
print "Creating directory structure for $username";
system("mkdir $chroot_dir/$username/bin");
print ".";
system("mkdir $chroot_dir/$username/etc");
print ".";
system("mkdir $chroot_dir/$username/home");
print ".";
system("mkdir $chroot_dir/$username/home/$username");
print ".";
system("mkdir $chroot_dir/$username/lib");
print ".";
system("mkdir $chroot_dir/$username/lib/tls");
print ".";
system("mkdir $chroot_dir/$username/lib/tls/i686");
print ".";
system("mkdir $chroot_dir/$username/lib/tls/i686/cmov");
print ".";
system("mkdir $chroot_dir/$username/dev");
print ".";
system("mkdir $chroot_dir/$username/usr");
print ".";
system("mkdir $chroot_dir/$username/usr/bin");
print ".";
system("mkdir $chroot_dir/$username/var");
print ".";
system("mkdir $chroot_dir/$username/usr/lib");
print ".";
system("mkdir $chroot_dir/$username/var/tmp");
print ".";
system("mkdir $chroot_dir/$username/usr/lib/i386");
print ".";
system("mkdir $chroot_dir/$username/usr/lib/i386/cmov");
print ".";
system("cp -Rp /tmp $chroot_dir/$username/");
print "done\n";

print "Creating new user $username";
system("groupadd $username");
print ".";
system("useradd -g $username -d $chroot_dir/$username/home/$username -m -s /usr/local/sbin/chrlogin $username");
print ".";
system("chown $username:$username $chroot_dir/$username/home/$username");
print ".";
system("chown $username:$username $chroot_dir/$username/tmp");
print ".";
system("chown $username:$username $chroot_dir/$username/var/tmp");
print "done\n";

print "Copying libraries to the just created environment";

system("cp /lib/ld-linux.so.2 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libacl.so.1 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libattr.so.1 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libcom_err.so.2 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libext2fs.so.2 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libncurses.so.5 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libnsl.so.1 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libnss_compat.so.2 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/libutil.so.1 $chroot_dir/$username/lib/");
print ".";
system("cp /lib/tls/libc.so.6 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/libcrypt.so.1 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/libdl.so.2 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/libnsl.so.1 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/libpthread.so.0 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/libresolv.so.2 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/librt.so.1 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /lib/tls/libutil.so.1 $chroot_dir/$username/lib/tls/");
print ".";
system("cp /usr/lib/libcrypto.so.0.9.6 $chroot_dir/$username/usr/lib/");
print ".";
system("cp /usr/lib/libglib-2.0.so.0 $chroot_dir/$username/usr/lib/");
print ".";
system("cp /usr/lib/libgmodule-2.0.so.0 $chroot_dir/$username/lib/");
print ".";
system("cp /usr/lib/libgpm.so.1 $chroot_dir/$username/usr/lib/");
print ".";
system("cp /usr/lib/libz.so.1 $chroot_dir/$username/usr/lib/");
print ".";
system("cp /usr/lib/i686/cmov/libcrypto.so.0.9.7 $chroot_dir/$username/usr/lib/i386/cmov/");
print "done\n";

print "Copying binaries to the just created environment";

system("cp /bin/bash $chroot_dir/$username/bin/");
print ".";
system("cp /bin/cat $chroot_dir/$username/bin/");
print ".";
system("cp /bin/chmod $chroot_dir/$username/bin/");
print ".";
system("cp /bin/chown $chroot_dir/$username/bin/");
print ".";
system("cp /bin/cp $chroot_dir/$username/bin/");
print ".";
system("cp /bin/ln $chroot_dir/$username/bin/");
print ".";
system("cp /bin/ls $chroot_dir/$username/bin/");
print ".";
system("cp /bin/mkdir $chroot_dir/$username/bin/");
print ".";
system("cp /bin/more $chroot_dir/$username/bin/");
print ".";
system("cp /bin/mv $chroot_dir/$username/bin/");
print ".";
system("cp /bin/rm $chroot_dir/$username/bin/");
print ".";
system("cp /bin/rmdir $chroot_dir/$username/bin/");
print ".";
system("cp /bin/sh $chroot_dir/$username/bin/");
print ".";
system("cp /bin/touch $chroot_dir/$username/bin/");
print ".";
system("cp /usr/bin/dircolors $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/groups $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/id $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/less $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/mc $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/mcedit $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/vi $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/vim $chroot_dir/$username/usr/bin/");
print ".";
system("cp /usr/bin/whoami $chroot_dir/$username/usr/bin/");
print "done\n";


print "Setting up new environment";

system("cp /etc/localtime $chroot_dir/$username/etc/");
print ".";
system("cp /etc/nsswitch.conf $chroot_dir/$username/etc/");
print ".";
system("cp -R /etc/terminfo $chroot_dir/$username/etc/");
print ".";
system("mknod $chroot_dir/$username/dev/zero c 13 12");
print ".";
system("mknod $chroot_dir/$username/dev/null c 1 3");
system("chmod 0666 $chroot_dir/$username/dev/null");
print "done\n";

print "Creating passwordfile in new environment...";
system("cat /etc/passwd | grep '$username' >> $chroot_dir/$username/etc/passwd");
system("cat /etc/group | grep '$username' >> $chroot_dir/$username/etc/group");
print "done\n";

print "Setting up password for $username:\n";
`passwd $username`;

print "Fixing homedir and loginshell in chroot environment...";
sleep(1);
system("cat $chroot_dir/$username/etc/passwd | \
perl -W -p -e 's/$chroot_dir_escaped\\/$username//g' | \
perl -W -p -e  's/\\/usr\\/local\\/sbin\\/chrlogin/\\/bin\\/bash/g' > $chroot_dir/$username/etc/passwd");
print "done\n";

print "Work done, user $username is ready for use :-)\n";

Diese Revision wurde am 27. Mai 2010 16:43 von Heinrich_Schwietering erstellt.
Die folgenden Schlagworte wurden dem Artikel zugewiesen: Shell, Sicherheit