Oops I meant to send this directly to Mick, now I'm really LAME! :) On Mon, Jan 17, 2005 at 04:27:57PM -0800, Nate Campi wrote:
Hello Mick,
If you have another version of this you'd like me to post, let me know. I'm in a FAQ updating mood (I'm supposed to be writing my book so for some reason this has my attention instead, man I'm lame).
On Mon, Aug 16, 2004 at 12:55:30PM -0500, Michael D. (Mick) Bauer wrote:
Thanks! I'll post a revised procedure later this week -- replies have been trickling in.
Cheers, Mick
On Sun, 15 Aug 2004 14:21:27 -0500 (CDT) "Michael D. (Mick) Bauer" <darth.elmo@wiremonkeys.org> wrote:
So far I haven't noticed that anything else needs to be added to the chroot jail (e.g., stuff from /dev or /etc), but if anyone knows differently please speak up!
Mick,
It's been awhile since I last setup syslog-ng in a chroot jail, but according to my notes I did the following on a recent Linux box:
o copied the follow files to /path/to/chroot/lib:
libnss_dns.so.2 libnss_files.so.2 libresolv.so.2 libnsl.so.2 libc.so.6 ld-linux.so.2
the first of which, being the one that seemed to actually be required for correct operation in my case. I believe the others were just referenced libraries, but not actually called.
o copied the following to /path/to/chroot/etc
nsswitch.conf resolv.conf `grep syslogng passwd` `grep syslogng group`
the last two being whatever user/group you used to run syslog-ng as.
John _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
/-------------------------------------------------\ | Michael D. (Mick) Bauer | | Security Editor, Linux Journal | | Dir. of Value-Subtracted Svcs., Wiremonkeys.org | \-------------------------------------------------/
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- Nate
God does not play dice. -- Einstein
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- Nate "PROGRAM - n. A magic spell cast over a computer allowing it to turn one's input into error messages. v. tr.- To engage in a pastime similar to banging one's head against a wall, but with fewer opportunities for reward." - Unknown