Re: chrooting daemons
From: Topi Miettinen <Topi.Miettinen@ml.tele.fi>
> But if the libraries are not hard linked (that probably would be ruined in
> update), I believe they would still be in memory more than once, because
> they then had different inodes and the OS would have no way of knowing they
> are the same.
We don't want to have more than one instance of a library in the filesystem
if that is at all possible. We currently violate this for anonymous FTP,
which has its own copy of a few system utilities and its own copy of the
C shared library. I notice that on my system the libraries and binaries in
the anonymous FTP chroot directory are older than the rest of the system.
The best way to deal with this would be some sort of filesystem hack under
the chroot-ed directory. What I want is the capability to import some
files and directories into the chroot filesystem while changing their
permissions, but I don't want the ".." links of the directories to point out
of the chroot context, and I don't want the chroot context to be able to
change what is imported.
There was something called "userfs" that might have let you do this, but
I don't see it in recent kernels. It could be done with the prof filesystem.
Thanks
Bruce
--
Can you get your operating system fixed when you need it?
Linux - the supportable operating system. http://www.debian.org/support.html
Bruce Perens K6BP bruce@debian.org NEW PHONE NUMBER: 510-620-3502
Reply to: