From: dev <dev>
Date: Tue, 18 Oct 2022 05:09:52 +0000 (+0000)
Subject: *** empty log message ***
X-Git-Tag: init~1
X-Git-Url: https://www.chovits.jp/git/?a=commitdiff_plain;h=a035e14fd0438a213550b18ead0c5f59631a4491;p=chroot_mk.git

*** empty log message ***
---

a035e14fd0438a213550b18ead0c5f59631a4491
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..da8168b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,28 @@
+# CVS default ignores begin
+tags
+TAGS
+.make.state
+.nse_depinfo
+*~
+\#*
+.#*
+,*
+_$*
+*$
+*.old
+*.bak
+*.BAK
+*.orig
+*.rej
+.del-*
+*.a
+*.olb
+*.o
+*.obj
+*.so
+*.exe
+*.Z
+*.elc
+*.ln
+core
+# CVS default ignores end
diff --git a/chroot.sh b/chroot.sh
new file mode 100755
index 0000000..a407099
--- /dev/null
+++ b/chroot.sh
@@ -0,0 +1,141 @@
+#!/bin/bash
+
+#####################################################################################
+#
+#   chroot ç°å¢ãä½æ
+#     chrootç°å¢ãæ§ç¯ããçºã®ã¹ã¯ãªããã
+#     ä¸»ãªå©ç¨ç¨éã¨ãã¦ã
+#       ã»SSHã§ãã¼ããã©ã¯ã¼ããã
+#       ã»Linuxåå¿èãæ¥­åç­ã§æä½ãè¡ãå ´åãªã©ãå®è¡å¯è½ã³ãã³ããå¶é
+#         -> å¥ææ³ã¨ãã¦rbash
+#         -> ãã£ã¬ã¯ããªã®ç§»åå¶éã¯ãsshd_config ã® ChrootDirectory ãå©ç¨
+#
+#   ä½¿ç¨ä¸ã®æ³¨æ
+#     - ãã®ã¹ã¯ãªããã§chrootç°å¢ãæ§ç¯å¾ã«ãã¹ã¯ãªããåå®è¡ããã¨ä¸æ¸ãããã
+#       ã®ã§ãchrootç°å¢ã®ãã¡ã¤ã«ãä¿®æ­£ããå ´åã¯ãæ³¨æããäº
+#
+#   $Id: chroot.sh,v 1.1 2022/10/18 05:09:52 dev Exp $
+#
+#####################################################################################
+
+# Settings
+# --- è¨­å®å¤æ´ ãããã ---
+# chroot ãä½æãããã£ã¬ã¯ããªãæå®
+CHG_ROOT=/chroot
+
+# chrootç°å¢ã§å©ç¨ãããã­ã°ã©ã ãæå®
+CMD_LIST="pwd ls mkdir rmdir cp mv rm touch cat less more vi find grep telnet ssh ping traceroute"
+
+# --- ããã¾ã§ ---
+
+# Base Settings
+# åºæ¬çã«å¤æ´ããå¿è¦ã¯ããã¾ããã
+
+REQUIRED_CMD="sh bash env id readlink basename hostname groups tty"
+REQUIRED_SO=(
+  /lib64/ld-linux-x86-64.so.2
+  /lib64/libnss_sss.so.2
+  /lib64/libnss_files.so.2
+  /lib64/libnss_systemd.so.2
+  /lib64/librt.so.1
+  /lib64/libmount.so.1
+  /lib64/libgcc_s.so.1
+  /lib64/libblkid.so.1
+  /lib64/libuuid.so.1
+)
+
+LINKED_DIRS=(
+  /etc/profile.d
+  /usr/share/terminfo
+)
+LINKED_FILES=(
+  /etc/profile
+  /etc/bashrc
+  /etc/inputrc
+  /etc/openldap/ldap.conf
+  /etc/nsswitch.conf
+  /etc/hosts
+  /etc/fstab
+  /usr/libexec/grepconf.sh
+)
+
+# Init
+FLG=0
+EXEC_CMD=(
+  /usr/bin/which
+  /usr/bin/install
+  /usr/bin/ldd
+  /usr/bin/awk
+  /usr/bin/mknod
+  /usr/bin/chmod
+)
+
+for valf in ${LINKED_DIRS[@]}
+do
+  if [ ! -x $valf ]; then
+    echo "File ($valf) not found"
+    FLG=1
+  fi
+done
+
+if [ $FLG -eq 1 ]; then
+  echo "--- Error ---"
+  exit 1
+fi
+
+# Main
+
+install -m 0755 -o root -g root -d ${CHG_ROOT}
+install -m 0755 -o root -g root -d ${CHG_ROOT}/{dev,home,etc,usr,tmp}
+install -m 0755 -o root -g root -d ${CHG_ROOT}/usr/{bin,sbin,lib,lib64,libexec}
+install -m 0755 -o root -g root -d ${CHG_ROOT}/usr/local/bin
+
+cd ${CHG_ROOT}
+test ! -L bin && ln -s usr/bin .
+test ! -L lib && ln -s usr/lib .
+test ! -L lib64 && ln -s usr/lib64 .
+
+# éçãã£ã¬ã¯ããª(LINKED_DIRS)ã®ã³ãã¼
+for vald in ${LINKED_DIRS[@]}
+do
+    test ! -d `dirname ${CHG_ROOT}$vald` && install -m 0755 -o root -g root -d `dirname ${CHG_ROOT}$vald`
+    cp -Rpf $vald ${CHG_ROOT}$vald
+done
+
+# éçãã¡ã¤ã«(LINKED_FILES)ã®ã³ãã¼
+for valf in ${LINKED_FILES[@]}
+do
+    test ! -d `dirname ${CHG_ROOT}$valf` && install -m 0755 -o root -g root -d `dirname ${CHG_ROOT}$valf`
+    cp -pf $valf ${CHG_ROOT}$valf
+done
+
+# å©ç¨ã³ãã³ãã¨ã©ã¤ãã©ãªã¼ã®ã³ãã¼
+for valp in `which $CMD_LIST`;
+do
+    # command
+    test -e ./$valp && continue
+    cp -pf $valp ./$valp
+
+    # library
+    LIBS=`ldd $valp | awk '{ print $3 }'`
+    if [ ${#LIBS[*]} -gt 0 ]; then
+      for valf in $LIBS;
+      do
+        test ! -d `dirname ${CHG_ROOT}$valf` && install -m 0755 -o root -g root -d `dirname ${CHG_ROOT}$valf`
+        test ! -f ${CHG_ROOT}$valf && cp -p $valf ./$valf
+      done
+    fi
+done
+
+# è¿½å (éç)ã©ã¤ãã©ãªã¼ã®ã³ãã¼
+for valf in ${REQUIRED_SO[@]}
+do
+    test ! -d `dirname ${CHG_ROOT}$valf` && install -m 0755 -o root -g root -d `dirname ${CHG_ROOT}$valf`
+    cp -pf $valf ${CHG_ROOT}$valf
+done
+
+test ! -c ${CHG_ROOT}/dev/null && mknod ${CHG_ROOT}/dev/null c 1 3
+test ! -c ${CHG_ROOT}/dev/zero && mknod ${CHG_ROOT}/dev/zero c 1 5
+test ! -c ${CHG_ROOT}/dev/random && mknod ${CHG_ROOT}/dev/random c 1 8
+test ! -c ${CHG_ROOT}/dev/urandom && mknod ${CHG_ROOT}/dev/urandom c 1 9
+chmod 0666 ${CHG_ROOT}/dev/{null,zero,random,urandom}
