[syslog-ng]FAQ-seeding: chroot jail procedure for Syslog-ng
Nate Campi
syslog-ng@lists.balabit.hu
Mon, 17 Jan 2005 16:30:15 -0800
Oops I meant to send this directly to Mick, now I'm really LAME! :)
On Mon, Jan 17, 2005 at 04:27:57PM -0800, Nate Campi wrote:
> Hello Mick,
>
> If you have another version of this you'd like me to post, let me know.
> I'm in a FAQ updating mood (I'm supposed to be writing my book so for
> some reason this has my attention instead, man I'm lame).
>
> On Mon, Aug 16, 2004 at 12:55:30PM -0500, Michael D. (Mick) Bauer wrote:
> > Thanks! I'll post a revised procedure later this week -- replies
> > have been trickling in.
> >
> > Cheers,
> > Mick
> >
> > > On Sun, 15 Aug 2004 14:21:27 -0500 (CDT)
> > > "Michael D. (Mick) Bauer" <darth.elmo@wiremonkeys.org> wrote:
> > >
> > >> So far I haven't noticed that anything else needs to be added to
> > >> the chroot jail (e.g., stuff from /dev or /etc), but if anyone
> > >> knows differently please speak up!
> > >
> > > Mick,
> > >
> > > It's been awhile since I last setup syslog-ng in a chroot jail,
> > > but according to my notes I did the following on a recent Linux
> > > box:
> > >
> > > o copied the follow files to /path/to/chroot/lib:
> > >
> > > libnss_dns.so.2
> > > libnss_files.so.2
> > > libresolv.so.2
> > > libnsl.so.2
> > > libc.so.6
> > > ld-linux.so.2
> > >
> > > the first of which, being the one that seemed to actually be
> > > required for correct operation in my case. I believe the
> > > others were just referenced libraries, but not actually
> > > called.
> > >
> > > o copied the following to /path/to/chroot/etc
> > >
> > > nsswitch.conf
> > > resolv.conf
> > > `grep syslogng passwd`
> > > `grep syslogng group`
> > >
> > > the last two being whatever user/group you used to run
> > > syslog-ng as.
> > >
> > > John
> > > _______________________________________________
> > > syslog-ng maillist - syslog-ng@lists.balabit.hu
> > > https://lists.balabit.hu/mailman/listinfo/syslog-ng
> > > Frequently asked questions at
> > > http://www.campin.net/syslog-ng/faq.html
> >
> >
> > /-------------------------------------------------\
> > | Michael D. (Mick) Bauer |
> > | Security Editor, Linux Journal |
> > | Dir. of Value-Subtracted Svcs., Wiremonkeys.org |
> > \-------------------------------------------------/
> >
> >
> > _______________________________________________
> > syslog-ng maillist - syslog-ng@lists.balabit.hu
> > https://lists.balabit.hu/mailman/listinfo/syslog-ng
> > Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> >
>
> --
> Nate
>
> God does not play dice.
> -- Einstein
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
--
Nate
"PROGRAM - n. A magic spell cast over a computer allowing it to turn
one's input into error messages. v. tr.- To engage in a pastime similar
to banging one's head against a wall, but with fewer opportunities for
reward." - Unknown