Opzetten chroot basis omgeving fedora core
Het opzetten van een chroot basis omgeving is normaal een hoop kopieer en puzzel werk.
Echter bevat yum een handige --installroot optie om alles op ene automatische en nette manier te doen.
Het enige wat nodig is voor een minimale omgeving is bash en alle dependencys. Deze proberen we als volgt te installeren:
[root@localhost ~]# yum --installroot=/chrootedlogin install bash removing mirrorlist with no valid mirrors: /chrootedlogin/var/cache/yum/fedora/mirrorlist.txt Error: Cannot retrieve repository metadata (repomd.xml) for repository: fedora. Please verify its path and try again [root@localhost ~]# cp /var/cache/yum/fedora/mirrorlist.txt /chrootedlogin/var/cache/yum/fedora/mirrorlist.txt [root@localhost ~]# yum --installroot=/chrootedlogin install bash fedora | 2.4 kB 00:00 primary.sqlite.bz2 | 6.1 MB 00:09 removing mirrorlist with no valid mirrors: /chrootedlogin/var/cache/yum/updates/mirrorlist.txt Error: Cannot retrieve repository metadata (repomd.xml) for repository: updates. Please verify its path and try again You have new mail in /var/spool/mail/root [root@localhost ~]# cp /var/cache/yum/updates/mirrorlist.txt /chrootedlogin/var/cache/yum/updates/mirrorlist.txt
De files die ontbreken kopieren we van het hoofd systeem, totdat yum het doet. (Dit zijn slechts 2 mirrorlist files)
Hierna gaat het installeren van bash correct:
[root@localhost ~]# yum --installroot=/chrootedlogin install bash updates | 2.6 kB 00:00 primary.sqlite.bz2 | 9.1 kB 00:00 Setting up Install Process Parsing package install arguments Resolving Dependencies --> Running transaction check ---> Package bash.i386 0:3.2-22.fc9 set to be updated --> Processing Dependency: libc.so.6(GLIBC_2.2) for package: bash --> Processing Dependency: libc.so.6(GLIBC_2.4) for package: bash --> Processing Dependency: rtld(GNU_HASH) for package: bash --> Processing Dependency: libc.so.6(GLIBC_2.1) for package: bash --> Processing Dependency: libc.so.6(GLIBC_2.3.4) for package: bash --> Processing Dependency: mktemp for package: bash --> Processing Dependency: libtinfo.so.5 for package: bash --> Processing Dependency: libdl.so.2(GLIBC_2.1) for package: bash --> Processing Dependency: libc.so.6 for package: bash --> Processing Dependency: libdl.so.2(GLIBC_2.0) for package: bash --> Processing Dependency: ncurses for package: bash --> Processing Dependency: libdl.so.2 for package: bash --> Processing Dependency: libc.so.6(GLIBC_2.0) for package: bash --> Processing Dependency: libc.so.6(GLIBC_2.3) for package: bash --> Running transaction check ---> Package ncurses-libs.i386 0:5.6-16.20080301.fc9 set to be updated --> Processing Dependency: ncurses-base = 5.6-16.20080301.fc9 for package: ncurses-libs ---> Package glibc.i686 0:2.8-3 set to be updated --> Processing Dependency: basesystem for package: glibc --> Processing Dependency: libgcc for package: glibc --> Processing Dependency: glibc-common = 2.8-3 for package: glibc ---> Package coreutils.i386 0:6.10-18.fc9 set to be updated --> Processing Dependency: libacl.so.1 for package: coreutils --> Processing Dependency: libacl.so.1(ACL_1.0) for package: coreutils --> Processing Dependency: /sbin/install-info for package: coreutils --> Processing Dependency: libpam.so.0 for package: coreutils --> Processing Dependency: libselinux.so.1 for package: coreutils --> Processing Dependency: grep for package: coreutils --> Processing Dependency: libpam.so.0(LIBPAM_1.0) for package: coreutils --> Processing Dependency: libselinux >= 1.25.6-1 for package: coreutils --> Processing Dependency: libpam_misc.so.0 for package: coreutils --> Processing Dependency: pam >= 0.66-12 for package: coreutils --> Processing Dependency: libpam_misc.so.0(LIBPAM_MISC_1.0) for package: coreutils ---> Package ncurses.i386 0:5.6-16.20080301.fc9 set to be updated --> Running transaction check ---> Package pam.i386 0:1.0.1-2.fc9 set to be updated --> Processing Dependency: audit-libs >= 1.0.8 for package: pam --> Processing Dependency: cracklib-dicts >= 2.8 for package: pam --> Processing Dependency: libaudit.so.0 for package: pam --> Processing Dependency: cracklib for package: pam --> Processing Dependency: libcrack.so.2 for package: pam ---> Package libselinux.i386 0:2.0.61-1.fc9 set to be updated --> Processing Dependency: libsepol >= 2.0.18-2 for package: libselinux ---> Package libacl.i386 0:2.2.47-1.fc9 set to be updated --> Processing Dependency: libattr.so.1(ATTR_1.0) for package: libacl --> Processing Dependency: libattr.so.1 for package: libacl ---> Package basesystem.noarch 0:8.1-1 set to be updated --> Processing Dependency: filesystem for package: basesystem --> Processing Dependency: setup for package: basesystem ---> Package info.i386 0:4.11-5.fc9 set to be updated --> Processing Dependency: libz.so.1 for package: info ---> Package glibc-common.i386 0:2.8-3 set to be updated --> Processing Dependency: tzdata >= 2003a for package: glibc-common ---> Package libgcc.i386 0:4.3.0-8 set to be updated ---> Package ncurses-base.i386 0:5.6-16.20080301.fc9 set to be updated ---> Package grep.i386 0:2.5.1-59.fc9 set to be updated --> Processing Dependency: libpcre.so.0 for package: grep --> Running transaction check ---> Package libattr.i386 0:2.4.41-1.fc9 set to be updated ---> Package audit-libs.i386 0:1.7.2-6.fc9 set to be updated ---> Package setup.noarch 0:2.6.14-1.fc9 set to be updated ---> Package filesystem.i386 0:2.4.13-1.fc9 set to be updated ---> Package zlib.i386 0:1.2.3-18.fc9 set to be updated ---> Package cracklib-dicts.i386 0:2.8.12-2 set to be updated ---> Package pcre.i386 0:7.3-3.fc9 set to be updated --> Processing Dependency: libstdc++.so.6(CXXABI_1.3) for package: pcre --> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4.9) for package: pcre --> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4) for package: pcre --> Processing Dependency: libstdc++.so.6 for package: pcre ---> Package tzdata.noarch 0:2008b-1.fc9 set to be updated ---> Package cracklib.i386 0:2.8.12-2 set to be updated ---> Package libsepol.i386 0:2.0.26-1.fc9 set to be updated --> Running transaction check ---> Package libstdc++.i386 0:4.3.0-8 set to be updated --> Finished Dependency Resolution Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: bash i386 3.2-22.fc9 fedora 1.8 M Installing for dependencies: audit-libs i386 1.7.2-6.fc9 fedora 74 k basesystem noarch 8.1-1 fedora 2.9 k coreutils i386 6.10-18.fc9 fedora 4.4 M cracklib i386 2.8.12-2 fedora 47 k cracklib-dicts i386 2.8.12-2 fedora 3.7 M filesystem i386 2.4.13-1.fc9 fedora 119 k glibc i686 2.8-3 fedora 5.5 M glibc-common i386 2.8-3 fedora 21 M grep i386 2.5.1-59.fc9 fedora 182 k info i386 4.11-5.fc9 fedora 167 k libacl i386 2.2.47-1.fc9 fedora 22 k libattr i386 2.4.41-1.fc9 fedora 13 k libgcc i386 4.3.0-8 fedora 45 k libselinux i386 2.0.61-1.fc9 fedora 116 k libsepol i386 2.0.26-1.fc9 fedora 129 k libstdc++ i386 4.3.0-8 fedora 317 k ncurses i386 5.6-16.20080301.fc9 fedora 169 k ncurses-base i386 5.6-16.20080301.fc9 fedora 59 k ncurses-libs i386 5.6-16.20080301.fc9 fedora 326 k pam i386 1.0.1-2.fc9 fedora 1.1 M pcre i386 7.3-3.fc9 fedora 140 k setup noarch 2.6.14-1.fc9 fedora 140 k tzdata noarch 2008b-1.fc9 fedora 752 k zlib i386 1.2.3-18.fc9 fedora 74 k Transaction Summary ============================================================================= Install 25 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 41 M Is this ok [y/N]: y Downloading Packages: (1/25): basesystem-8.1-1.noarch.rpm | 2.9 kB 00:00 (2/25): libattr-2.4.41-1.fc9.i386.rpm | 13 kB 00:00 (3/25): libacl-2.2.47-1.fc9.i386.rpm | 22 kB 00:00 (4/25): libgcc-4.3.0-8.i386.rpm | 45 kB 00:00 (5/25): cracklib-2.8.12-2.i386.rpm | 47 kB 00:00 (6/25): ncurses-base-5.6-16.20080301.fc9.i386.rpm | 59 kB 00:00 (7/25): audit-libs-1.7.2-6.fc9.i386.rpm | 74 kB 00:00 (8/25): zlib-1.2.3-18.fc9.i386.rpm | 74 kB 00:00 (9/25): libselinux-2.0.61-1.fc9.i386.rpm | 116 kB 00:00 (10/25): filesystem-2.4.13-1.fc9.i386.rpm | 119 kB 00:00 (11/25): libsepol-2.0.26-1.fc9.i386.rpm | 129 kB 00:00 (12/25): setup-2.6.14-1.fc9.noarch.rpm | 140 kB 00:00 (13/25): pcre-7.3-3.fc9.i386.rpm | 140 kB 00:00 (14/25): info-4.11-5.fc9.i386.rpm | 167 kB 00:00 (15/25): ncurses-5.6-16.20080301.fc9.i386.rpm | 169 kB 00:00 (16/25): grep-2.5.1-59.fc9.i386.rpm | 182 kB 00:00 (17/25): libstdc++-4.3.0-8.i386.rpm | 317 kB 00:00 (18/25): ncurses-libs-5.6-16.20080301.fc9.i386.rpm | 326 kB 00:00 (19/25): tzdata-2008b-1.fc9.noarch.rpm | 752 kB 00:01 (20/25): pam-1.0.1-2.fc9.i386.rpm | 1.1 MB 00:02 (21/25): bash-3.2-22.fc9.i386.rpm | 1.8 MB 00:02 (22/25): cracklib-dicts-2.8.12-2.i386.rpm | 3.7 MB 00:06 (23/25): coreutils-6.10-18.fc9.i386.rpm | 4.4 MB 00:08 (24/25): glibc-2.8-3.i686.rpm | 5.5 MB 00:10 (25/25): glibc-common-2.8-3.i386.rpm | 21 MB 00:38 warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 4f2a6fd2 Importing GPG key 0x4F2A6FD2 "Fedora Project <fedora@redhat.com>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora Is this ok [y/N]: y Importing GPG key 0xDB42A60E "Red Hat, Inc <security@redhat.com>" from /etc/pki/rpm-gpg/RPM-GPG-KEY Is this ok [y/N]: y Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing : setup [ 1/25] Installing : filesystem [ 2/25] Installing : basesystem [ 3/25] Installing : ncurses-base [ 4/25] Installing : tzdata [ 5/25] Installing : libgcc [ 6/25] Installing : glibc [ 7/25] Installing : ncurses-libs [ 8/25] Installing : ncurses [ 9/25] Installing : bash [10/25] Installing : cracklib [11/25] Installing : libsepol [12/25] Installing : libselinux [13/25] Installing : libattr [14/25] Installing : libacl [15/25] Installing : libstdc++ [16/25] Installing : pcre [17/25] Installing : glibc-common [18/25] Installing : zlib [19/25] Installing : info [20/25] Installing : grep [21/25] Installing : audit-libs [22/25] Installing : cracklib-dicts [23/25] Installing : coreutils [24/25] Installing : pam [25/25] Installed: bash.i386 0:3.2-22.fc9 Dependency Installed: audit-libs.i386 0:1.7.2-6.fc9 basesystem.noarch 0:8.1-1 coreutils.i386 0:6.10-18.fc9 cracklib.i386 0:2.8.12-2 cracklib-dicts.i386 0:2.8.12-2 filesystem.i386 0:2.4.13-1.fc9 glibc.i686 0:2.8-3 glibc-common.i386 0:2.8-3 grep.i386 0:2.5.1-59.fc9 info.i386 0:4.11-5.fc9 libacl.i386 0:2.2.47-1.fc9 libattr.i386 0:2.4.41-1.fc9 libgcc.i386 0:4.3.0-8 libselinux.i386 0:2.0.61-1.fc9 libsepol.i386 0:2.0.26-1.fc9 libstdc++.i386 0:4.3.0-8 ncurses.i386 0:5.6-16.20080301.fc9 ncurses-base.i386 0:5.6-16.20080301.fc9 ncurses-libs.i386 0:5.6-16.20080301.fc9 pam.i386 0:1.0.1-2.fc9 pcre.i386 0:7.3-3.fc9 setup.noarch 0:2.6.14-1.fc9 tzdata.noarch 0:2008b-1.fc9 zlib.i386 0:1.2.3-18.fc9 Complete!
Nu kunnen we onze chroot omgeving testen:
[root@localhost ~]# chroot /chrootedlogin/ bash-3.2# ls / bin boot chrootedlogin dev etc home lib media mnt opt proc root sbin selinux srv sys tmp usr var
We hebben nu een basis omgeving, waar in principe op ingelogd kan worden.
Inloggen in chroot omgeving
Dit gaat door simpelweg /etc/ssh/sshd_config aan te passen.
Hierin stelt men de ChrootDirectory? in op /chrootedlogin.
Iedereen die nu inlogt via ssh komt nu in deze directory. Ook de rootuser dus!
Apache chrooted installeren en draaien
Apache installeren
Dit gaat op dezelfde manier:
[root@localhost ~]# yum --installroot=/apache install httpd Setting up Install Process Parsing package install arguments Resolving Dependencies --> Running transaction check ---> Package httpd.i386 0:2.2.8-3 set to be updated --> Processing Dependency: libc.so.6(GLIBC_2.3.4) for package: httpd --> Processing Dependency: libc.so.6(GLIBC_2.4) for package: httpd --> Processing Dependency: libc.so.6(GLIBC_2.1) for package: httpd --> Processing Dependency: libz.so.1 for package: httpd --> Processing Dependency: libc.so.6(GLIBC_2.1.3) for package: httpd --> Processing Dependency: libapr-1.so.0 for package: httpd --> Processing Dependency: /bin/sh for package: httpd --> Processing Dependency: libm.so.6 for package: httpd --> Processing Dependency: libc.so.6(GLIBC_2.2) for package: httpd --> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd --> Processing Dependency: libaprutil-1.so.0 for package: httpd --> Processing Dependency: httpd-tools = 2.2.8-3 for package: httpd --> Processing Dependency: libc.so.6 for package: httpd --> Processing Dependency: libdl.so.2 for package: httpd --> Processing Dependency: libselinux.so.1 for package: httpd --> Processing Dependency: libldap-2.4.so.2 for package: httpd --> Processing Dependency: libcrypt.so.1 for package: httpd --> Processing Dependency: /bin/sh for package: httpd --> Processing Dependency: libpcre.so.0 for package: httpd --> Processing Dependency: rtld(GNU_HASH) for package: httpd --> Processing Dependency: /etc/mime.types for package: httpd --> Processing Dependency: /bin/bash for package: httpd --> Processing Dependency: libexpat.so.1 for package: httpd --> Processing Dependency: libc.so.6(GLIBC_2.0) for package: httpd --> Processing Dependency: initscripts >= 8.36 for package: httpd --> Processing Dependency: chkconfig for package: httpd --> Processing Dependency: libpthread.so.0(GLIBC_2.0) for package: httpd --> Processing Dependency: liblber-2.4.so.2 for package: httpd --> Processing Dependency: libpthread.so.0 for package: httpd --> Processing Dependency: libc.so.6(GLIBC_2.3) for package: httpd --> Processing Dependency: /usr/sbin/useradd for package: httpd --> Processing Dependency: libdb-4.6.so for package: httpd --> Running transaction check ---> Package shadow-utils.i386 2:4.1.1-1.fc9 set to be updated --> Processing Dependency: audit-libs >= 1.6.5 for package: shadow-utils --> Processing Dependency: libaudit.so.0 for package: shadow-utils ---> Package bash.i386 0:3.2-22.fc9 set to be updated --> Processing Dependency: mktemp for package: bash --> Processing Dependency: libtinfo.so.5 for package: bash --> Processing Dependency: ncurses for package: bash ---> Package httpd-tools.i386 0:2.2.8-3 set to be updated --> Processing Dependency: libssl.so.7 for package: httpd-tools --> Processing Dependency: libcrypto.so.7 for package: httpd-tools ---> Package glibc.i686 0:2.8-3 set to be updated --> Processing Dependency: basesystem for package: glibc --> Processing Dependency: libgcc for package: glibc --> Processing Dependency: glibc-common = 2.8-3 for package: glibc ---> Package zlib.i386 0:1.2.3-18.fc9 set to be updated ---> Package chkconfig.i386 0:1.3.37-2 set to be updated --> Processing Dependency: libpopt.so.0(LIBPOPT_0) for package: chkconfig --> Processing Dependency: libpopt.so.0 for package: chkconfig ---> Package fedora-logos.noarch 0:9.0.0-2.fc9 set to be updated ---> Package openldap.i386 0:2.4.8-3.fc9 set to be updated --> Processing Dependency: libsasl2.so.2 for package: openldap ---> Package libselinux.i386 0:2.0.61-1.fc9 set to be updated --> Processing Dependency: libsepol >= 2.0.18-2 for package: libselinux ---> Package initscripts.i386 0:8.76-1 set to be updated --> Processing Dependency: e2fsprogs >= 1.15 for package: initscripts --> Processing Dependency: findutils for package: initscripts --> Processing Dependency: /etc/redhat-release for package: initscripts --> Processing Dependency: syslog for package: initscripts --> Processing Dependency: /sbin/sysctl for package: initscripts --> Processing Dependency: /bin/awk for package: initscripts --> Processing Dependency: /sbin/arping for package: initscripts --> Processing Dependency: libglib-2.0.so.0 for package: initscripts --> Processing Dependency: module-init-tools for package: initscripts --> Processing Dependency: util-linux >= 2.10s-11 for package: initscripts --> Processing Dependency: ethtool >= 1.8-2 for package: initscripts --> Processing Dependency: cpio for package: initscripts --> Processing Dependency: udev >= 115-1 for package: initscripts --> Processing Dependency: mount >= 2.11l for package: initscripts --> Processing Dependency: /bin/find for package: initscripts --> Processing Dependency: /sbin/ip for package: initscripts --> Processing Dependency: /bin/sed for package: initscripts --> Processing Dependency: /sbin/fuser for package: initscripts --> Processing Dependency: dev for package: initscripts --> Processing Dependency: upstart for package: initscripts --> Processing Dependency: /bin/grep for package: initscripts --> Processing Dependency: net-tools for package: initscripts --> Processing Dependency: /bin/sed for package: initscripts --> Processing Dependency: mingetty for package: initscripts --> Processing Dependency: /sbin/pidof for package: initscripts ---> Package expat.i386 0:2.0.1-5 set to be updated ---> Package mailcap.noarch 0:2.1.28-1.fc9 set to be updated ---> Package db4.i386 0:4.6.21-5.fc9 set to be updated ---> Package apr-util.i386 0:1.2.12-5.fc9 set to be updated --> Processing Dependency: libuuid.so.1 for package: apr-util ---> Package apr.i386 0:1.2.12-2.fc9 set to be updated ---> Package pcre.i386 0:7.3-3.fc9 set to be updated --> Processing Dependency: libstdc++.so.6(CXXABI_1.3) for package: pcre --> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4.9) for package: pcre --> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4) for package: pcre --> Processing Dependency: libstdc++.so.6 for package: pcre --> Running transaction check ---> Package basesystem.noarch 0:8.1-1 set to be updated --> Processing Dependency: filesystem for package: basesystem --> Processing Dependency: setup for package: basesystem ---> Package util-linux-ng.i386 0:2.13.1-6.fc9 set to be updated --> Processing Dependency: pam >= 0.66-4 for package: util-linux-ng --> Processing Dependency: /sbin/install-info for package: util-linux-ng --> Processing Dependency: libpam.so.0 for package: util-linux-ng --> Processing Dependency: ConsoleKit-libs for package: util-linux-ng --> Processing Dependency: libpam.so.0(LIBPAM_1.0) for package: util-linux-ng --> Processing Dependency: /etc/pam.d/system-auth for package: util-linux-ng --> Processing Dependency: libpam_misc.so.0 for package: util-linux-ng --> Processing Dependency: libpam_misc.so.0(LIBPAM_MISC_1.0) for package: util-linux-ng ---> Package iputils.i386 0:20071127-2.fc9 set to be updated --> Processing Dependency: libidn.so.11 for package: iputils --> Processing Dependency: libsysfs.so.2 for package: iputils ---> Package e2fsprogs-libs.i386 0:1.40.8-2.fc9 set to be updated --> Processing Dependency: libdevmapper.so.1.02 for package: e2fsprogs-libs --> Processing Dependency: libdevmapper.so.1.02(Base) for package: e2fsprogs-libs ---> Package rsyslog.i386 0:3.14.1-2.fc9 set to be updated --> Processing Dependency: logrotate >= 3.5.2 for package: rsyslog ---> Package audit-libs.i386 0:1.7.2-6.fc9 set to be updated ---> Package openssl.i686 0:0.9.8g-6.fc9 set to be updated --> Processing Dependency: libkrb5.so.3(krb5_3_MIT) for package: openssl --> Processing Dependency: libk5crypto.so.3(k5crypto_3_MIT) for package: openssl --> Processing Dependency: libkrb5.so.3 for package: openssl --> Processing Dependency: libgssapi_krb5.so.2 for package: openssl --> Processing Dependency: libk5crypto.so.3 for package: openssl ---> Package upstart.i386 0:0.3.9-19.fc9 set to be updated ---> Package sysvinit-tools.i386 0:2.86-24 set to be updated ---> Package sed.i386 0:4.1.5-10.fc9 set to be updated ---> Package cpio.i386 0:2.9-7.fc9 set to be updated ---> Package libstdc++.i386 0:4.3.0-8 set to be updated ---> Package module-init-tools.i386 0:3.4-13.fc9 set to be updated ---> Package cyrus-sasl-lib.i386 0:2.1.22-13.fc9 set to be updated ---> Package net-tools.i386 0:1.60-87.fc9 set to be updated ---> Package ncurses.i386 0:5.6-16.20080301.fc9 set to be updated ---> Package popt.i386 0:1.13-3.fc9 set to be updated ---> Package e2fsprogs.i386 0:1.40.8-2.fc9 set to be updated --> Processing Dependency: device-mapper for package: e2fsprogs ---> Package iproute.i386 0:2.6.23-4.fc9 set to be updated --> Processing Dependency: libatm.so.1 for package: iproute ---> Package glibc-common.i386 0:2.8-3 set to be updated --> Processing Dependency: tzdata >= 2003a for package: glibc-common ---> Package ethtool.i386 0:6-1.fc9 set to be updated ---> Package findutils.i386 1:4.2.33-3.fc9 set to be updated ---> Package coreutils.i386 0:6.10-18.fc9 set to be updated --> Processing Dependency: libacl.so.1 for package: coreutils --> Processing Dependency: libacl.so.1(ACL_1.0) for package: coreutils ---> Package glib2.i386 0:2.16.3-5.fc9 set to be updated --> Processing Dependency: libfam.so.0 for package: glib2 ---> Package grep.i386 0:2.5.1-59.fc9 set to be updated ---> Package procps.i386 0:3.2.7-20.fc9 set to be updated ---> Package libgcc.i386 0:4.3.0-8 set to be updated ---> Package fedora-release.noarch 0:9-5.transition set to be updated --> Processing Dependency: fedora-release-notes >= 9 for package: fedora-release ---> Package ncurses-libs.i386 0:5.6-16.20080301.fc9 set to be updated --> Processing Dependency: ncurses-base = 5.6-16.20080301.fc9 for package: ncurses-libs ---> Package psmisc.i386 0:22.6-5.fc9 set to be updated ---> Package libsepol.i386 0:2.0.26-1.fc9 set to be updated ---> Package gawk.i386 0:3.1.5-17.fc9 set to be updated ---> Package udev.i386 0:120-5.20080421git.fc9 set to be updated --> Processing Dependency: libvolume_id.so.0 for package: udev --> Processing Dependency: MAKEDEV >= 3.11 for package: udev --> Processing Dependency: MAKEDEV for package: udev ---> Package mingetty.i386 0:1.08-2.fc9 set to be updated --> Running transaction check ---> Package libacl.i386 0:2.2.47-1.fc9 set to be updated --> Processing Dependency: libattr.so.1(ATTR_1.0) for package: libacl --> Processing Dependency: libattr.so.1 for package: libacl ---> Package krb5-libs.i386 0:1.6.3-10.fc9 set to be updated --> Processing Dependency: libkeyutils.so.1(KEYUTILS_0.3) for package: krb5-libs --> Processing Dependency: libkeyutils.so.1 for package: krb5-libs ---> Package ncurses-base.i386 0:5.6-16.20080301.fc9 set to be updated ---> Package info.i386 0:4.11-5.fc9 set to be updated ---> Package libidn.i386 0:0.6.14-7 set to be updated ---> Package tzdata.noarch 0:2008b-1.fc9 set to be updated ---> Package linux-atm-libs.i386 0:2.5.0-5 set to be updated ---> Package gamin.i386 0:0.1.9-5.fc9 set to be updated ---> Package filesystem.i386 0:2.4.13-1.fc9 set to be updated ---> Package pam.i386 0:1.0.1-2.fc9 set to be updated --> Processing Dependency: cracklib-dicts >= 2.8 for package: pam --> Processing Dependency: cracklib for package: pam --> Processing Dependency: libcrack.so.2 for package: pam ---> Package libvolume_id.i386 0:120-5.20080421git.fc9 set to be updated ---> Package ConsoleKit-libs.i386 0:0.2.10-3.fc9 set to be updated --> Processing Dependency: dbus >= 0.90 for package: ConsoleKit-libs --> Processing Dependency: libdbus-1.so.3 for package: ConsoleKit-libs ---> Package setup.noarch 0:2.6.14-1.fc9 set to be updated ---> Package device-mapper.i386 0:1.02.24-11.fc9 set to be updated ---> Package fedora-release-notes.noarch 0:9.0.0-1 set to be updated ---> Package MAKEDEV.i386 0:3.23-4 set to be updated ---> Package device-mapper-libs.i386 0:1.02.24-11.fc9 set to be updated ---> Package logrotate.i386 0:3.7.6-3.fc9 set to be updated ---> Package libsysfs.i386 0:2.1.0-3.fc9 set to be updated --> Running transaction check ---> Package dbus.i386 0:1.2.1-1.fc9 set to be updated --> Processing Dependency: libcap.so.2 for package: dbus ---> Package cracklib-dicts.i386 0:2.8.12-2 set to be updated ---> Package cracklib.i386 0:2.8.12-2 set to be updated ---> Package dbus-libs.i386 0:1.2.1-1.fc9 set to be updated ---> Package keyutils-libs.i386 0:1.2-3.fc9 set to be updated ---> Package libattr.i386 0:2.4.41-1.fc9 set to be updated --> Running transaction check ---> Package libcap.i386 0:2.06-4.fc9 set to be updated --> Finished Dependency Resolution Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: httpd i386 2.2.8-3 fedora 968 k Installing for dependencies: ConsoleKit-libs i386 0.2.10-3.fc9 fedora 14 k MAKEDEV i386 3.23-4 fedora 138 k apr i386 1.2.12-2.fc9 fedora 128 k apr-util i386 1.2.12-5.fc9 fedora 74 k audit-libs i386 1.7.2-6.fc9 fedora 74 k basesystem noarch 8.1-1 fedora 2.9 k bash i386 3.2-22.fc9 fedora 1.8 M chkconfig i386 1.3.37-2 fedora 156 k coreutils i386 6.10-18.fc9 fedora 4.4 M cpio i386 2.9-7.fc9 fedora 183 k cracklib i386 2.8.12-2 fedora 47 k cracklib-dicts i386 2.8.12-2 fedora 3.7 M cyrus-sasl-lib i386 2.1.22-13.fc9 fedora 1.1 M db4 i386 4.6.21-5.fc9 fedora 597 k dbus i386 1.2.1-1.fc9 fedora 248 k dbus-libs i386 1.2.1-1.fc9 fedora 127 k device-mapper i386 1.02.24-11.fc9 fedora 67 k device-mapper-libs i386 1.02.24-11.fc9 fedora 64 k e2fsprogs i386 1.40.8-2.fc9 fedora 625 k e2fsprogs-libs i386 1.40.8-2.fc9 fedora 134 k ethtool i386 6-1.fc9 fedora 65 k expat i386 2.0.1-5 fedora 83 k fedora-logos noarch 9.0.0-2.fc9 fedora 1.1 M fedora-release noarch 9-5.transition updates 34 k fedora-release-notes noarch 9.0.0-1 fedora 3.6 M filesystem i386 2.4.13-1.fc9 fedora 119 k findutils i386 1:4.2.33-3.fc9 fedora 308 k gamin i386 0.1.9-5.fc9 fedora 124 k gawk i386 3.1.5-17.fc9 fedora 963 k glib2 i386 2.16.3-5.fc9 fedora 1.3 M glibc i686 2.8-3 fedora 5.5 M glibc-common i386 2.8-3 fedora 21 M grep i386 2.5.1-59.fc9 fedora 182 k httpd-tools i386 2.2.8-3 fedora 68 k info i386 4.11-5.fc9 fedora 167 k initscripts i386 8.76-1 fedora 1.8 M iproute i386 2.6.23-4.fc9 fedora 833 k iputils i386 20071127-2.fc9 fedora 127 k keyutils-libs i386 1.2-3.fc9 fedora 18 k krb5-libs i386 1.6.3-10.fc9 fedora 720 k libacl i386 2.2.47-1.fc9 fedora 22 k libattr i386 2.4.41-1.fc9 fedora 13 k libcap i386 2.06-4.fc9 fedora 29 k libgcc i386 4.3.0-8 fedora 45 k libidn i386 0.6.14-7 fedora 211 k libselinux i386 2.0.61-1.fc9 fedora 116 k libsepol i386 2.0.26-1.fc9 fedora 129 k libstdc++ i386 4.3.0-8 fedora 317 k libsysfs i386 2.1.0-3.fc9 fedora 47 k libvolume_id i386 120-5.20080421git.fc9 fedora 56 k linux-atm-libs i386 2.5.0-5 fedora 23 k logrotate i386 3.7.6-3.fc9 fedora 51 k mailcap noarch 2.1.28-1.fc9 fedora 15 k mingetty i386 1.08-2.fc9 fedora 20 k module-init-tools i386 3.4-13.fc9 fedora 428 k ncurses i386 5.6-16.20080301.fc9 fedora 169 k ncurses-base i386 5.6-16.20080301.fc9 fedora 59 k ncurses-libs i386 5.6-16.20080301.fc9 fedora 326 k net-tools i386 1.60-87.fc9 fedora 361 k openldap i386 2.4.8-3.fc9 fedora 311 k openssl i686 0.9.8g-6.fc9 fedora 1.5 M pam i386 1.0.1-2.fc9 fedora 1.1 M pcre i386 7.3-3.fc9 fedora 140 k popt i386 1.13-3.fc9 fedora 39 k procps i386 3.2.7-20.fc9 fedora 212 k psmisc i386 22.6-5.fc9 fedora 73 k rsyslog i386 3.14.1-2.fc9 fedora 309 k sed i386 4.1.5-10.fc9 fedora 188 k setup noarch 2.6.14-1.fc9 fedora 140 k shadow-utils i386 2:4.1.1-1.fc9 fedora 1.2 M sysvinit-tools i386 2.86-24 fedora 61 k tzdata noarch 2008b-1.fc9 fedora 752 k udev i386 120-5.20080421git.fc9 fedora 283 k upstart i386 0.3.9-19.fc9 fedora 244 k util-linux-ng i386 2.13.1-6.fc9 fedora 2.0 M zlib i386 1.2.3-18.fc9 fedora 74 k Transaction Summary ============================================================================= Install 77 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 64 M Is this ok [y/N]: y Downloading Packages: (1/77): basesystem-8.1-1.noarch.rpm | 2.9 kB 00:00 (2/77): libattr-2.4.41-1.fc9.i386.rpm | 13 kB 00:00 (3/77): ConsoleKit-libs-0.2.10-3.fc9.i386.rpm | 14 kB 00:00 (4/77): mailcap-2.1.28-1.fc9.noarch.rpm | 15 kB 00:00 (5/77): keyutils-libs-1.2-3.fc9.i386.rpm | 18 kB 00:00 (6/77): mingetty-1.08-2.fc9.i386.rpm | 20 kB 00:00 (7/77): libacl-2.2.47-1.fc9.i386.rpm | 22 kB 00:00 (8/77): linux-atm-libs-2.5.0-5.i386.rpm | 23 kB 00:00 (9/77): libcap-2.06-4.fc9.i386.rpm | 29 kB 00:00 (10/77): fedora-release-9-5.transition.noarch.rpm | 34 kB 00:00 (11/77): popt-1.13-3.fc9.i386.rpm | 39 kB 00:00 (12/77): libgcc-4.3.0-8.i386.rpm | 45 kB 00:00 (13/77): cracklib-2.8.12-2.i386.rpm | 47 kB 00:00 (14/77): libsysfs-2.1.0-3.fc9.i386.rpm | 47 kB 00:00 (15/77): logrotate-3.7.6-3.fc9.i386.rpm | 51 kB 00:00 (16/77): libvolume_id-120-5.20080421git.fc9.i386.rpm | 56 kB 00:00 (17/77): ncurses-base-5.6-16.20080301.fc9.i386.rpm | 59 kB 00:00 (18/77): sysvinit-tools-2.86-24.i386.rpm | 61 kB 00:00 (19/77): device-mapper-libs-1.02.24-11.fc9.i386.rpm | 64 kB 00:00 (20/77): ethtool-6-1.fc9.i386.rpm | 65 kB 00:00 (21/77): device-mapper-1.02.24-11.fc9.i386.rpm | 67 kB 00:00 (22/77): httpd-tools-2.2.8-3.i386.rpm | 68 kB 00:00 (23/77): psmisc-22.6-5.fc9.i386.rpm | 73 kB 00:00 (24/77): audit-libs-1.7.2-6.fc9.i386.rpm | 74 kB 00:00 (25/77): apr-util-1.2.12-5.fc9.i386.rpm | 74 kB 00:00 (26/77): zlib-1.2.3-18.fc9.i386.rpm | 74 kB 00:00 (27/77): expat-2.0.1-5.i386.rpm | 83 kB 00:00 (28/77): libselinux-2.0.61-1.fc9.i386.rpm | 116 kB 00:00 (29/77): filesystem-2.4.13-1.fc9.i386.rpm | 119 kB 00:00 (30/77): gamin-0.1.9-5.fc9.i386.rpm | 124 kB 00:00 (31/77): dbus-libs-1.2.1-1.fc9.i386.rpm | 127 kB 00:00 (32/77): iputils-20071127-2.fc9.i386.rpm | 127 kB 00:00 (33/77): apr-1.2.12-2.fc9.i386.rpm | 128 kB 00:00 (34/77): libsepol-2.0.26-1.fc9.i386.rpm | 129 kB 00:00 (35/77): e2fsprogs-libs-1.40.8-2.fc9.i386.rpm | 134 kB 00:00 (36/77): MAKEDEV-3.23-4.i386.rpm | 138 kB 00:00 (37/77): setup-2.6.14-1.fc9.noarch.rpm | 140 kB 00:00 (38/77): pcre-7.3-3.fc9.i386.rpm | 140 kB 00:00 (39/77): chkconfig-1.3.37-2.i386.rpm | 156 kB 00:00 (40/77): info-4.11-5.fc9.i386.rpm | 167 kB 00:00 (41/77): ncurses-5.6-16.20080301.fc9.i386.rpm | 169 kB 00:00 (42/77): grep-2.5.1-59.fc9.i386.rpm | 182 kB 00:00 (43/77): cpio-2.9-7.fc9.i386.rpm | 183 kB 00:00 (44/77): sed-4.1.5-10.fc9.i386.rpm | 188 kB 00:00 (45/77): libidn-0.6.14-7.i386.rpm | 211 kB 00:00 (46/77): procps-3.2.7-20.fc9.i386.rpm | 212 kB 00:00 (47/77): upstart-0.3.9-19.fc9.i386.rpm | 244 kB 00:00 (48/77): dbus-1.2.1-1.fc9.i386.rpm | 248 kB 00:00 (49/77): udev-120-5.20080421git.fc9.i386.rpm | 283 kB 00:00 (50/77): findutils-4.2.33-3.fc9.i386.rpm | 308 kB 00:00 (51/77): rsyslog-3.14.1-2.fc9.i386.rpm | 309 kB 00:00 (52/77): openldap-2.4.8-3.fc9.i386.rpm | 311 kB 00:00 (53/77): libstdc++-4.3.0-8.i386.rpm | 317 kB 00:00 (54/77): ncurses-libs-5.6-16.20080301.fc9.i386.rpm | 326 kB 00:00 (55/77): net-tools-1.60-87.fc9.i386.rpm | 361 kB 00:00 (56/77): module-init-tools-3.4-13.fc9.i386.rpm | 428 kB 00:00 (57/77): db4-4.6.21-5.fc9.i386.rpm | 597 kB 00:01 (58/77): e2fsprogs-1.40.8-2.fc9.i386.rpm | 625 kB 00:00 (59/77): krb5-libs-1.6.3-10.fc9.i386.rpm | 720 kB 00:01 (60/77): tzdata-2008b-1.fc9.noarch.rpm | 752 kB 00:01 (61/77): iproute-2.6.23-4.fc9.i386.rpm | 833 kB 00:01 (62/77): gawk-3.1.5-17.fc9.i386.rpm | 963 kB 00:01 (63/77): httpd-2.2.8-3.i386.rpm | 968 kB 00:01 (64/77): pam-1.0.1-2.fc9.i386.rpm | 1.1 MB 00:01 (65/77): fedora-logos-9.0.0-2.fc9.noarch.rpm | 1.1 MB 00:02 (66/77): cyrus-sasl-lib-2.1.22-13.fc9.i386.rpm | 1.1 MB 00:02 (67/77): shadow-utils-4.1.1-1.fc9.i386.rpm | 1.2 MB 00:02 (68/77): glib2-2.16.3-5.fc9.i386.rpm | 1.3 MB 00:02 (69/77): openssl-0.9.8g-6.fc9.i686.rpm | 1.5 MB 00:02 (70/77): bash-3.2-22.fc9.i386.rpm | 1.8 MB 00:02 (71/77): initscripts-8.76-1.i386.rpm | 1.8 MB 00:02 (72/77): util-linux-ng-2.13.1-6.fc9.i386.rpm | 2.0 MB 00:02 (73/77): fedora-release-notes-9.0.0-1.noarch.rpm | 3.6 MB 00:04 (74/77): cracklib-dicts-2.8.12-2.i386.rpm | 3.7 MB 00:05 (75/77): coreutils-6.10-18.fc9.i386.rpm | 4.4 MB 00:05 (76/77): glibc-2.8-3.i686.rpm | 5.5 MB 00:07 (77/77): glibc-common-2.8-3.i386.rpm | 21 MB 00:27 warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 4f2a6fd2 Importing GPG key 0x4F2A6FD2 "Fedora Project <fedora@redhat.com>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora Is this ok [y/N]: y Importing GPG key 0xDB42A60E "Red Hat, Inc <security@redhat.com>" from /etc/pki/rpm-gpg/RPM-GPG-KEY Is this ok [y/N]: y Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Installing : setup [ 1/77] Installing : filesystem [ 2/77] Installing : basesystem [ 3/77] Installing : ncurses-base [ 4/77] Installing : mailcap [ 5/77] Installing : tzdata [ 6/77] Installing : libgcc [ 7/77] Installing : glibc [ 8/77] Installing : ncurses-libs [ 9/77] Installing : zlib [10/77] Installing : expat [11/77] Installing : popt [12/77] Installing : chkconfig [13/77] Installing : db4 [14/77] Installing : audit-libs [15/77] Installing : libcap [16/77] Installing : procps [17/77] Installing : ncurses [18/77] Installing : bash [19/77] Installing : info [20/77] Installing : libsepol [21/77] Installing : libselinux [22/77] Installing : shadow-utils [23/77] Installing : device-mapper-libs [24/77] Installing : e2fsprogs-libs [25/77] Installing : apr [26/77] Installing : sed [27/77] Installing : cracklib [28/77] Installing : device-mapper [29/77] Installing : e2fsprogs [30/77] /var/tmp/rpm-tmp.94904: line 2: getent: command not found /var/tmp/rpm-tmp.94904: line 3: getent: command not found Installing : MAKEDEV [31/77] Installing : findutils [32/77] Installing : sysvinit-tools [33/77] Installing : net-tools [34/77] Installing : psmisc [35/77] Installing : libidn [36/77] Installing : cpio [37/77] Installing : cyrus-sasl-lib [38/77] Installing : linux-atm-libs [39/77] Installing : iproute [40/77] Installing : libvolume_id [41/77] Installing : libattr [42/77] Installing : libacl [43/77] Installing : libstdc++ [44/77] Installing : pcre [45/77] Installing : grep [46/77] Installing : coreutils [47/77] Installing : logrotate [48/77] Installing : rsyslog [49/77] Installing : gawk [50/77] Installing : module-init-tools [51/77] Installing : keyutils-libs [52/77] Installing : krb5-libs [53/77] Installing : openssl [54/77] Installing : openldap [55/77] Installing : apr-util [56/77] Installing : httpd-tools [57/77] Installing : ethtool [58/77] Installing : libsysfs [59/77] Installing : iputils [60/77] Installing : glibc-common [61/77] Installing : upstart [62/77] Installing : mingetty [63/77] Installing : fedora-logos [64/77] Installing : cracklib-dicts [65/77] Installing : fedora-release-notes [66/77] Installing : pam [67/77] Installing : fedora-release [68/77] Installing : dbus-libs [69/77] Installing : glib2 [70/77] Installing : dbus [71/77] Installing : ConsoleKit-libs [72/77] Installing : util-linux-ng [73/77] Installing : gamin [74/77] Installing : initscripts [75/77] Installing : udev [76/77] Installing : httpd [77/77] Installed: httpd.i386 0:2.2.8-3 Dependency Installed: ConsoleKit-libs.i386 0:0.2.10-3.fc9 MAKEDEV.i386 0:3.23-4 apr.i386 0:1.2.12-2.fc9 apr-util.i386 0:1.2.12-5.fc9 audit-libs.i386 0:1.7.2-6.fc9 basesystem.noarch 0:8.1-1 bash.i386 0:3.2-22.fc9 chkconfig.i386 0:1.3.37-2 coreutils.i386 0:6.10-18.fc9 cpio.i386 0:2.9-7.fc9 cracklib.i386 0:2.8.12-2 cracklib-dicts.i386 0:2.8.12-2 cyrus-sasl-lib.i386 0:2.1.22-13.fc9 db4.i386 0:4.6.21-5.fc9 dbus.i386 0:1.2.1-1.fc9 dbus-libs.i386 0:1.2.1-1.fc9 device-mapper.i386 0:1.02.24-11.fc9 device-mapper-libs.i386 0:1.02.24-11.fc9 e2fsprogs.i386 0:1.40.8-2.fc9 e2fsprogs-libs.i386 0:1.40.8-2.fc9 ethtool.i386 0:6-1.fc9 expat.i386 0:2.0.1-5 fedora-logos.noarch 0:9.0.0-2.fc9 fedora-release.noarch 0:9-5.transition fedora-release-notes.noarch 0:9.0.0-1 filesystem.i386 0:2.4.13-1.fc9 findutils.i386 1:4.2.33-3.fc9 gamin.i386 0:0.1.9-5.fc9 gawk.i386 0:3.1.5-17.fc9 glib2.i386 0:2.16.3-5.fc9 glibc.i686 0:2.8-3 glibc-common.i386 0:2.8-3 grep.i386 0:2.5.1-59.fc9 httpd-tools.i386 0:2.2.8-3 info.i386 0:4.11-5.fc9 initscripts.i386 0:8.76-1 iproute.i386 0:2.6.23-4.fc9 iputils.i386 0:20071127-2.fc9 keyutils-libs.i386 0:1.2-3.fc9 krb5-libs.i386 0:1.6.3-10.fc9 libacl.i386 0:2.2.47-1.fc9 libattr.i386 0:2.4.41-1.fc9 libcap.i386 0:2.06-4.fc9 libgcc.i386 0:4.3.0-8 libidn.i386 0:0.6.14-7 libselinux.i386 0:2.0.61-1.fc9 libsepol.i386 0:2.0.26-1.fc9 libstdc++.i386 0:4.3.0-8 libsysfs.i386 0:2.1.0-3.fc9 libvolume_id.i386 0:120-5.20080421git.fc9 linux-atm-libs.i386 0:2.5.0-5 logrotate.i386 0:3.7.6-3.fc9 mailcap.noarch 0:2.1.28-1.fc9 mingetty.i386 0:1.08-2.fc9 module-init-tools.i386 0:3.4-13.fc9 ncurses.i386 0:5.6-16.20080301.fc9 ncurses-base.i386 0:5.6-16.20080301.fc9 ncurses-libs.i386 0:5.6-16.20080301.fc9 net-tools.i386 0:1.60-87.fc9 openldap.i386 0:2.4.8-3.fc9 openssl.i686 0:0.9.8g-6.fc9 pam.i386 0:1.0.1-2.fc9 pcre.i386 0:7.3-3.fc9 popt.i386 0:1.13-3.fc9 procps.i386 0:3.2.7-20.fc9 psmisc.i386 0:22.6-5.fc9 rsyslog.i386 0:3.14.1-2.fc9 sed.i386 0:4.1.5-10.fc9 setup.noarch 0:2.6.14-1.fc9 shadow-utils.i386 2:4.1.1-1.fc9 sysvinit-tools.i386 0:2.86-24 tzdata.noarch 0:2008b-1.fc9 udev.i386 0:120-5.20080421git.fc9 upstart.i386 0:0.3.9-19.fc9 util-linux-ng.i386 0:2.13.1-6.fc9 zlib.i386 0:1.2.3-18.fc9 Complete!
Apache starten
Hiervoor is het eerst nodig de /dev van het hoofdsysteem te kopieren:
[root@localhost ~]# rm -rf /apache/dev [root@localhost ~]# cp -a /dev/ /apache/ [root@localhost ~]# chroot /apache/ bash-3.2# service httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for localhost.localdomain httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName [ OK ] bash-3.2# exit [root@localhost ~]# ps fax|grep httpd 5248 pts/1 S+ 0:00 \_ grep httpd 5236 ? Ss 0:00 /usr/sbin/httpd 5238 ? S 0:00 \_ /usr/sbin/httpd 5239 ? S 0:00 \_ /usr/sbin/httpd 5240 ? S 0:00 \_ /usr/sbin/httpd 5241 ? S 0:00 \_ /usr/sbin/httpd 5242 ? S 0:00 \_ /usr/sbin/httpd 5243 ? S 0:00 \_ /usr/sbin/httpd 5244 ? S 0:00 \_ /usr/sbin/httpd 5245 ? S 0:00 \_ /usr/sbin/httpd [root@localhost ~]#
Apache draait nu in een chroot omgeving.
Wel is het verstandig om qua security de /dev directory zoveel mogelijk te strippen. (met name de harddisks en kernel memory dingen)