[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Chrooted services



This short description sounds nice, but I can't see how to do it.
Is there a longer version available?

For example it would be nice to chroot the flexlm licensserver.
Anybody done this before with compardment?

The steps are clear, but what's been to do step by step?

As from dhcpd I know you have to change something in Servicefile to activate
the chroot (with 8.1 it was the case until 8.2 supports it now).
With this option the /etc/init.d/<SERVICE-script> copies service xy into a
chroot jail (e.g. /var/chroot/SERVICE) and copies dummy devices into it so
service xy can access syslog, /etc/SERVICE, linked binaries and libs.

What are the options for compardment?

The problem with this thread is, there isn't really much been said about it
in the man or howto (same was with samba-vscan, but I found some useful
links after investigating a littlebit).
I cannot find useful links to this thread.

Anybody got links or manuals for this?

Philippe

P.S.: Anybody got a solution for smtp auth/chroot/postfix with SuSE 8.2?
I didn't get it to work yet, but would like to use my smtp-server with smtp
auth (I wanna use my servers spam/virus/filteroptions instead of that lame
ones many providers do have).
I have setup relay allowed for my network only, want to send mail via modem
with this (from here it's no problem, because i'm within my network's
ip-range).


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here