To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.

Chroot

From ZNC
Jump to navigation Jump to search
This tutorial and the script are intended for advanced users only who actually know what chroot does!
Alternativly you can test this script which will download the latest nightly and help you setting it up to run chrooted.

This article describes how to run ZNC in a chroot-environment on Debian.

1. Compile and install ZNC normally.

Details: Installation

2. Add a new user for ZNC

Example: bouncer 

adduser bouncer

3. Login as "bouncer" and configure ZNC normally for this user.

Details: Configuration

4. Change back to "root" and create a directory for the chroot environment.

Example: /var/chroot/ 

mkdir /var/chroot

5. Create the following subdirectories:

/var/chroot/ + 

etc/
dev/
usr/
usr/lib/
usr/local/share
usr/local/bin
usr/local/lib
lib/
home/
home/bouncer

6. Change into the newly created "home"-directory and run: 

chown bouncer:bouncer bouncer

7. Change into the newly created "dev"-directory and run: 

mknod -m 644 random c 1 8
mknod -m 644 urandom c 1 9
mknod -m 666 null c 1 3

8. Run "ldd znc" to get the names of the needed libs.

Example: 

linux-gate.so.1 =>  ()
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 ()
libssl.so.0.9.8 => /usr/lib/i686/cmov/libssl.so.0.9.8 ()
libcrypto.so.0.9.8 => /usr/lib/i686/cmov/libcrypto.so.0.9.8 ()
libstdc++.so.6 => /usr/lib/libstdc++.so.6 ()
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 ()
libgcc_s.so.1 => /lib/libgcc_s.so.1 ()
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 ()
/lib/ld-linux.so.2 ()
libz.so.1 => /usr/lib/libz.so.1 ()

9. Copy all needed files. 

cp /lib/mylibname /var/chroot/lib/
cp /usr/lib/mylibname /var/chroot/usr/lib/

Be sure that you missed no file!

10. You need to copy the following files to get DNS working. 

/etc/hosts
/etc/resolv.conf
/lib/libnss_dns.so.2 (May also be somewhere else, ask locate)
/lib/libresolv.so.2 (May also be somewhere else, ask locate)

11. Copy ZNC files. 

cp /usr/local/bin/znc* /var/chroot/usr/local/bin/
cp -r /usr/local/share/znc /var/chroot/usr/local/share/
cp -r /usr/local/lib/znc /var/chroot/usr/local/lib/

12. Change to "bouncer" user and copy config files. 

cp -r /home/bouncer/.znc /var/chroot/home/bouncer/

13. Change to "root" user.

You now can start ZNC with: 

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --start --exec /usr/local/bin/znc

And stop it with: 

start-stop-daemon --chroot /var/chroot/ --chuid bouncer:bouncer --stop --exec /usr/local/bin/znc
Retrieved from "https://wiki.znc.in/index.php?title=Chroot&oldid=1908"