netbsd-users: Re: Perl in chrooted area...?

Subject: Re: Perl in chrooted area...?
To: None <netbsd-users@netbsd.org>
From: Chuck Cranor <chuck@ece.cmu.edu>
List: netbsd-users
Date: 10/31/2006 12:43:17
>Then I wanted to set up perl in /home/www. I did the same thing
>and a simple program worked in /home/www/cgi-bin, at least when I
>was root. But thttpd can't run it. :-(
>Not even when I chmod 777 program.pl. I have also tried with .cgi
>at the end.

i have a perl module that uses a set of static files and package
names to setup a choot area.   i've successfully chroot'd 
mysqld, nagios, rt, tinyproxy, and apache (with perl for cgi).

for packages, the module recursively uses "pkg_info -q -N" and
"pkg_info -q -L" to get the list of all the files needed in the
chroot'd area to support the packages you want.

with this, I can easily regenerate chroot'd areas.  I can also
upgrade the main pkgsrc without updating the chroot'd apps.

would be happy to share the scripts, if there is interest.

chuck




a cut down example config file for apache:

require "reroot.pm";

$target = "/home/chroot/web";
chdir($target) || die "cannot cd to $target ($!)";

#
# system files and directories to copy over (wildcards are ok!)
#
@files = (
        "/bin/cat",
        "/bin/ls",
         ...        # etc... all the non-pkgsrc files req'd listed here
        "/usr/pkg/etc/httpd/ssl.crt/server.crt", 
        "/usr/pkg/etc/httpd/ssl.csr/server.csr", 
);

#
# binary packages to install
#
@pkgs = (
        "apache",
        "ap-ssl",
        "msmtp",
        "perl",
        "p5-Net",
        "p5-PerlMagick",
);

#
# files to omit
#
%omit = (
);

#
# sync the root area
#
&do_reroot($target, \@files, \@pkgs, \%omit) || die "do_reroot failed!";


#
# now handle the customized files, note that script runs in target directory
#

@custfiles = (
        "../cfg/files/web/group" => "etc/group",
        "../cfg/files/web/hosts" => "etc/hosts",
        "../cfg/files/web/httpd.conf" => "usr/pkg/etc/httpd/httpd.conf",
        "../cfg/files/web/magic" => "usr/pkg/etc/httpd/magic",
        "../cfg/files/web/mail.rc" => "etc/mail.rc",
        "../cfg/files/web/mime.types" => "usr/pkg/etc/httpd/mime.types",
        "../cfg/files/web/msmtprc" => "usr/pkg/etc/msmtprc",
);


#
# sync the custom files now
# 
&do_copy_named_files($target, \@custfiles);

system("cp ../cfg/files/web/apache /etc/rc.d/");