5 # [Blah blah blah, here should be a description of what this script does]
6 # Christian Bayle, Roland Mas, debian-sf (Sourceforge for Debian)
10 if [ $(id -u) != 0 ] ; then
11 echo "You must be root to run this, please enter passwd"
15 CHROOTDIR=/var/lib/gforge/chroot
19 echo "Installing chroot environnement at $CHROOTDIR"
20 [ -d $CHROOTDIR ] || install -d -m 755 $CHROOTDIR
42 [ -d $CHROOTDIR/$dir ] || mkdir $CHROOTDIR/$dir
44 install -d -m 1777 $CHROOTDIR/tmp
45 [ -L $CHROOTDIR/var/lib/gforge/chroot ] && rm $CHROOTDIR/var/lib/gforge/chroot
46 [ -d $CHROOTDIR/var/lib/gforge/chroot ] && rmdir $CHROOTDIR/var/lib/gforge/chroot
47 ln -s ../../../ $CHROOTDIR/var/lib/gforge/chroot
49 # Copy needed binaries
50 # For testing /bin/ls /bin/su
51 # Maybe needed /bin/chgrp
52 # Could be restricted /bin/bash
53 # TODO: remove unneeded stuff from that list
62 if [ -x "$binary" ] ; then
64 ldd $binary | cut -d" " -f3
68 | cpio --quiet -pdumVLB $CHROOTDIR
71 cp /lib/ld-linux.so.* $CHROOTDIR/lib
74 cp /lib/libgcc_s* $CHROOTDIR/lib
78 cp /lib/libcap* $CHROOTDIR/lib
82 cp /lib/libcom_err* $CHROOTDIR/lib
84 # Create devices files
85 [ -c $CHROOTDIR/dev/null ] || mknod $CHROOTDIR/dev/null c 1 3
86 [ -c $CHROOTDIR/dev/urandom ] || mknod $CHROOTDIR/dev/urandom c 1 9
87 [ -c $CHROOTDIR/dev/console ] || mknod $CHROOTDIR/dev/console c 5 1
89 if ! grep -q "^SYSLOGD.*/var/lib/gforge/chroot/dev/log.*" /etc/default/syslog ; then
90 echo '######################################################################################################'
91 echo 'WARNING: you must have SYSLOGD="-p /dev/log -a /var/lib/gforge/chroot/dev/log" in /etc/default/syslog'
92 echo 'To have cvs pserver running correctly'
93 echo '######################################################################################################'
99 cat > $CHROOTDIR/etc/nsswitch.conf <<-FIN
104 # Copy miscellaneous files
105 [ -d /etc/ssh ] && find /etc/ssh | cpio --quiet -pdumLB $CHROOTDIR
106 [ -d /etc/ssh-nonfree ] && find /etc/ssh-nonfree | cpio --quiet -pdumLB $CHROOTDIR
107 [ -f /etc/pam.d/ssh ] && cp /etc/pam.d/ssh $CHROOTDIR/etc/pam.d
108 [ -f /etc/pam.d/ssh-nonfree ] && cp /etc/pam.d/ssh-nonfree $CHROOTDIR/etc/pam.d
109 [ -f /etc/pam.d/login ] && cp /etc/pam.d/login $CHROOTDIR/etc/pam.d
110 [ -f /etc/pam.d/su ] && cp /etc/pam.d/su $CHROOTDIR/etc/pam.d
111 [ -f /etc/pam.d/cvs ] && cp /etc/pam.d/cvs $CHROOTDIR/etc/pam.d
112 [ -f /etc/pam.d/other ] && cp /etc/pam.d/other $CHROOTDIR/etc/pam.d
113 cp /etc/pam.d/common* $CHROOTDIR/etc/pam.d
114 cp /lib/libpam* $CHROOTDIR/lib
116 cp /lib/libnss_files* $CHROOTDIR/lib
117 cp /lib/security/* $CHROOTDIR/lib/security
118 cp /etc/security/*.conf $CHROOTDIR/etc/security
120 # # Libnss-ldap related stuffs
122 # /usr/bin/ldapsearch ; do
123 # if [ -x "$binary" ] ; then
125 # ldd $binary | cut -d" " -f3
129 # | cpio --quiet -pdumVLB $CHROOTDIR
131 # #cp -r /etc/ldap $CHROOTDIR/etc
132 # [ -e /etc/libnss-ldap.conf ] && cp /etc/libnss-ldap.conf $CHROOTDIR/etc
133 # [ -e /etc/libnss-pgsql.conf ] && cp /etc/libnss-pgsql.conf $CHROOTDIR/etc
134 # [ "$(echo /lib/libnss_ldap*)" != "/lib/libnss_ldap*" ] && cp /lib/libnss_ldap* $CHROOTDIR/lib
135 # [ "$(echo /usr/lib/libnss_ldap*)" != "/usr/lib/libnss_ldap*" ] && cp /usr/lib/libnss_ldap* $CHROOTDIR/usr/lib
138 # [ -f /etc/ldap.secret ] && cp /etc/ldap.secret $CHROOTDIR/etc && chmod 600 /etc/ldap.secret
140 # Libnss-pgsql related stuffs
141 [ -e /etc/nss-pgsql.conf ] && cp /etc/nss-pgsql.conf $CHROOTDIR/etc
142 [ "$(echo /lib/libnss_pgsql*)" != "/lib/libnss_pgsql*" ] && cp /lib/libnss_pgsql* $CHROOTDIR/lib
143 [ "$(echo /usr/lib/libnss_pgsql*)" != "/usr/lib/libnss_pgsql*" ] && cp /usr/lib/libnss_pgsql* $CHROOTDIR/usr/lib
144 [ "$(echo /usr/lib/libdb*)" != "/usr/lib/libdb*" ] && cp /usr/lib/libdb* $CHROOTDIR/usr/lib
145 [ "$(echo /usr/lib/libssl*)" != "/usr/lib/libssl*" ] && cp /usr/lib/libssl* $CHROOTDIR/usr/lib
146 [ "$(echo /usr/lib/libcrypto*)" != "/usr/lib/libcrypto*" ] && cp /usr/lib/libcrypto* $CHROOTDIR/usr/lib
148 [ "$(echo /usr/lib/libpq*)" != "/usr/lib/libpq*" ] && cp /usr/lib/libpq* $CHROOTDIR/usr/lib
149 [ "$(echo /usr/lib/libkrb5*)" != "/usr/lib/libkrb5*" ] && cp /usr/lib/libkrb5* $CHROOTDIR/usr/lib
150 [ "$(echo /usr/lib/libk5crypto*)" != "/usr/lib/libk5crypto*" ] && cp /usr/lib/libk5crypto* $CHROOTDIR/usr/lib
151 [ "$(echo /usr/lib/libcom_err*)" != "/usr/lib/libcom_err*" ] && cp /usr/lib/libcom_err* $CHROOTDIR/usr/lib
152 [ -f /usr/lib/libcom_err.so ] && cp /usr/lib/libcom_err.so $CHROOTDIR/usr/lib/libcom_err.so.2
156 # Now this never change
157 cat > $CHROOTDIR/etc/passwd <<-FIN
158 root:x:0:0:Root:/:/bin/bash
159 nobody:x:65534:65534:nobody:/:/bin/false
161 getent passwd | grep sshd >> $CHROOTDIR/etc/passwd
162 getent passwd | grep anonscm-gforge >> $CHROOTDIR/etc/passwd
163 cat > $CHROOTDIR/etc/shadow <<-FIN
164 root:*:11142:0:99999:7:::
165 nobody:*:11142:0:99999:7:::
167 cat > $CHROOTDIR/etc/group <<-FIN
171 getent group | grep anonscm-gforge >> $CHROOTDIR/etc/group
176 echo "Usage: $0 {configure}"
projects / fusionforge / fusionforge.git / blob