File: README

package info (click to toggle)
fakeroot 0.0-17
  • links: PTS
  • area: main
  • in suites: slink
  • size: 160 kB
  • ctags: 189
  • sloc: ansic: 690; cpp: 543; makefile: 126; sh: 68
file content (101 lines) | stat: -rw-r--r-- 3,495 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
To use fakeroot, type

fakeroot command [options]

Example: 
  fakeroot /bin/bash
  dpkg-buildpackage -rfakeroot

Needed:
  every command you execute within fakeroot needs to have the
  same libc soname as fakeroot. As fakeroot is built with
  libc6, for dpkg-buildpackage to work, you'll at least need
  libc6 versions of dpkg, make, fileutils, tar, bash

  (dpkg, tar and gzip, perl aren't libc6 yet in unstable, but 
  they compile out-of-the-box (and run OK), except for dpkg and perl).


Arguments:
  -d               debug
  -c    command    (if you want to execute "-d", use fakeroot -c -d)
  --lib library    location of libfakeroot.so.0.0
                   (make sure you specify a absolute path here).
  --mixedlibhack   test for libc5 binaries, and remove LD_PRELOAD for them.
                      (this is the default).
  --nomixedlibhack don't test for libc5 binaries (significantly faster).

A sample session:

rulcmc:/tmp/joost$  whoami
joost
rulcmc:/tmp/joost$ fakeroot /bin/bash
rulcmc:/tmp/joost$  whoami
root
rulcmc:/tmp/joost# mknod hda3 b 3 1
rulcmc:/tmp/joost# ls -ld hda3    
brw-r--r--   1 root     root       3,   1 Jul  2 22:58 hda3
rulcmc:/tmp/joost# chown joost:root hda3 
rulcmc:/tmp/joost# ls -ld hda3          
brw-r--r--   1 joost    root       3,   1 Jul  2 22:58 hda3
rulcmc:/tmp/joost# ls -ld /
drwxr-xr-x  20 root     root         1024 Jun 17 21:50 /
rulcmc:/tmp/joost# chown joost:users /
rulcmc:/tmp/joost# chmod a+w /
rulcmc:/tmp/joost# ls -ld /
drwxrwxrwx  20 joost    users        1024 Jun 17 21:50 /
rulcmc:/tmp/joost# exit
rulcmc:/tmp/joost$ ls -ld /
drwxr-xr-x  20 root     root         1024 Jun 17 21:50 //
rulcmc:/tmp/joost$ ls -ld hda3
-rw-rw-rw-   1 joost    users           0 Jul  2 22:58 hda3





Just fooling around:

If you start fakeroot in one window/VC with "fakeroot /bin/bash",
then you can make contact with that session in another
window. To do this, type in the fakeroot session:

# set |egrep '(FAKEROOTKEY|LD_PRELOAD)'
FAKEROOTKEY=707512945
LD_PRELOAD=/usr/lib/libfakeroot.so.0.0

(the above FAKEROOTKEY is an example, it will be different
every time you start fakeroot). In an unrelated shell, type:

$ export FAKEROOTKEY=707512945
$ export LD_PRELOAD=/usr/lib/libfakeroot.so.0.0
$ /bin/bash
#

Now you can chown etc files in one shell, and those ownerships
will show up in the other too. (actualy, you don't need
to execute bash, as any command you type in that window
will use fakeroot, but the already running shell doesn't).






Q: I'm a clueless systemadmin, how do I find out if a user actually
   did break into my system, or merely executed fakeroot?
A: In the user's "root" shell:
  - execute fakeroot again: it cannot be run from within itself.
  - execute "su", or any other setuid binary. They don't work.
    (I would like to fix this, though, by copyign them to /tmp,
    removing the setuid bit, and wrapping setuid() etc too.)
  - type "echo $LD_PRELOAD". does it show /usr/lib/libfakeroot.so.0.0, 
    or anything residing in userland? (I may fix this, that's easy.)
  - type "set|grep LD_PRELOAD". (This one is _much_ harder to fix
    than the previous test.)
  - type "rm -rf /", if you feel lucky.
  - type "rmdir /dev", if you don't. (If you get "directory not empty",
    you'll be glad you didn't try the previous test. If you get 
    "permission denied", you could have saved yourself 2 keystrokes.)
  - Yes, "cat /etc/shadow" also works. But that's for the
    non-clueless systemadmin, not for you.