chroot greedy!

From: José M. Fandiño <jm.fandino@dont-contact.us>
Date: Tue, 11 Apr 2000 19:08:44 +0200

Hi friends,

I'm trying upgrade a squid box to Gnu/Linux 2.2.13 with squid
2.2.STABLE5 and Hno's patchs.
All run fine except the chroot feature.
 
I do % chroot /home/users/fan/pruebas/squid /bin/su - fan -c '/bin/bash'
and once in the jail run nslookup and the resolver is okay (AA).

bash-2.02$ nslookup www.yahoo.com
Server: internal.server
Address: 192.168.1.2

Name: www.yahoo.akadns.net
Addresses: 216.32.74.51, 216.32.74.50, 216.32.74.55, 216.32.74.54
          216.32.74.53, 216.32.74.52
Aliases: www.yahoo.com

but, running "echo www.yahoo.com | dnsserver"
I get $fail DNS Domain 'www.yahoo.com' is invalid: Host not found
(authoritative).

:-o

searching any answer I look at socket status:

bash-2.02$ netstat -a -A inet
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address
State
netstat: no support for `AF INET (tcp)' on this system.

??

and a "strace echo www.yahoo.com | dnsserver" return:
.
.

fstat(1, {st_mode=S_ISVTX|0445, st_size=0, ...}) = 0
mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =
0x4000d000
write(1, "www.yahoo.com\n", 14$fail DNS Domain 'www.yahoo.com' is
invalid: Host not found (authoritative).
) = 14
munmap(0x4000d000, 4096) = 0
_exit(0) = ?

I don't understand why this behave.

any idea?

Thanks,

Aditional info:
===============

files in chroot
---------------
/bin/RunCache
/bin/RunAccel
/bin/squid
/bin/client
/bin/dnsserver
/bin/unlinkd
/bin/cachemgr.cgi
/bin/su
/bin/ls
/bin/bash
/bin/ps
/bin/tcsh
/bin/nslookup
/bin/echo
/bin/strace
/bin/netstat
/etc/squid.conf
/etc/mime.conf.default
/etc/mime.conf
/etc/icons # the icons
/etc/errors # error pages
/etc/ld.so.cache
/etc/passwd
/etc/protocols
/etc/services
/etc/hosts
/etc/group
/etc/host.conf
/etc/ld.so.conf
/etc/resolv.conf
/etc/errors/
/etc/mib.txt
/etc/squid.conf.default
/logs/cache.log
/logs/access.log
/logs/store.log
/cache
/dev/log
/dev/null
/dev/tcp
/dev/udp
/dev/rawip
/dev/ip
/dev/zero
/lib/ld-linux.so.2
/lib/libc.so.6
/lib/libcrypt.so.1
/lib/libnss_compat.so.1
/lib/libnsl.so.1
/lib/libnss_files.so.1
/lib/libnss_files.so
/lib/libnss_nis.so
/lib/libnss_dns.so
/lib/libnss_db.so
/lib/libnss_compat.so
/lib/libncurses.so.4
/lib/libdl.so.2
/lib/libresolv.so
/lib/ld-linux.so.2
/home/users/fan

-- 
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS d- s+: a- C+++ UL++++ P+ L+++ E--- W++ N+ o K- w---
O+ M+ V- PS PE+ Y PGP+>+++ t+ 5 X+++ R- !tv b+++ DI-- D+++
G e- h++ !r !z
------END GEEK CODE BLOCK------
Received on Tue Apr 11 2000 - 11:13:59 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:52:54 MST