lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 05 Dec 2006 14:58:27 -0600
From:	Jeffrey Hundstad <jeffrey.hundstad@...u.edu>
To:	Jan Engelhardt <jengelh@...ux01.gwdg.de>
CC:	"Horst H. von Brand" <vonbrand@....utfsm.cl>,
	Marty Leisner <linux@...hester.rr.com>,
	linux-kernel@...r.kernel.org, bug-cpio@....org,
	martin.leisner@...ox.com
Subject: Re: ownership/permissions of cpio initrd

Jan Engelhardt wrote:
>> It appears to not be standard with fedora for sure... but while it origiginally
>> was/is a Debian package it looks like there is source if you'd like to build it
>> on other systems.  It was originally designed to tackle the exact problem you
>> are confronting.
>>
>> See:
>> http://freshmeat.net/projects/fakeroot/
>>
>> About:
>> Fakeroot runs a command in an environment were it appears to have root
>> privileges for file manipulation, by setting LD_PRELOAD to a library with
>> alternative versions of getuid(), stat(), etc. This is useful for allowing
>> users to create archives (tar, ar, .deb .rpm etc.) with files in them with root
>> permissions/ownership. Without fakeroot one would have to have root privileges
>> to create the constituent files of the archives with the correct permissions
>> and ownership, and then pack them up, or one would have to construct the
>> archives directly, without using the archiver.
>>     
>
> Ugh that sounds even more than a hack. At least for one-user 
> archives, I guess nobody at Debian knows that tar has a --user and 
> --group option.
>
>
> 	-`J'
>   

...It also let's you mknod and friends, and let's you set permissions to 
files to more than just ONE user.  The whole point of the commands is to 
let you make distribution files without root access.  Of course you can 
fake all of this with a special archiver command.... I'm just throwing 
out options.

$ fakeroot
# mkdir root
# mkdir root/dev/
# mknod root/dev/null c 1 3
# mknod root/dev/sda1 b 8 1
# chown root.disk root/dev/sda1
# cd root
# tar cvf ../root.tar ./
# exit
$ tar tvf root.tar
drwxr-xr-x root/root         0 2006-12-05 14:54 ./
drwxr-xr-x root/root         0 2006-12-05 14:54 ./dev/
crw-r--r-- root/root       1,3 2006-12-05 14:54 ./dev/null
brw-r--r-- root/disk       8,1 2006-12-05 14:54 ./dev/sda1

-- 
Jeffrey Hundstad


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ