ldd and chroot jails when lib64 points to lib?

Question

I'm following this tutorial and on step 2 they look up a bunch of dependency libraries for bash. (I'm assuming you would need to do this for any command that you wish the chroot jail user that is logging in via ssh to do this) The tutorials dependencies all live in /lib64, but in mine one lives there and the rest are simlinks to /lib

root@dasHost:/# ldd /bin/bash
        linux-vdso.so.1 (0x00007fffcee04000)
        libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007fddf98f0000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007fddf96e0000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fddf92e0000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fddfa000000)

What do I do with the simlinks, just copy them into the chroot's ./lib directory and simlink them like normal?

It looks like most of these are soft-links.

    root@dashost:/# ls -la /lib/x86_64-linux-gnu/libtinfo.so.5
    5629499534705713 lrwxrwxrwx 1 root root 15 May 23  2018 /lib/x86_64-linux-gnu/libtinfo.so.5 -> libtinfo.so.5.9
    root@dasHost:/# ls -lia /lib/x86_64-linux-gnu/libtinfo.so.5
    5629499534705713 lrwxrwxrwx 1 root root 15 May 23  2018 /lib/x86_64-linux-gnu/libtinfo.so.5 -> libtinfo.so.5.9

I found this question as well, but I want to limit it to the libraries I need: https://unix.stackexchange.com/questions/4897/providing-bin-and-lib-inside-a-chroot-jail — leeand00, Jan 10 '20 at 20:25
This question appears relevant here: https://superuser.com/questions/310199/how-to-see-the-currently-loaded-shared-objects-in-linux — leeand00, Jan 13 '20 at 16:07

score 0 · Answer 1 · answered Jan 13 '20 at 10:43

0

On a Debian or Ubuntu system, shared libraries are stored using a system called multiarch. The /lib64 directory is designed for biarch systems which support only 32- and 64-bit libraries, while Debian and Ubuntu support libraries of any architecture, even ones the system doesn't natively support, using directories in the /lib/<triple> format.

You'll need to copy the dynamic linker, /lib64/ld-linux-x86-64.so.2, however that's set up. If /lib64 is a symlink, you'll need to copy that symlink as well.

You'll also need to ensure that the appropriate /lib/<triple> contents are copied, since that's where the shared libraries live. On newer systems, those are actually in /usr and there's a symlink, which again you'll need to copy.

Finally, you'll need to copy the actual libraries; generally, there is the actual library, and a symlink to the name embedded in the binary, and you'll need both.

answered Jan 13 '20 at 10:43

bk2204

4,099
7
9

ldd would still report it if it was in /usr correct? – leeand00 Jan 13 '20 at 13:26
1

ldd does not resolve symlinks in its output, no. You'll have to look by hand. – bk2204 Jan 13 '20 at 13:42
So the right way to do this would be to run the program and then look at lsof correct (https://superuser.com/a/310205/2293)? – leeand00 Jan 14 '20 at 17:56
The right way to do it is to install the packages in the chroot. glibc uses the name service switch, which means that if you need a lot more than just the shared libraries it links against, including other NSS libraries and config files. – bk2204 Jan 14 '20 at 23:07
Would I use my package manager to do that? Or something like manually compiling everything? – leeand00 Jan 14 '20 at 23:19
1

You'd use your standard package manager. Usually they have tools to install packages in a chroot, such as debootstrap. – bk2204 Jan 14 '20 at 23:42

ldd and chroot jails when lib64 points to lib?

1 Answers1