VirtualMachines

We installed vserver on the antiperfect systems for safety reasons. This is what we learned.

Installation on Debian etch.

  • apt-get install vserver-debiantools (7 packages
    installed)

  • apt-get install linux-image-vserver-amd64 (3
    packages installed)

newvserver –hostname test –domain antiperfect.org –ip 10.0.0.20
Creates a new server and installed debian in it

For running 32 bits applications a chroot environment was installed following the instructions in the The Debian GNU/Linux AMD64 HOW-TO.

# debootstrap –arch i386 etch /var/chroot/etch-ia32 http://ftp.debian.org/debian/

For schroot session which are not closed properly an entry remains in /var/lib/schroot/mount and /var/lib/schroot/session. This can be cleaned when all schroot sessions are ended with the command below. Put it in /etc/init.d/schroot in the stop section and make a link for it to /etc/rc1.d/K20schroot/

 

schroot -e –all-sessions
Clean all orphan schroot sessions (fails if a session is still active)

 

This installs an anonymous FTP-server in chroot

 

 

You don’t have to install additional/other ftp daemons the SOLARIS

one works fine…

 

Create the FTP home directory structure:

mkdir /export/home/ftp/pub

mkdir /export/home/ftp/bin

mkdir /export/home/ftp/dev

mkdir /export/home/ftp/etc

mkdir /export/home/ftp/usr

mkdir /export/home/ftp/usr/lib

 

Add the ls command to the FTP bin directory:

cp /usr/bin/ls /export/home/ftp/bin

chmod 111 /export/home/ftp/bin/ls

 

Copy the necessary libraries into the FTP directory structure:

cp /usr/lib/ld.so* /export/home/ftp/usr/lib

cp /usr/lib/libc.so.1 /usr/lib/libdl.so.1 /export/home/ftp/usr/lib

cp /usr/lib/libintl.so.1 usr/lib/libw.so.1 /export/home/ftp/usr/lib

cp /etc/passwd /etc/group /etc/netconfig /export/home/ftp/etc

 

Copy the necessary files into the FTP directory structure to resolve NIS names:

cp /usr/lib/nss*.so.1 /export/home/ftp/usr/lib

cp /usr/lib/libnsl.so.1 /export/home/ftp/usr/lib

cp /usr/lib/straddr.so /export/home/ftp/usr/lib

cp /etc/nsswitch.conf /export/home/ftp/etc

 

Set the permissions for the /export/home/ftp/usr/lib and /export/home/ftp/etc directories:

chmod 555 /export/home/ftp/usr/lib/*

chmod 444 /export/home/ftp/etc/*

 

Set the permissions of all the created directories:

chmod 555 /export/home/ftp/usr/lib

chmod 555 /export/home/ftp/usr

chmod 555 /export/home/ftp/bin

chmod 555 /export/home/ftp/dev

chmod 555 /export/home/ftp/etc

chmod 755 /export/home/ftp/pub

chmod 555 /export/home/ftp

 

Add the following line to the /etc/passwd file:

ftp:x:30000:30000:Anonymous FTP:/export/home/ftp:/bin/false

 

Add the following line to the /etc/shadow file:

ftp:NP:6445::::

 

Make sure that everything is owned by root and not by FTP:

chown -R root /export/home/ftp

 

and off you go with an anonymous ftpd in an chroot enviroment

 

 

 

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.