メモ。chroot試してみないとなーと思っててね。
(sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ ls -l
合計 8
-rw------- 1 root root 9 2009-09-03 01:43 data.dat
-rw-r--r-- 1 tokibito tokibito 374 2009-09-03 01:47 tests.py
(sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ cat tests.py
import os
from pwd import getpwnam
root = os.path.dirname(os.path.abspath(__file__))
user = 'tokibito'
st = getpwnam(user)
print st
os.chroot(root)
print os.getcwd()
print os.path.dirname(os.path.abspath(__file__))
f = open('data.dat')
print f.read()
f.close()
print 'changeuser'
os.setgid(st.pw_gid)
os.setuid(st.pw_uid)
f = open('data.dat')
print f.read()
f.close()
(sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ sudo cat data.dat
hogehoge
(sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ python tests.py
pwd.struct_passwd(pw_name='tokibito', pw_passwd='x', pw_uid=1000, pw_gid=1000, pw_gecos=',,,', pw_dir='/home/tokibito', pw_shell='/bin/bash')
Traceback (most recent call last):
File "tests.py", line 9, in <module>
os.chroot(root)
OSError: [Errno 1] Operation not permitted: '/home/tokibito/projects/chroottest'
(sandbox-django)tokibito@sandbox-ubuntu9:~/projects/chroottest$ sudo python tests.py
pwd.struct_passwd(pw_name='tokibito', pw_passwd='x', pw_uid=1000, pw_gid=1000, pw_gecos=',,,', pw_dir='/home/tokibito', pw_shell='/bin/bash')
/
/
hogehoge
changeuser
Traceback (most recent call last):
File "tests.py", line 21, in <module>
f = open('data.dat')
IOError: [Errno 13] Permission denied: 'data.dat'
