DESCRIPTIONcvsd-buildroot creates and populates a directory that can be used as a chroot jail for running cvsd (see cvsd(8) ) in.
This script should be run as the root user since the creation of devices and the changing of ownership and permissions require this.
The script gives warnings about files that it's not expecting.
cvsd-buildroot creates the following directory structure:
- This directory is populated with the cvs binary that is found on the system.
- This directory is populated with all the libraries that are required for running programs in the /bin directory as well as some predefined required libraries that are present on the system.
- Here null and zero devices are created.
- In this directory a passwd file is created that is used for matching user id's with usernames. The root and cvsd user are added to this file if they're not there yet. The passwd file is checked for consistency with the system /etc/passwd to prevent mistakes. The passwd file is also populated with users referenced in the repository directories. Note that no password data from /etc/passwd or any other file is stored in the generated passwd file, all password entries are set to 'x'.
- Here symbolic links are placed to /bin and /lib for some common library and binary directories found on the system. This is done for systems that have hard-coded paths for libraries.
- /libexec and /usr/libexec
- Symbolic links for these directories are created if they are present on the system.
- This directory is cleaned out on systems that have tmpreaper.
After the directories are created and populated ownership and rights are set to a reasonable value (root:root,umask=022).
OPTIONScvsd-buildroot takes one argument, namely a directory in which the chroot jail will be created. The directory should be specified with an absolute path.
NOTESCreating a chroot environment is a terribly non-portable thing to do and therefore you may experience problems with missing libraries and system files. For more information see the FAQ and the README. If you have to install libraries or perform actions not covered by cvsd-buildroot please report your findings to <[email protected]>.
Rerunning cvsd-buildroot after you have created your repository is advised since the repositories are checked for references to userid's and lockfile directories.
AUTHORArthur de Jong <[email protected]>.