Klaas Jan Wierenga
2004-Sep-15 12:23 UTC
FW: [Icecast] Tip: using icecast in chroot mode may break timestamp inaccess.log
Please post to the mailing list the next time Ralf. I'm not using yp directory listings, but I can guess why it is not working. You're probably missing the libcurl.so library in your chroot jail directories. Here's the listing of files I have in the chroot jail: -----%< cut here> ls -R.: admin etc lib opt usr var web ./admin: listclients.xsl listmounts.xsl manageauth.xsl moveclients.xsl response.xsl stats.xsl ./etc: localtime ./lib: ld-linux.so.2 libcrypto.so.4 libgcc_s-3.3.2-20031023.so.1 libresolv.so.2 tls libcom_err.so.2 libdl.so.2 libgcc_s.so.1 libssl.so.4 ./lib/tls: libc.so.6 libm.so.6 libpthread.so.0 ./opt: icecast ./opt/icecast: etc ./opt/icecast/etc: icecast.xml ./usr: lib ./usr/lib: libcurl.so.2 libk5crypto.so.3 libogg.so.0 libxml2.so.2 libz.so.1 libgssapi_krb5.so.2 libkrb5.so.3 libvorbis.so.0 libxslt.so.1 ./var: log run ./var/log: icecast ./var/log/icecast: access.log error.log ./var/run: icecast.pid ./web: corner_bottomleft.jpg corner_topleft.jpg icecast.png recordings status.xsl corner_bottomright.jpg corner_topright.jpg key.gif status2.xsl style.css ---%< cut here I've figured out which shared libraries icecast is depending on by running the ldd command on the icecast binary: -----%< cut here> ldd icecastlibcurl.so.2 => /usr/lib/libcurl.so.2 (0x009e8000) libssl.so.4 => /lib/libssl.so.4 (0x00b00000) libcrypto.so.4 => /lib/libcrypto.so.4 (0x00101000) libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00a5a000) libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00a71000) libcom_err.so.2 => /lib/libcom_err.so.2 (0x0082a000) libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00adc000) libresolv.so.2 => /lib/libresolv.so.2 (0x00a46000) libdl.so.2 => /lib/libdl.so.2 (0x00649000) libvorbis.so.0 => /usr/lib/libvorbis.so.0 (0x00cbe000) libxslt.so.1 => /usr/lib/libxslt.so.1 (0x00671000) libxml2.so.2 => /usr/lib/libxml2.so.2 (0x006b9000) libz.so.1 => /usr/lib/libz.so.1 (0x006a6000) libpthread.so.0 => /lib/tls/libpthread.so.0 (0x0064e000) libm.so.6 => /lib/tls/libm.so.6 (0x00625000) libc.so.6 => /lib/tls/libc.so.6 (0x004ea000) libogg.so.0 => /usr/lib/libogg.so.0 (0x001f3000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x004d2000) -----%< cut here Hope this info is helpful to you. Regards, KJ -----Oorspronkelijk bericht----- Van: ACiDAngel [mailto:list-icecast@rewtbox.de] Verzonden: dinsdag 14 september 2004 19:29 Aan: 'Klaas Jan Wierenga' Onderwerp: AW: [Icecast] Tip: using icecast in chroot mode may break timestamp inaccess.log Klaas Jan Wierenga wrote:> > Hi all, > > Just thought I'd share this little bit of information. > > If you're running Icecast in a chroot jail the timestamps inI see you are using it chrooted - did you recognize any problems with yp directory listenings? My Icecast2 does not announce itself to the yp servers but if I just deactivate chroot it does. Maybe you have a solution for this too? Did you copy any libs and/or files other than "locales" into the chroot? Regards Ralf
Dale Ghent
2004-Sep-15 12:24 UTC
[Icecast] Tip: using icecast in chroot mode may break timestamp inaccess.log
On Sep 15, 2004, at 3:21 PM, Klaas Jan Wierenga wrote:> > Please post to the mailing list the next time Ralf.Um, maybe you should remove the Reply-To: header in your email, smart guy. /dale
Klaas Jan Wierenga wrote:> I'm not using yp directory listings, but I can guess why it > is not working. > You're probably missing the libcurl.so library in your chroot > jail directories. Here's the listing of files I have in the > chroot jail:Definitely not, I rebuilt the whole lib structure i got from ldd in my chroot But i always get : [2004-09-16 23:15:04] EROR yp/yp_submit_url Got a NAK from yp_add(Unknown) (http://dir.xiph.org/cgi-bin/yp-cgi) If I switch chroot off everything works fine without any more changes. All libs from "ldd icecast" are in the chroot-root in there right path's At first I also thought it is a lib-problem - but I think it cant be a libraries problem because I already straced the icecast process with all its childs for libcalls and there's nothing I can see that fails ... Can anyone reproduce that ? Is it a bug ? THX Ralf
ACiDAngel
2004-Sep-18 04:16 UTC
[Icecast] TIP: using icecast in chroot mode with YP announcing
> Klaas Jan Wierenga wrote: > > > I'm not using yp directory listings, but I can guess why it is not > > working. > > You're probably missing the libcurl.so library in your chroot jail > > directories. Here's the listing of files I have in the chroot jail: > > Definitely not, I rebuilt the whole lib structure i got from > ldd in my chroot But i always get : > > [2004-09-16 23:15:04] EROR yp/yp_submit_url Got a NAK from > yp_add(Unknown) > (http://dir.xiph.org/cgi-bin/yp-cgi) > > If I switch chroot off everything works fine without any more changes. > > All libs from "ldd icecast" are in the chroot-root in there > right path's > > At first I also thought it is a lib-problem - but I think it > cant be a libraries problem because I already straced the > icecast process with all its childs for libcalls and there's > nothing I can see that fails ... > Can anyone reproduce that ? Is it a bug ?Afte noone could gave me a help I found a solution for myself. In icecast chroot mode the resolving/nscd does not work. Also not, if the libresolv is copied to the icecast chroot. (dunno if this is a chroot problem or if it is a problem/feature in combination with gresecurity kernel patches which i use) If I put hosts in icecastroot/etc and write into that hosts file my yp hostnames it works fine. I announce on xiph and oddsock so I created the following "hosts" file in the chrooted etc dir: 140.211.166.5 dir.xiph.org 66.98.134.94 www.oddsock.org Good luck Ralf