diff options
author | netblue30 <netblue30@yahoo.com> | 2015-08-08 19:12:30 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-08-08 19:12:30 -0400 |
commit | 1379851360349d6617ad32944a25ee5e2bb74fc2 (patch) | |
tree | f69b48e90708bfa3c2723d5a27ed3e024c827b43 /test/configure | |
parent | delete files (diff) | |
download | firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.gz firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.zst firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.zip |
Baseline firejail 0.9.28
Diffstat (limited to 'test/configure')
-rwxr-xr-x | test/configure | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/test/configure b/test/configure new file mode 100755 index 000000000..17bb22e1b --- /dev/null +++ b/test/configure | |||
@@ -0,0 +1,42 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | brctl addbr br0 | ||
4 | ifconfig br0 10.10.20.1/29 up | ||
5 | # NAT masquerade | ||
6 | iptables -t nat -A POSTROUTING -o eth0 -s 10.10.20.0/29 -j MASQUERADE | ||
7 | # port forwarding | ||
8 | # iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.10.20.2:80 | ||
9 | |||
10 | brctl addbr br1 | ||
11 | ifconfig br1 10.10.30.1/24 up | ||
12 | brctl addbr br2 | ||
13 | ifconfig br2 10.10.40.1/24 up | ||
14 | brctl addbr br3 | ||
15 | ifconfig br3 10.10.50.1/24 up | ||
16 | brctl addbr br4 | ||
17 | ifconfig br4 10.10.60.1/24 up | ||
18 | |||
19 | |||
20 | # build a very small chroot | ||
21 | ROOTDIR="/tmp/chroot" # default chroot directory | ||
22 | DEFAULT_FILES="/bin/bash /bin/sh " # basic chroot files | ||
23 | DEFAULT_FILES+="/etc/passwd /etc/nsswitch.conf /etc/group " | ||
24 | DEFAULT_FILES+=`find /lib -name libnss*` # files required by glibc | ||
25 | DEFAULT_FILES+=" /bin/ls /bin/cat /bin/ps /usr/bin/id /usr/bin/whoami /usr/bin/wc /usr/bin/wget" | ||
26 | |||
27 | rm -fr $ROOTDIR | ||
28 | mkdir -p $ROOTDIR/{root,bin,lib,lib64,usr,home,etc,dev/shm,tmp,var/run,var/tmp,var/lock,proc} | ||
29 | SORTED=`for FILE in $* $DEFAULT_FILES; do echo " $FILE "; ldd $FILE | grep -v dynamic | cut -d " " -f 3; done | sort -u` | ||
30 | for FILE in $SORTED | ||
31 | do | ||
32 | cp --parents $FILE $ROOTDIR | ||
33 | done | ||
34 | cp --parents /lib64/ld-linux-x86-64.so.2 $ROOTDIR | ||
35 | cp --parents /lib/ld-linux.so.2 $ROOTDIR | ||
36 | |||
37 | cd $ROOTDIR; find . | ||
38 | mkdir -p usr/lib/firejail/ | ||
39 | cp /usr/lib/firejail/libtrace.so usr/lib/firejail/. | ||
40 | |||
41 | |||
42 | echo "To enter the chroot directory run: firejail --chroot=$ROOTDIR" | ||