Solved

Sockets etc

Posted on 2002-03-03
7
208 Views
Last Modified: 2010-04-22
I've written a simple program that telnets to a server and executes a couple of commands. The program uses sockets.
When I run the program as a normal user it works fine, but when Itry to run it as someone chrooted to let's say /testdir it returns can't get hostname.
I've included the source for the program below.
Any ideas how to make the program run under a chrooted user?

#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <sys/param.h>

#define SIZE 2048

#define TIME_PORT 6789

int main(int argc,
         char *argv[])
{
  int sockfd;
  int nread;
  int port;
  char message[SIZE], tempmess[SIZE];
  char * host, name[ SIZE ];
  char * pathet;
  struct hostent * ptrh;
  struct sockaddr_in serv_addr;
  char buf[ SIZE ];
  int count;

  port = TIME_PORT;
  serv_addr.sin_port = htons( (u_short) port );

   
  if ( argc > 1 )
    pathet  = argv[ 1 ];
     

  /* get the server host entry */
  if ((char *) ( ptrh = gethostbyname( "mail" ) ) == NULL ){
     fprintf(stderr, "No host name info\n");
     exit( 2 );
  }

  /* create socket */
  if ((sockfd = socket(PF_INET, SOCK_STREAM, 0))< 0) {
    fprintf(stderr, "Socket creation failed\n");
    exit(3);
  }

  /* connect to server */
  serv_addr.sin_family = AF_INET;
  serv_addr.sin_addr = * ( struct in_addr * ) ptrh->h_addr_list[ 0 ];

  if (connect(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr)) <
0) {
    fprintf(stderr, "Connection failed \n");
    exit(4);
  }

  /* transfer data */
  nread = read(sockfd, buf, SIZE);
  write(1, buf, nread);

  write(sockfd, "USERNAME\r\n", nread);
  write(sockfd, "PASSWORD\r\n", nread);

  sleep(1);

  write(sockfd, pathet, 512);

  nread = read(sockfd, buf, SIZE);
  write(1, buf, nread); //output answer
  close(sockfd);

  exit(0);
}
0
Comment
Question by:nikitin
7 Comments
 
LVL 5

Expert Comment

by:bryanh
ID: 6838208
Can you be more specific about "it returns can't get hostname"?
0
 

Author Comment

by:nikitin
ID: 6838593
This is the part that fails, it returns 'No host name info'

 /* get the server host entry */
 if ((char *) ( ptrh = gethostbyname( "mail" ) ) == NULL ){
    fprintf(stderr, "No host name info\n");
    exit( 2 );
 }
0
 
LVL 5

Expert Comment

by:garboua
ID: 6838851
pardon my ignorance, but what do you mean by "chrooted user"
your code segment looks good to me and no need to ask about the entries in your /etc/host or dns since it works when you run it as a normal user.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 4

Expert Comment

by:MFCRich
ID: 6838949
If its chrooted to /testdir it can no longer find /etc/hosts to resolve the host name. Either use DNS or create '/test/etc/hosts'
0
 

Author Comment

by:nikitin
ID: 6839026
MFCRich> it still doesn't work, I've a added /etc/hosts in /testdir, with the following entry 192.168.1.1     mail     mail.

Any ideas on how I can make it work?
0
 
LVL 5

Accepted Solution

by:
bryanh earned 150 total points
ID: 6840709
I think it's pretty clear that you're just missing some files.  All you need to do is figure out which ones.  gethostbyname() is much more complex than it used to be (a few years ago) because of the GNU C library's NSS (Name Service Switch).  I spent a week one day getting it to work on my system.  Do you have, for example, /etc/nsswitch in your chroot environment?  Also, there are libraries that gethostbyname() dynamically loads to do the lookups.  E.g. libnss-files.so.  If it can't find them, it won't work.

I think the quickest way out of this is to run the 'strace' program on your program, both in the working case and in the non-working case.  Strace will show you what files it is accessing or attempting to access.

You might also try to build the name service from scratch by reading the GNU C library manual.
0
 

Author Comment

by:nikitin
ID: 6841149
strace worked like magic (strace -o output myprogram args)
I've copied all the necessary libs and files now and the program runs as smooth as ever.

thanks man!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever been frustrated by having to click seven times in order to retrieve a small bit of information from the web, always the same seven clicks, scrolling down and down until you reach your target? When you know the benefits of the command l…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now