11-10-2010
Thanks for your help. I don't see why it should do this, but... c'est la vie.
The real problem is that I'm trying to run Java inside the sandbox and it moans that it can't locate libjli.so. The only way I know around this is to set LD_LIBRARY_PATH. Can anyone suggest a workaround?
9 More Discussions You Might Find Interesting
1. AIX
Hi!!
I'm currently running AIX 4.3.3 and i'm trying to setup a chroot environment for the users who use SFTP, i spend a lot time SFTW but i can't make it work.
I got openssh3.9p1 whit the chroot patch.
Any help is greatly appreciated. (0 Replies)
Discussion started by: samurai79
0 Replies
2. Shell Programming and Scripting
Here is "escape puzzle" from real life task:
Conditions:
We need to create an alias which will
Save current directory path
Will ssh to particular server
Then will cd to saved path (it's mounted via NFS)
Then will find all files with name patter as "All*.bld" and run particular editor... (0 Replies)
Discussion started by: BaruchLi
0 Replies
3. Linux
Hi,
Recently I installed Fedora 9 on the following hardware
- Asus A8N-SLI Deluxe motherboard bios version 1805
- 2GB twinmos ram
- AMD 4400 CPU
- Tagan PSU 550 W
- Asus EN6200LE video card
- WD 74 GB Raptor
- Areca ARC-1222 raid controller
- 4x 1TB Seagate Baracudas
- Symbios Logic... (6 Replies)
Discussion started by: jwoude
6 Replies
4. UNIX for Dummies Questions & Answers
I was reading an article on how it is very important to setup a chroot jail to run bind. I can follow what the article says but one thing I am unclear about is now on system boot the BIND process in the chroot jail will start since it the owner will no longer be root but some other user. Can... (1 Reply)
Discussion started by: mojoman
1 Replies
5. IP Networking
It writes in Section 9.3 in Unix Network programming about SCTP:
"The sctp_bindx call can be used on a bound or unbound socket."
And then it writes:
"The port number in all the socket address structures must be the same and must match any port number that is already bound; if it doesn't, then... (0 Replies)
Discussion started by: tomdean001
0 Replies
6. Debian
Firstly Hi everyone :)
I setup SFTP and SSH jail using this tutorial:
http://www.howtoforge.com/chrooted-ssh-sftp-tutorial-debian-lenny
SFTP jail works however now when I try to SSH it accepts my password and then just goes to a blank screen. Type any command and the shell session is... (11 Replies)
Discussion started by: pokey144
11 Replies
7. Solaris
I'm getting confused by swap
# swap -l
swapfile dev swaplo blocks free
/dev/zvol/dsk/rpool/swap 256,2 16 16777200 16777200
/dev/zvol/dsk/swappool/swap2 256,1 16 50331632 50331632
# swap -s
total: 6710256k bytes allocated + 3402944k reserved = 10113200k used,... (6 Replies)
Discussion started by: redstone
6 Replies
8. UNIX for Dummies Questions & Answers
I decided to try creating a chroot environment with a BT5r2 iso file. I'm just wanting to run Backtrack from inside Debian without having to reboot into my other partition or use vmware.
I found some documentation on how to do this with BT4 at this link:
... (0 Replies)
Discussion started by: Azrael
0 Replies
9. Red Hat
Hi
I need a specific user to be able to sftp to a server and get files from a specific location. The location is not the users home dir, i don't want the user to be able to view anything else apart from the files in that area.
e.g ftp file are is - /logging/phplogs
e.g user home is... (1 Reply)
Discussion started by: duckeggs01
1 Replies
LEARN ABOUT MOJAVE
sandbox_init
SANDBOX_INIT(3) BSD Library Functions Manual SANDBOX_INIT(3)
NAME
sandbox_init, sandbox_free_error -- set process sandbox (DEPRECATED)
SYNOPSIS
#include <sandbox.h>
int
sandbox_init(const char *profile, uint64_t flags, char **errorbuf);
void
sandbox_free_error(char *errorbuf);
DESCRIPTION
The sandbox_init() and sandbox_free_error() functions are DEPRECATED. Developers who wish to sandbox an app should instead adopt the App
Sandbox feature described in the App Sandbox Design Guide.
The sandbox_init() function places the current process into a sandbox(7). The NUL-terminated string profile specifies the profile to be used
to configure the sandbox. The flags specified are formed by or'ing the following values:
SANDBOX_NAMED The profile argument specifies a sandbox profile named by one of the constants given in the AVAILABLE PROFILES sec-
tion below.
The out parameter *errorbuf will be set according to the error status.
RETURN VALUES
Upon successful completion of sandbox_init(), a value of 0 is returned and *errorbuf is set to NULL. In the event of an error, a value of -1
is returned and *errorbuf is set to a pointer to a NUL-terminated string describing the error. This string may contain embedded newlines.
This error information is suitable for developers and is not intended for end users. This pointer should be passed to sandbox_free_error(3)
to release the allocated storage when it is no longer needed.
AVAILABLE PROFILES
The following are brief descriptions of each available profile. Keep in mind that sandbox(7) restrictions are typically enforced at resource
acquisition time.
kSBXProfileNoInternet TCP/IP networking is prohibited. DEPRECATED.
kSBXProfileNoNetwork All sockets-based networking is prohibited. DEPRECATED.
kSBXProfileNoWrite File system writes are prohibited. DEPRECATED.
kSBXProfileNoWriteExceptTemporary File system writes are restricted to the temporary folder /var/tmp and the folder specified by the
confstr(3) configuration variable _CS_DARWIN_USER_TEMP_DIR. DEPRECATED.
kSBXProfilePureComputation All operating system services are prohibited. DEPRECATED.
SEE ALSO
sandbox-exec(1), sandbox(7), sandboxd(8)
Mac OS X March 9, 2017 Mac OS X