Configuration Changes

ircd in a chroot requires you to compile the server statically. If you use gcc, the way to do so is by setting the LDFLAGS environment variable prior to running ./configure and make.

config.h Changes

PATH options must be changed in order to properly handle a chroot wrapper. This document describes a file structure like below:

$ ls /path/to/ircd
bin/     dev/     etc/     log/      sbin/
   

The following options must be adjusted in config.h:

Configure the other options as you would any other server.

Installation Changes

On a normal installation, tools/install_ircd will read the path settings in include/config.h and install files there. Since chroot requires a different path structure, install_ircd needs to be replaced.

Copy the replacement install_ircd from this package into the ircd source tools/ directory.

Before issuing make install, you must set the PREFIX environmental variable to the directory that will be the root of the chroot.

Additional chroot files

There must be a dev/ directory in the chroot file system containing the files: null and zero. These files need to be created with the command mknod.

There must also be an etc/ directory with a copy of /etc/localtime and a valid resolv.conf.

Hybrid 6.3 and later use the adns library to provide a DNS resolver. This library requires the files protocols and services to be present in the chroot's etc/ directory.

The file permissions must also be correct to allow the ircd user to use the device files, write the log files, and write to the configuration files.

chroot Loader

Edit the run_irc.c file included in this directory. You must change the three defines on the top, ROOTDIR, EXENAME, and USER.

Compile the program with:

$ gcc run_irc.c -O -static -o run_irc
   

Copy it into the chroot filesystem. To start ircd, you must, as root, execute the run_irc wrapper.

Credits

This distribution is based on the work by Martin <strpic@bofhlet.net> on CARnet.