On Tue, 18 Jul 2023 at 10:42:49 +0200, Marc Haber wrote:
> That would be /usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 on my
> system (only output of find /lib /usr/lib -name 'ld-lin*'), and adding
> that to ExecPaths doesnt allow my Executable to run. So it must be
> something else (possibly in addition).
The interoperable interpreter hard-coded in the ELF header for x86_64
is /lib64/ld-linux-x86-64.so.2 (yes, even on Debian, which otherwise
doesn't generally use lib64). On Debian systems, that happens to be a
symlink to /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2, which resolves to
/usr/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 as a result of the /usr
merge, but those paths are implementation details of Debian rather than
being part of the ABI. In container/namespace contexts you'll likely
need to allow access to this via all three paths.
smcv
Re: Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
- From: Simon McVittie <smcv@xxxxxxxxxxxxx>
- Date: Tue, 18 Jul 2023 14:28:30 +0100
- In-reply-to: <ZLZQiaHMxN0t4OEi@torres.zugschlus.de>
- References: <ZKMY2hHcA3CBVw6p@torres.zugschlus.de> <ZKPaY1mkjKrdROcq@gardel-login> <ZKr5GzwVBFSCMlSt@torres.zugschlus.de> <ZKvBRGrIm7iywMGb@gardel-login> <ZKvRQGLbuEjeCkQ7@torres.zugschlus.de> <ZKvZNWApyLpjQOgK@gardel-login> <ZKvaKh1HMTZhiZYz@torres.zugschlus.de> <ZLU3k0KJIvKQOF1j@torres.zugschlus.de> <CAPWNY8Uh35f70H_pmVqnaWZbO_2_K9XA0aXJGM+_UW3ocgSjxw@mail.gmail.com> <ZLZQiaHMxN0t4OEi@torres.zugschlus.de>
- References:
- bind-mount of /run/systemd for chrooted bind9/named
- From: Marc Haber
- Re: bind-mount of /run/systemd for chrooted bind9/named
- From: Lennart Poettering
- Re: bind-mount of /run/systemd for chrooted bind9/named
- From: Marc Haber
- Re: bind-mount of /run/systemd for chrooted bind9/named
- From: Lennart Poettering
- Re: bind-mount of /run/systemd for chrooted bind9/named
- From: Marc Haber
- Re: bind-mount of /run/systemd for chrooted bind9/named
- From: Lennart Poettering
- Re: bind-mount of /run/systemd for chrooted bind9/named
- From: Marc Haber
- Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
- From: Marc Haber
- Re: Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
- From: Mantas Mikulėnas
- Re: Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
- From: Marc Haber
- bind-mount of /run/systemd for chrooted bind9/named
- Prev by Date: Random freeze at booting Fedora 38
- Next by Date: Re: Feedback sought: can we drop cgroupv1 support soon?
- Previous by thread: Re: Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
- Next by thread: Re: Securing bind with systemd methods (was: bind-mount of /run/systemd for chrooted bind9/named)
- Index(es):
 |