Welcome! Log In Create A New Profile

Advanced

dns lookups only half working in chroot

Posted by Samuel Vogel 
Samuel Vogel
dns lookups only half working in chroot
September 09, 2009 03:00PM
Hey guys,

I am cross-posting this to the PHP and the PHP-FPM lists, because both
are applicable in my opinion.

I have got a strange problem with my php-fpm chrooted PHP environment.
PHP is chrooted to /var/www/.

/var/www/etc looks like this:
# ls -al /var/www/etc/
insgesamt 20
drwxr-xr-x 2 root root 4096 9. Sep 20:33 .
drwxr-xr-x 5 root root 4096 9. Sep 20:10 ..
-rw-r--r-- 1 root root 265 9. Sep 20:12 hosts
-rw-r--r-- 1 root root 513 9. Sep 20:23 nsswitch.conf
-rw-r--r-- 1 root root 52 9. Sep 20:11 resolv.conf

I do run the following script:
<?php
echo gethostbyname('www.google.de')."\n";
print_r(dns_get_record('www.google.de', DNS_A))."\n";
?>

Which strangely outputs this:
www.google.de
Array
(
[0] => Array
(
[host] => www.l.google.com
[type] => A
[ip] => 74.125.43.147
[class] => IN
[ttl] => 172
)

[1] => Array
(
[host] => www.l.google.com
[type] => A
[ip] => 74.125.43.99
[class] => IN
[ttl] => 172
)

[2] => ....

I don't understand why the first lookup fails, but the second one succeeds.
Unfortunately thinks like fsockopen() seem to use the same technique as
gethostbyname(), so they don't work either.
Any pointers would be appreciated!

Regards,
Samy
Marcin Ochab
Re: dns lookups only half working in chroot
September 09, 2009 05:32PM
I would check with truss what is php really trying to do - if some file in
chroot is missing you will find it this way, or you will see what function
fail on dns lookup.

2009/9/9 Samuel Vogel <samydelux@gmail.com>

>
> Hey guys,
>
> I am cross-posting this to the PHP and the PHP-FPM lists, because both
> are applicable in my opinion.
>
> I have got a strange problem with my php-fpm chrooted PHP environment.
> PHP is chrooted to /var/www/.
>
> /var/www/etc looks like this:
> # ls -al /var/www/etc/
> insgesamt 20
> drwxr-xr-x 2 root root 4096 9. Sep 20:33 .
> drwxr-xr-x 5 root root 4096 9. Sep 20:10 ..
> -rw-r--r-- 1 root root 265 9. Sep 20:12 hosts
> -rw-r--r-- 1 root root 513 9. Sep 20:23 nsswitch.conf
> -rw-r--r-- 1 root root 52 9. Sep 20:11 resolv.conf
>
> I do run the following script:
> <?php
> echo gethostbyname('www.google.de')."\n";
> print_r(dns_get_record('www.google.de', DNS_A))."\n";
> ?>
>
> Which strangely outputs this:
> www.google.de
> Array
> (
> [0] => Array
> (
> [host] => www.l.google.com
> [type] => A
> [ip] => 74.125.43.147
> [class] => IN
> [ttl] => 172
> )
>
> [1] => Array
> (
> [host] => www.l.google.com
> [type] => A
> [ip] => 74.125.43.99
> [class] => IN
> [ttl] => 172
> )
>
> [2] => ....
>
> I don't understand why the first lookup fails, but the second one succeeds.
> Unfortunately thinks like fsockopen() seem to use the same technique as
> gethostbyname(), so they don't work either.
> Any pointers would be appreciated!
>
> Regards,
> Samy
>
Samuel Vogel
Re: dns lookups only half working in chroot
September 14, 2009 06:10AM
While copying libs in the chroot directory I didn't restart the php
processes, so the new libs weren't seen by the already running processes.
Restarting solved it of course...

Am 09.09.09 23:17, schrieb Marcin Ochab:
> I would check with truss what is php really trying to do - if some
> file in chroot is missing you will find it this way, or you will see
> what function fail on dns lookup.
>
> 2009/9/9 Samuel Vogel <samydelux@gmail.com <mailto:samydelux@gmail.com>>
>
>
> Hey guys,
>
> I am cross-posting this to the PHP and the PHP-FPM lists, because both
> are applicable in my opinion.
>
> I have got a strange problem with my php-fpm chrooted PHP environment.
> PHP is chrooted to /var/www/.
>
> /var/www/etc looks like this:
> # ls -al /var/www/etc/
> insgesamt 20
> drwxr-xr-x 2 root root 4096 9. Sep 20:33 .
> drwxr-xr-x 5 root root 4096 9. Sep 20:10 ..
> -rw-r--r-- 1 root root 265 9. Sep 20:12 hosts
> -rw-r--r-- 1 root root 513 9. Sep 20:23 nsswitch.conf
> -rw-r--r-- 1 root root 52 9. Sep 20:11 resolv.conf
>
> I do run the following script:
> <?php
> echo gethostbyname('www.google.de http://www.google.de')."\n";
> print_r(dns_get_record('www.google.de http://www.google.de',
> DNS_A))."\n";
> ?>
>
> Which strangely outputs this:
> www.google.de http://www.google.de
> Array
> (
> [0] => Array
> (
> [host] => www.l.google.com http://www.l.google.com
> [type] => A
> [ip] => 74.125.43.147
> [class] => IN
> [ttl] => 172
> )
>
> [1] => Array
> (
> [host] => www.l.google.com http://www.l.google.com
> [type] => A
> [ip] => 74.125.43.99
> [class] => IN
> [ttl] => 172
> )
>
> [2] => ....
>
> I don't understand why the first lookup fails, but the second one
> succeeds.
> Unfortunately thinks like fsockopen() seem to use the same
> technique as
> gethostbyname(), so they don't work either.
> Any pointers would be appreciated!
>
> Regards,
> Samy
>
>
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 130
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready