-
Notifications
You must be signed in to change notification settings - Fork 3
/
kali-chroot.in
108 lines (87 loc) · 2.88 KB
/
kali-chroot.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/bin/bash
shopt -s extglob
m4_include(common)
usage() {
cat <<EOF
usage: ${0##*/} chroot-dir [command]
-h Print this help message
-u <user>[:group] Specify non-root user and optional group to use
-d [display] Specify display to use for X11 applications
-m Export DBus machine ID to chroot environment
If 'command' is unspecified, ${0##*/} will launch '/bin/bash'.
EOF
}
chroot_add_resolv_conf() {
local chrootdir=$1 resolv_conf=$1/etc/resolv.conf
[[ -e /etc/resolv.conf ]] || return 0
# Handle resolv.conf as a symlink to somewhere else.
if [[ -L $chrootdir/etc/resolv.conf ]]; then
# readlink(1) should always give us *something* since we know at this point
# it's a symlink. For simplicity, ignore the case of nested symlinks.
resolv_conf=$(readlink "$chrootdir/etc/resolv.conf")
if [[ $resolv_conf = /* ]]; then
resolv_conf=$chrootdir$resolv_conf
else
resolv_conf=$chrootdir/etc/$resolv_conf
fi
# ensure file exists to bind mount over
if [[ ! -f $resolv_conf ]]; then
install -Dm644 /dev/null "$resolv_conf" || return 1
fi
elif [[ ! -e $chrootdir/etc/resolv.conf ]]; then
# The chroot might not have a resolv.conf.
return 0
fi
chroot_add_mount /etc/resolv.conf "$resolv_conf" --bind
}
xauthority="$chrootdir/tmp/.Xauthority"
xdisplay=""
chroot_export_xauthority() {
local chrootdir=$1 display=$2
xauth extract $xauthority $display || return 1
}
chroot_export_dbus() {
chroot_add_mount /var/lib/dbus "$1/var/lib/dbus" --bind
}
while getopts ':hu:md:' flag; do
case $flag in
h)
usage
exit 0
;;
u)
userspec=$OPTARG
;;
m)
exportdbus=1
;;
d)
xdisplay=$OPTARG
;;
:)
die '%s: option requires an argument -- '\''%s'\' "${0##*/}" "$OPTARG"
;;
?)
die '%s: invalid option -- '\''%s'\' "${0##*/}" "$OPTARG"
;;
esac
done
shift $(( OPTIND - 1 ))
(( EUID == 0 )) || die 'This script must be run with root privileges'
(( $# )) || die 'No chroot directory specified'
chrootdir=$1
shift
[[ -d $chrootdir ]] || die "Can't create chroot on non-directory %s" "$chrootdir"
if ! mountpoint -q "$chrootdir"; then
warning "$chrootdir is not a mountpoint. this may cause undesirable side effects."
fi
if [[ $xdisplay == "" ]]; then
unset $xauthority
fi
chroot_setup "$chrootdir" || die "failed to setup chroot %s" "$chrootdir"
chroot_add_resolv_conf "$chrootdir" || die "failed to setup resolv.conf"
[[ $exportdbus ]] && (chroot_export_dbus "$chrootdir" || die "failed to export dbus")
[[ "$xdisplay" != "" ]] && (chroot_export_xauthority "$chrootdir" "$xdisplay" || die "failed to export xauthority")
chroot_args=()
[[ $userspec ]] && chroot_args+=(--userspec "$userspec")
SHELL=/bin/bash XAUTHORITY=$xauthority DISPLAY=$xdisplay unshare --fork --pid chroot "${chroot_args[@]}" -- "$chrootdir" "$@"