OSX and chroot unable to find /bin/bash

Asked 9/10, 2013 at 3:37 Answered 6/12, 2015 at 10:7

I am trying to get chroot to work on my mac book. I setup the jail dir to contain all the requirements for /bin/sh and /bin/bash (recursively called /usr/bin/otool)

# ls /var/chroot/*/*
/var/chroot/bin/bash    /var/chroot/bin/sh

/var/chroot/usr/lib:
libDiagnosticMessagesClient.dylib       libauto.dylib
libc++abi.dylib                         libobjc.A.dylib
libSystem.B.dylib                       libc++.1.dylib
libncurses.5.4.dylib                    system

when I try to use chroot on /var/chroot, it keeps saying it can't find /bin/bash

# chroot /var/chroot/
chroot: /bin/sh: No such file or directory
$ sudo chroot /var/chroot/
chroot: /bin/bash: No such file or directory

Any idea whats causing chroot not to work on my mac?

OSX version 10.8.4

Edit: On CentOS, when I run ldd /bin/bash, I get all the libs needed. If I don't copy them all over, it says /bin/bash: No such file or directory. So I assume that this means that on mac I am missing libs; just not sure which.

Stimulative answered 9/10, 2013 at 3:37 Comment(7)

Try straceing the command to see what it's trying to open(1) – Undershirt 9/10, 2013 at 18:39

Mac doesn't have strace, so I used dtruss. Don't see it loading any libs other than dtruss stuff: sudo dtruss -fa -t open /bin/bash open("/usr/lib/dtrace/libdtrace_dyld.dylib\0", 0x0, 0x0) = 3 0 open("/dev/tty\0", 0x6, 0x7FFF737E7788) = 3 0 open("/dev/dtracehelper\0", 0x2, 0x7FFF5DA4E460) = 3 0 open("/usr/share/terminfo/73/screen\0", 0x0, 0x0) = 3 0 open("/dev/dtracehelper\0", 0x2, 0x7FFF5A9FA4C0) = 3 0 – Stimulative 9/10, 2013 at 20:27

sudo dtruss /bin/bash -c "echo hi" seems to give me much more details on what libs are opened. – Stimulative 9/10, 2013 at 20:30

gist.github.com/dcapwell/6907836 shows all libs opened up – Stimulative 9/10, 2013 at 20:32

even with all those libs, on my mac it still won't "find" bash. – Stimulative 10/10, 2013 at 17:54

Maybe this link is helpful: hints.macworld.com/comment.php?mode=view&cid=42051 check if your problem gets solved if you move the shell to /jail – Humanoid 5/11, 2013 at 15:7

Apple broke chrooting since macOS 11.0.1 by not shipping plain system library files; see discussion on Apple SE. – Trudytrue 21/10, 2021 at 8:50

You need to copy /usr/lib/dyld to your chroot jail to get the dynamic linker. If that is not present, then attempting to execute anything in the chroot jail will fail without any error other than Killed: 9. Once you get /usr/lib/dyld copied over, then if you are missing any further libraries you will get an error, e.g:

dyld: Library not loaded: /usr/lib/libncurses.5.4.dylib
  Referenced from: /bin/bash
  Reason: image not found

From your list of files I see you don't have /usr/lib/dyld, so I think it is very likely this is your problem. I'm not sure why you are getting No such file or directory instead of Killed: 9 for this issue; possibly that is an OS version difference - I am testing on Mac OS X 10.10.5, you are (or were) testing with Mac OS X 10.8.4.

hwatkins' answer of course works since it copies both /usr/lib/dyld and every required dylib to run /bin/bash to the jail. However, when setting up a jail, I prefer to only copy the bare minimum to get it to work. Once you've copied dyld and bash, you can follow the error messages to get the paths to all the other libraries you need. (A bit laborious, but it is a guaranteed minimum.)

The method of recursively calling otool -L also works for *.dylib files, but it won't tell you about /usr/lib/dyld. This is because -L prints shared libraries used, but /usr/lib/dyld is not exactly a shared library. If you run otool -l on an executable library, you'll see the -L output matches the load command LC_LOAD_DYLIB (and a few variants such as LC_REEXPORT_DYLIB), whereas the reference to dyld is in LC_LOAD_DYLINKER, which is not output by -L.

Aloisius answered 6/12, 2015 at 10:7 Comment(0)

When you said you did a recursive otool -L what do you mean? There are a lot of shared libraries needed to make this work, for example:

otool -L /bin/bash
/bin/bash:
    /usr/lib/libncurses.5.4.dylib (compatibility version 5.4.0, current version 5.4.0)
    /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1197.1.1)

Then you have to run otool -L on those (then otool -L on those):

otool -L /usr/lib/libSystem.B.dylib
/usr/lib/libSystem.B.dylib:
    /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1197.1.1)
    /usr/lib/system/libcache.dylib (compatibility version 1.0.0, current version 62.0.0)
    /usr/lib/system/libcommonCrypto.dylib (compatibility version 1.0.0, current version 60049.0.0)
    /usr/lib/system/libcompiler_rt.dylib (compatibility version 1.0.0, current version 35.0.0)
    /usr/lib/system/libcopyfile.dylib (compatibility version 1.0.0, current version 103.0.0)
    /usr/lib/system/libcorecrypto.dylib (compatibility version 1.0.0, current version 1.0.0)
    /usr/lib/system/libdispatch.dylib (compatibility version 1.0.0, current version 339.1.9)
    /usr/lib/system/libdyld.dylib (compatibility version 1.0.0, current version 239.3.0)
    /usr/lib/system/libkeymgr.dylib (compatibility version 1.0.0, current version 28.0.0)
    /usr/lib/system/liblaunch.dylib (compatibility version 1.0.0, current version 842.1.4)
    /usr/lib/system/libmacho.dylib (compatibility version 1.0.0, current version 845.0.0)
    /usr/lib/system/libquarantine.dylib (compatibility version 1.0.0, current version 71.0.0)
    /usr/lib/system/libremovefile.dylib (compatibility version 1.0.0, current version 33.0.0)
    /usr/lib/system/libsystem_asl.dylib (compatibility version 1.0.0, current version 217.1.4)
    /usr/lib/system/libsystem_blocks.dylib (compatibility version 1.0.0, current version 63.0.0)
    /usr/lib/system/libsystem_c.dylib (compatibility version 1.0.0, current version 997.1.1)
    /usr/lib/system/libsystem_configuration.dylib (compatibility version 1.0.0, current version 596.12.0)
    /usr/lib/system/libsystem_dnssd.dylib (compatibility version 1.0.0, current version 522.1.11)
    /usr/lib/system/libsystem_info.dylib (compatibility version 1.0.0, current version 449.1.3)
    /usr/lib/system/libsystem_kernel.dylib (compatibility version 1.0.0, current version 2422.1.72)
    /usr/lib/system/libsystem_m.dylib (compatibility version 1.0.0, current version 3047.16.0)
    /usr/lib/system/libsystem_malloc.dylib (compatibility version 1.0.0, current version 23.1.10)
    /usr/lib/system/libsystem_network.dylib (compatibility version 1.0.0, current version 241.3.0)
    /usr/lib/system/libsystem_notify.dylib (compatibility version 1.0.0, current version 121.0.0)
    /usr/lib/system/libsystem_platform.dylib (compatibility version 1.0.0, current version 24.1.4)
    /usr/lib/system/libsystem_pthread.dylib (compatibility version 1.0.0, current version 53.1.4)
    /usr/lib/system/libsystem_sandbox.dylib (compatibility version 1.0.0, current version 278.10.0)
    /usr/lib/system/libsystem_stats.dylib (compatibility version 1.0.0, current version 93.1.26)
    /usr/lib/system/libunc.dylib (compatibility version 1.0.0, current version 28.0.0)
    /usr/lib/system/libunwind.dylib (compatibility version 1.0.0, current version 35.3.0)
    /usr/lib/system/libxpc.dylib (compatibility version 1.0.0, current version 300.1.17)

I did a quick test with:

mkdir -p /Users/chroot/bin /Users/chroot/usr/lib/system
cp /bin/bash /Users/chroot/bin
cp /usr/lib/* /Users/chroot/usr/lib
cp /usr/lib/system/* /Users/chroot/usr/lib/system

chroot /Users/chroot /bin/bash

This worked, so I assume you are missing a shared library you needed. You could probably write a script to fully do a recursive otool -L and just get the exact shared libraries you need, but it's probably easier just to do a bulk copy.

Enforce answered 22/11, 2013 at 17:1 Comment(0)

Recommended topics

Hot tags