Forum

Results 1 to 15 of 22

Hybrid View

  1. #1
    Join Date
    July 2012
    Posts
    25

    issue chrooting ts3

    Is there a way to invoke ts3server_linux_x86 directly without using a shell .sh script?

    Also has anyone managed to get a chroot to work with ts3, or am I stuck with the less secure and unsupported ts2?

  2. #2
    Join Date
    July 2012
    Posts
    25
    I think some background is in order. It is a FC14 x86 VM I pay to have hosted.

    I currently have enemy-territory successfully chrooted and running screen on it. (http://tjw.org/etded/ <---good start)
    ET itself takes up about 80% of resident memory due to amount of modifications present. Before my last compromised event I had it on a daily reboot schedule. I have managed to tweak things now and things have been running for almost 3 months with no issues at this point with no reboots.

    I can get teamspeak3 to run if not in a chroot.

    The concern is one of making it more hack proof, given TS's history of being quite hackable due to default insecure behavior of the application itself. Some of that behavior can be modified, however.

    I can get it to run with screen and get it to run with init scripts. The problem is I want to invoke screen as I chroot it as I have with ET.

    The other thing that is occuring to me is that I may not be able to run concurrent Chroot jail directory structures. I can try adding the teamspeak daemon to the existing chroot and see if I can make it run that way which is the only thing I have not tried as of yet.

    The other thing to point out is that with the new era of virtualization there has been an emphasis removed from file system rights and security lock down as "It's a VM, I can just reload the latest snapshot". This is a bad precedence and habit. Just having another level of safety and security does not remove your responsibility to lock down your systems.

    Now that you have some background on my brain wracking conundrum, does anyone have any input on what one might do to help lock things down properly?

  3. #3
    Join Date
    January 2010
    Location
    Germany
    Posts
    2,029
    Code:
    cd /path/to/teamSpeak/Folder && export LD_LIBRARY_PATH="." && ./ts3server_linux_<arch>
    should work in theory.

  4. #4
    Join Date
    July 2012
    Posts
    25
    I had to rebuild with stock steps from:
    http://www.feldstudie.net/2009/12/22...how-to-chroot/

    It then worked on the new built from scratch dir structure.

    I found that this command seemed to launch it by itself:
    cd /home/chroot/ts3/home/ts3 && export LD_LIBRARY_PATH="." && ./ts3server_linux_x86 dbplugin=ts3db_mysql
    since I want to use MYSQL.

  5. #5
    Join Date
    July 2012
    Posts
    25
    2012-07-24 01:06:55.281592|INFO |ServerLibPriv | | TeamSpeak 3 Server 3.0.6 (2012-06-21 04:43:35)
    2012-07-24 01:06:55.369072|INFO |DatabaseQuery | | dbPlugin name: MySQL plugin, (c)TeamSpeak Systems GmbH
    2012-07-24 01:06:55.369170|INFO |DatabaseQuery | | dbPlugin version: 1
    2012-07-24 01:06:55.702698|ERROR |DatabaseQuery | | mysql_real_connect() failed with error: Access denied for user 'root'@'localhost' (using password: NO)
    2012-07-24 01:06:55.702795|CRITICAL|ServerLibPriv | | Server() DatabaseError

    Now I just can't seem to get su to see the user account, but I have always had that problem. Given that it is Fedora Core I have to wonder if the folks haven't done something weird with chroot to cause it to only allow one chroot directory structure.

    With the enemy territory server running for 90 days without a reboot, I don't think a reboot would fix things.

  6. #6
    Join Date
    July 2012
    Posts
    25
    for the database part I did this:
    shell> mysql -u root
    mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('newpwd');
    mysql> SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('newpwd');
    # mysql -u root -p
    use mysql;
    INSERT INTO user (Host,User,Password) VALUES('%','teamspeak',PASSWORD('pwd'));
    flush privileges;

    create database teamspeak;
    grant all privileges on teamspeak.* to [email protected];
    flush privileges;

    Then I figured out things by RingTFM
    ./ts3server_linux_x86 dbplugin=ts3db_mysql dbsqlcreatepath=create_mysql/
    that gets it to use the mysql plugin instead of the default sqllite plugin

    I run this string in chroot:
    export LD_LIBRARY_PATH="/home/ts3" && /home/ts3/ts3server_linux_x86 dbpluginparameter=ts3db_mysql.ini dbplugin=ts3db_mysql inifile=ts3server.ini

    the passwd file in the chroot:
    ts3:x:611:611::/home/ts3:/home/ts3/ts3server_linux_x86
    the relevant line in the /etc/passwd file
    ts3:x:611:611::/home/chroot/ts3:

    Then I noticed I need to allow the user on the db
    grant all privileges on teamspeak.* to [email protected];
    flush privileges;

  7. #7
    Join Date
    July 2012
    Posts
    25
    I got it somewhat working at this point:
    running: chroot /home/chroot/ts3 su - ts3

    gets:

    2012-07-26 01:00:50.528730|INFO |ServerLibPriv | | TeamSpeak 3 Server 3.0.6 (2012-06-21 04:43:35)
    ERROR: openFile( file:logs/ts3server_2012-07-26__01_00_50.527255_0.log) failed
    2012-07-26 01:00:50.529967|INFO |DatabaseQuery | | Please make sure you use the supplied ts3server_minimal_runscript.sh to run the server, or set LD_LIBRARY_PATH yourself
    ERROR: openFile( file:logs/ts3server_2012-07-26__01_00_50.527255_0.log) failed
    2012-07-26 01:00:50.530038|CRITICAL|DatabaseQuery | | unable to load database plugin library "libts3db_sqlite3.so", halting!
    ERROR: openFile( file:logs/ts3server_2012-07-26__01_00_50.527255_0.log) failed
    You have new mail in /var/spool/mail/root

    To get to that point I had to edit /etc/passwd to:
    ts3:x:611:611::/home/chroot/ts3/./home/ts3:

    and edit /home/chroot/ts3 to:
    ts3:x:611:611::/home/ts3:/home/ts3/ts3server_linux_x86

    To come to the conclusion I needed to change the account on /etc/passwd I had to run:
    jk_jailuser -m -j /home/chroot/ts3 testuser
    I then copied the resulting line in /etc/passwd to the ts3 account.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. TS Issue
    By JoshO in forum Client Support
    Replies: 0
    Last Post: March 5th, 2014, 08:49 PM
  2. mic issue
    By ExtremeRuneGuides in forum Client Support
    Replies: 1
    Last Post: May 10th, 2013, 09:29 AM
  3. ts3 issue
    By crazedstickman in forum Client Support
    Replies: 2
    Last Post: August 5th, 2010, 10:23 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •