The Chroot Setup May Be Broken You May Want to Update Your Chroot Again

View previous topic :: View next topic
Writer Message
fpoprocks
n00b
n00b

Joined: 01 October 2004
Posts: fifteen
Location: Worcester, MA, Us


Post Posted: Sunday Oct 03, 2004 3:02 am   Mail subject: HOWTO: meliorate utilize your chroot Reply with quote

HOWTO: better utilise your chroot

Why I'chiliad writing this
Perhaps I'm just dense, just I recently realized a much easier mode of running 32-bit programs on a 64-bit system. Since I had these 'problems', I would imagine that other people might besides, so here goes nothing :roll:

What I was doing earlier
I used to exercise one of the post-obit to install and run a 32-bit programme...

  • chroot to my 32-bit root
  • emerge <package>
  • run <bundle> within the chroot
... or...
  • download pre-compiled binaries
  • install 32-bit binaries into my 64-fleck root
  • run the binaries from in that location (probably afterward searching for a few libraries I didn't take)

Evidently, each method has advantages and disadvantages. The outset method uses the portage system and all 32-fleck binaries are seperate from the 64-bit ones which is nice. Unfortunatly, information technology's more piece of work to run these programs - it'd be nice if they just sat in your 64-scrap root and so y'all could access the rest of your files and whatnot.

The 2nd method works from your 64-flake root, but you lose the utilise of the portage system so updating software and finding dependencies becomes much more of a chore. It'due south also kind of 'messy'.

My method has nearly of the advantages of both (and just a 'small' disadvantage (More on that later!))

Prerequisites
First of all, if you don't already have a 32-bit chroot setup, this would be the first pace. Check the technotes for how to do that.

I setup my 32-bit chroot at /linux32, so I will apply that for the rest of this howto.

Likewise, make sure yous are able to run 32-bit binaries and you have the emulation libraries installed (meet the technotes).

How information technology works
Inside the chroot, we have a fully setup organization. So that ways we accept all the libraries we need and such. Improve yet, if you emerge something new, say mplayer, all the libraries that mplayer depends on will also be setup in the chroot.

Say we emerged mplayer in the chroot. mplayer is at present installed to (from the 64-bit system'southward perspective) /linux32/usr/bin/mplayer. Unfortunatly, if nosotros endeavor to start it, we become a bunch of link errors because the 64-flake system can't find the libraries mplayer needs. But! The libraries are in that location, but waiting for us to employ them - we just need to tell linux where to look for them.

To exercise this, we'll create a new file in /etc/env.d/. (I'm not sure virtually the naming convention in that folder, but I decided to put my file 'near' the libc emulation libraries, so I called my file '40linux32'. It seems to piece of work fine so far.)

Lawmaking:

# if you lot don't use KDE three.3, remove the ':' and the 2d path
# you may want another directory in identify of the kde directory if you
# use gnome, etc, but I'thou not sure what that would be...
echo 'LDPATH="/linux32/usr/lib:/linux32/usr/kde/3.3/lib"' > /etc/env.d/40linux32

# regenerate the ld-cache - put our new path(southward) into issue
env-update


The beginning line gives some locations to wait for libraries. (It is like the PATH variable, but for libraries.) You may want to add to this. And then far, everything is working fine with only these 2 paths for me. Note that directories are seperated by a colon.

The last step is to setup some symlinks to the newly emerged package'south executables. In the instance of mplayer, simply exercise similar and so...

Code:

cd /usr/bin
ln -s /linux32/usr/bin/mplayer
ln -s /linux32/usr/bin/mencoder
ln -southward /linux32/usr/bin/gmplayer

Of course setting up more than packages is easier since we will usually not take to alter whatever settings in /etc/env.d - just emerge in the chroot and setup the symlinks in the 64-bit root!

The problem
Unfortunatly, this does have a disadvantage - we only take care of the binaries. Some packages install more merely binaries. Things such as configuration files and homo pages. Usually this is like shooting fish in a barrel enough to deal with. For our mplayer case, we're missing the mplayer configuration files and the codecs. To fix this, simply do...

Code:

ln -due south /linux32/etc/mplayer.conf /etc/mplayer.conf
ln -south /linux32/usr/share/mplayer /usr/share/mplayer

I'm non quite sure what to do about man pages... Any suggestions?

So, proficient luck!

Also, if anyone thinks this is a BAD Thought, please let me know! I'thou non quite an skilful... notwithstanding... :mrgreen:

Back to top

View user's profile Send private message

deefster
Tux's lil' helper
Tux's lil' helper

Joined: 19 April 2004
Posts: 77


Post Posted: Mon Oct 04, 2004 3:45 am   Post field of study: Reply with quote

Running programs out of the chroot does accept some limitations, though I've found they are minimized with a couple simple practices:
Code:
mount -o bind /habitation /linux32/home
mount -o bind /tmp /linux32/tmp

- gear up XAUTHORITY to the same value exterior the chroot
in this way yous wont have to mess with xhost or xserver nolisten settings at all.
- mount any other dir you desire to access

Otherwise, to run programs outside the chroot, you can only work with binary packages and let portage handle all the installation details/dependencies.

Code:
emerge -b mplayer
volition put a binary bundle in PKGDIR in the chroot. Check out quickpkg if yous already have <bundle> emerged.
Then
Code:
PKGDIR=/linux32/path/used/higher up emerge -Yard mplayer
to emerge a 32-scrap binary only mplayer from your chroot.
Back to top

View user's profile Send private message

tarzan420
Tux's lil' helper
Tux's lil' helper

Joined: 05 Jul 2003
Posts: 81
Location: Fairbanks AK


Post Posted: Tue Oct 12, 2004 viii:02 am   Post subject: Reply with quote

then, umm, is there a way to set up it up such that I can do chroot as my normal user, and not have to become root?
_________________
The power of Unix coupled with a pleasing interface and scores of usable desktop applications is a disgusting perversion of everything Unix stands for.
Back to top

View user's profile Send private message

bverheg
n00b
n00b

Joined: 01 Sep 2002
Posts: 39
Location: Vlaanderen


Post Posted: Tue Oct 12, 2004 iv:27 pm   Post subject: Reply with quote

sudo, as in
Code:
 sudo linux32 chroot /mnt/gentoo32 /bin/bash

Actually, I utilize a script to offset mount -o demark the needed dirs in gentoo32, and then chroot. And I requite the normal user account sudo access to that script.

Back to summit

View user's profile Send private message

hamaker
n00b
n00b

Joined: 09 Sep 2004
Posts: 73
Location: Netherlands


Post Posted: Wed Oct xiii, 2004 xi:56 am   Postal service subject: Reply with quote

I'm not an expert yet either :wink: , so could you lot help me on this:

I get an errormessage when I try your env.d file:

Code:
!!! Invalid token (non "=") 'LDPATH="/mnt/gentoo32/usr/lib"'

I don't know what to practice about it but everything is solved by putting the extra LDPATH in the 00basic file, it seems. I tin't try out if it works yet, as my estimator is compiling the 32bit system this very moment, simply is in that location annihilation fundamentaly wrong with this (seemingly more than elementary) solution?
Back to top

View user's profile Send private message

daemonflower
Apprentice
Apprentice

Joined: 17 Jul 2004
Posts: 290


Post Posted: Wednesday October thirteen, 2004 2:20 pm   Postal service bailiwick: Reply with quote

bverheg wrote:
sudo, every bit in
Code:
 sudo linux32 chroot /mnt/gentoo32 /bin/bash
This is questionable from a security indicate of view, as the normal user has root access to the chroot then. Another questionable method, for a different reason, is to
Code:
chmod u+south `which chroot`
The user appears as a normal user to the chroot organisation then, but y'all accept ane more setUID root executable on your system so. Choose your poison...
I don't know a manner to cleanly chroot a normal user. I'd sure be interested to hear of one.
Dorsum to summit

View user's profile Send private message

evade
n00b
n00b

Joined: 12 October 2004
Posts: four


Post Posted: Wednesday October thirteen, 2004 eight:09 pm   Mail subject: Reply with quote

how about granting the user sudo access to a script like this:

gnome-concluding -eastward 'linux32 chroot /linux32 /bin/su - dave'

Back to superlative

View user's profile Send private message

bverheg
n00b
n00b

Joined: 01 Sep 2002
Posts: 39
Location: Vlaanderen


Post Posted: Thu Oct xiv, 2004 5:32 pm   Post subject: Reply with quote

daemonflower wrote:
bverheg wrote:
sudo, equally in
Lawmaking:
 sudo linux32 chroot /mnt/gentoo32 /bin/bash
This is questionable from a security indicate of view, every bit the normal user has root access to the chroot then.

With sudo you tin pretty well configure what exactly yous give each user access to. Yous could even restrict his admission to a single command in the chroot (e.g. just let him execute a 32bit firefox-bin).
Most likely you just desire to drop the user in a beat nether his own uid. You can do this for user joe by creating a script with the control
Code:
linux32 chroot /mnt/gentoo32 su - joe

and giving him sudo admission to it. User joe will then end up nether his own account in the chroot.
Back to top

View user's profile Send private message

emerose
n00b
n00b

Joined: 14 Oct 2004
Posts: 11


Post Posted: Fri Oct 15, 2004 three:09 pm   Post subject: script to prepare /linux32 Reply with quote

I wrote this script to set up various things in /linux32. It's designed to be run from /etc/init.d -- copy it there and do 'rc-update add <file> default'
Code:

#!/sbin/runscript
# setup /linux32 to match /
# copyright 2004 sam quigley <sq@emerose.com>
# gratuitous distribution, modification, etc. encouraged

depend() {
demand localmount
need bootmisc
}

start() {
# Mount /tmp
ebegin "Mounting directories under /linux32"
mount -o bind /boot /linux32/boot >/dev/null && \
mount -o bind /dev /linux32/dev >/dev/zero && \
mount -o bind /mnt /linux32/mnt >/dev/nothing && \
mount -o bind /root /linux32/root >/dev/null && \
mountain -o bind /tmp /linux32/tmp >/dev/null && \
mountain -o demark /dwelling /linux32/home >/dev/null && \
mount -o demark /usr/share /linux32/usr/share >/dev/null && \
mount -o bind /usr/portage /linux32/usr/portage >/dev/zero && \
eend $? "Problem mounting some directories"

   # Copy files around
ebegin "Copying files into /linux32/etc"
cp -pf /etc/resolv.conf /linux32/etc >/dev/null && \
cp -pf /etc/passwd /linux32/etc >/dev/null && \
cp -pf /etc/shadow /linux32/etc >/dev/null && \
cp -pf /etc/group /linux32/etc >/dev/nothing && \
cp -pf /etc/gshadow /linux32/etc >/dev/null && \
cp -pf /etc/hosts /linux32/etc > /dev/null && \
cp -pf /etc/hostname /linux32/etc > /dev/null && \
cp -pf /etc/dnsdomainname /linux32/etc > /dev/nil && \
cp -pf /etc/sudoers /linux32/etc > /dev/zip && \
cp -Ppf /etc/localtime /linux32/etc >/dev/null && \
eend $? "Problem copying files"
}

This is my showtime stab at this, and so let me know if there are ways to brand information technology better. I didn't copy things like include files and source directories, because I suspect that that stuff may vary by compages. Also, there are presumably things I could have done under /var and maybe /usr/X11R6 -- just I'm non certain which things are arch-dependent, and so I didn't touch them...

-sq

[Edit: changed the file copy code to use p (preserve owners), and to copy some more than files across]

Back to meridian

View user's profile Send private message

lramos85
Tux'south lil' helper
Tux's lil' helper

Joined: 29 Jun 2004
Posts: 141
Location: Riverside, Ca


Post Posted: Saturday October 16, 2004 2:02 am   Post subject area: Reply with quote

Hey neat pretty smart, I'll try it and post back. Thanks fpoprocks for your post and emerose for the file.
_________________
Registered Linux User #328996
Annals Now!
Adpot an unanswered post today!
Back to top

View user's profile Send private message

fpoprocks
n00b
n00b

Joined: 01 Oct 2004
Posts: 15
Location: Worcester, MA, United states


Post Posted: Saturday October 16, 2004 6:20 am   Post subject: Reply with quote

hamaker wrote:
I'm non an expert yet either :wink: , so could you help me on this:

I get an errormessage when I try your env.d file:

Code:
!!! Invalid token (not "=") 'LDPATH="/mnt/gentoo32/usr/lib"'

I don't know what to exercise about it but everything is solved by putting the actress LDPATH in the 00basic file, it seems. I can't try out if information technology works yet, every bit my reckoner is compiling the 32bit system this very moment, merely is there anything fundamentaly wrong with this (seemingly more simple) solution?

Hmm - that'southward strange. But AFAIK, adding an extra path to, say, 00basic won't cause anything to pause. I could imagine that these files may become overwritten when updating some packages. So just sentry out for it when you run etc-update :D

Also, thanks to anybody for the chroot-as-a-normal-user tips!

Back to top

View user's profile Send private message

Brandish posts from previous:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You lot cannot vote in polls in this forum

conleydayfulgaid1962.blogspot.com

Source: https://forums.gentoo.org/viewtopic-p-1653565.html

0 Response to "The Chroot Setup May Be Broken You May Want to Update Your Chroot Again"

إرسال تعليق

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel