Linux Commands Examples

A great documentation place for Linux commands

chroot

run command or interactive shell with special root directory

Synopsis

chroot [OPTION] NEWROOT [COMMAND [ARG]...]
chroot
OPTION


add an example, a script, a trick and tips

: email address (won't be displayed)
: name

Step 2

Thanks for this example ! - It will be moderated and published shortly.

Feel free to post other examples
Oops ! There is a tiny cockup. A damn 404 cockup. Please contact the loosy team who maintains and develops this wonderful site by clicking in the mighty feedback button on the side of the page. Say what happened. Thanks!

examples

1
source
            
chroot . /sbin/depmod -a
1
source
            
chroot . aticonfig --initial=check
0
source

mount dev, proc, sys in a chroot environment?

The Gentoo Handbook specifically calls out these two commands for re-mounting /proc and /dev. I've used them several times.

mount -t proc none /mnt/chroot/proc
mount -o bind /dev /mnt/chroot/dev

I suspect /sys is just a regular folder, so you should be able to make a hard link.

ln /sys /mnt/chroot/sys

0
source

Arch Linux Install, Why is arch-chroot giving me an error?

/sys is a virtual file system that interfaces with the kernel. It is meant to replace /proc. More at https://en.wikipedia.org/wiki/Sysfs

By the sounds of it, you have /mnt/sys mounted, try umount /mnt/sys or better yet, reboot. If it is doing this after the reboot, then arch-chroot is probably has a typo, mount /sys /mnt/sys should be mount --bind /mnt/sys. I could potentially help more if you could post the output of mount. Not sure if you have figured the solution out, as you posted it nearly a month ago.

0
source

How do I use the terminal SCREEN when chrooted?

SCREEN probably needs devpts, the pseudo-terminal filesystem, to be mounted on /dev/pts inside the chroot.

mount -t devpts none "$rootpath/dev/pts" -o ptmxmode=0666,newinstance

ln -fs "pts/ptmx" "$rootpath/dev/ptmx"

(The newinstance flag is optional; it gives the user a completely separate pty list, preventing them from knowing what other users are logged in.)

0
source

Adding user to chroot environment

Oh, I figured it out myself. Schroot has a feature called "sessions" where current environment can be preserved. Everytime one logs out without creating a "session", schroot brings everything to clean state and hence deletes the user as well. One can start a session using

schroot -c mychroot -b 

0
source

How to share a directory across chroots

On Linux – bind mounts.

mount --bind /orig /vm/one
mount --bind /orig /vm/two
mount --rbind /media /vm/one/media

Sharing /proc and /dev is the most common use for this (but make sure you use --rbind for /dev). You can even add -o ro for read-only.

To make the mounts persistent, update /etc/fstab:

/orig   /vm/one     none    bind
/orig   /vm/two     none    bind,ro


Once you start with using bind mounts for VMs, you will soon find yourself deep in namespaces and containers. (For example, you can have a chroot with isolated network, with just a single command...) Take a look at lxc, which uses native Linux features to create virtual systems.

0
source

Loading a new kernel in a chrooted environment

Not likely. You are already running a kernel. To have it load a second one based on a particular login doesn't sound possible or desirable. With the proliferation of virtualization tools these days, I would think that's a more likely solution.

0
source

Does schroot allow configuration files in the home directory to be overwritten?

When /home is mounted by schroot, all configuration files are placed in $HOME of the base install, irrespective of whether they belong to the schroot.

This can lead to configuration files being overwritten when two versions of a package are installed, one in the base install and the other in the schroot.

It's easy to alter the schroot setup so that its configuration files are placed in a different directory, as shown in the following example.

A schroot for wheezy-amd64 is located in /var/schroot/wheezy-amd64. This particular schroot is using the 'desktop' profile, hence its mount points are defined in /etc/schroot/desktop/fstab.

First, create a home directory for the user inside the schroot,

mkdir /var/schroot/wheezy-amd64/home/$USERNAME

Second, replace the following line in /etc/schroot/desktop/fstab,

/home          /home           none    rw,bind         0       0

with,

/home          /HOME           none    rw,bind         0       0

That's all! It's also convenient to add an alias to ~/.bash_aliases in the base install,

alias wheezy64='schroot -c wheezy-amd64 `/bin/echo "-d $PWD" | /bin/grep "^-d[ ]*\/home" | sed "s/home/HOME/"`'

Inside the schroot, the user now sees two home directories:

  • /home/$USERNAME is the schroot home directory.
  • /HOME/$USERNAME is the home directory of the base install.
0
source

copied chroot jail directory cant be chrooted

I found the answer. makejail program preserve permissions so there is no problem with jail directory created by makejail.

But deb helper scripts disturb every thing. on a default debian/rules file dh_fixperms run and change permissions so /bin/bash is not executable any more! to fix this problem we should overwrite dh_perms with this rule:

override_dh_perms:

every this get sweeter with this line!

0
source

SFTP with chroot in a folder that can not have root privileges

I'm not sure I understand your Questions, but I will try to answer.

1) You can change the location of the users Home foler in /etc/passwd. Then create groups for the users who need to be able to read/write to these folders and

chown -R user:group /the/new/homefolder

1a) The problem with sftp is that the users will still be able to read other dirs and files on the system, but not write or create.

2) Again you could do as mentioned in 1,

3) I don't understand this part - do you mean switch user when logged in? You can normally do this by:

su username

And type in the users password.

0
source

How do I enable tab tips in Bash?

The relevant section in the debian default bashrc is

# enable programmable completion features (you don't need to enable
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
# sources /etc/bash.bashrc).
if [ -f /etc/bash_completion ]; then
    . /etc/bash_completion
fi

The file sourced there is part of the bash-completion package:

$ dpkg -S /etc/bash_completion
bash-completion: /etc/bash_completion

0
source

Booting linux system from chroot: is there a better way to do this?

Why did you switch from run-init to chroot? You shouldn't do that. run-init deletes everything in the initramfs root, then chroots to $rootmnt. You want to keep that behavior.

As for how to avoid having to manually rebuild your initramfs each time, edit the master copy of the init script in /usr/share/initramfs-tools. That should at least work until you upgrade the initramfs-tools package.

A permanent solution would be to patch the init script to recognize a boot argument to append something to rootmnt, and submit that patch for inclusion into debian. Then you can add the argument to grub for entries that should be booted that way.

0
source

How do I safely allow unprivileged users to copy files to my server?

You would have a much easier time setting up a SAMBA share. (http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/install.html)

The security protocols it supports are far more fine tuned and allows for setting up users and the lot. You can also set up groups to place users in if they are already preexisting. I would suggest it as a much better way forward than creating/restricting user accounts.

This would allow you to also entirely restrict them to their folder with no way out and it supports ftp (much more friendly).

0
source

Linux commands "id" and "whoami" dependencies (for chroot environment)

Use ldd to check for linked libraries, e.g.:

 $ ldd $(which  whoami)
    linux-vdso.so.1 =>  (0x00007fff00bfe000)
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007fa25f48e000)
    /lib64/ld-linux-x86-64.so.2 (0x00007fa25f871000)

Don't worry if you can't find linux-vdso on your system, see e.g.:

The library that you see as linux-vdso.so.1 is a virtual library or Virtual Dynamic Shared Object, that resides only in each program's address space. Older systems called this linux-gate.so.1. This virtual library provides the necessary logic to allow user programs to access system functions through the fastest means available on the particular processor, either interrupt, or with most newer processors, fast system call.

0
source

Do all my programs have owner rights to all my files?

1) Yes. 2) In general no. You have to trust at least some of the software that you run not to mess things up. 3) The easiest way would probably be to run the software as a different user. If it doesn't need access to anything, you could run it as the "nobody" user who has basically no rights. Otherwise, you could change the owner of all the files the application has to access to the user it runs as. Note that this would make accessing the files more difficult for you and other programs though.

In general, I wouldn't worry too much about it. You have backups of your data that you could restore files from anyway, don't you.

description

Run COMMAND with root directory set to NEWROOT.
--userspec
=USER:GROUP

specify user and group (ID or name) to use

--groups=G_LIST

specify supplementary groups as g1,g2,..,gN

--help

display this help and exit

--version

output version information and exit

If no command is given, run ’${SHELL} -i’ (default: ’/bin/sh -i’).

copyright

Copyright © 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.

reporting bugs

Report chroot bugs to bug-coreutils[:at:]gnu[:dot:]org
GNU coreutils home page: <http://www.gnu.org/software/coreutils/>
General help using GNU software: <http://www.gnu.org/gethelp/>
Report chroot translation bugs to <http://translationproject.org/team/>


see also

chroot

The full documentation for chroot is maintained as a Texinfo manual. If the info and chroot programs are properly installed at your site, the command

info coreutils 'chroot invocation'

should give you access to the complete manual.


author

Written by Roland McGrath.

How can this site be more helpful to YOU ?


give  feedback