个人工具

“UbuntuHelp:BasicChroot”的版本间的差异

来自Ubuntu中文

跳转至: 导航, 搜索
第18行: 第18行:
 
=== Creating a chroot ===
 
=== Creating a chroot ===
 
This section provides instructions on creating a basic chroot. For more advanced chroots, see [[UbuntuHelp:DebootstrapChroot|Debootstrap Chroot]].
 
This section provides instructions on creating a basic chroot. For more advanced chroots, see [[UbuntuHelp:DebootstrapChroot|Debootstrap Chroot]].
# Install the <code><nowiki>dchroot</nowiki></code> and <code><nowiki>debootstrap</nowiki></code> packages.
+
<ol><li>Install the <code><nowiki>dchroot</nowiki></code> and <code><nowiki>debootstrap</nowiki></code> packages.
# As an administrator (i.e. using <code><nowiki>sudo</nowiki></code>), create a new directory for the chroot. In this procedure, the directory <code><nowiki>/var/chroot</nowiki></code> will be used.
+
</li><li>As an administrator (i.e. using <code><nowiki>sudo</nowiki></code>), create a new directory for the chroot. In this procedure, the directory <code><nowiki>/var/chroot</nowiki></code> will be used.
# As an administrator, open <code><nowiki>/etc/schroot/schroot.conf</nowiki></code> in a text editor.
+
</li><li>As an administrator, open <code><nowiki>/etc/schroot/schroot.conf</nowiki></code> in a text editor.
# Add the following lines into <code><nowiki>schroot.conf</nowiki></code> and then save and close the file. Replace ''your_username'' with your username.
+
</li><li>Add the following lines into <code><nowiki>schroot.conf</nowiki></code> and then save and close the file. Replace ''your_username'' with your username.</li></ol>
 +
 
 
<pre><nowiki>[gutsy]
 
<pre><nowiki>[gutsy]
 
description=Ubuntu Gutsy
 
description=Ubuntu Gutsy
第30行: 第31行:
 
root-groups=root
 
root-groups=root
 
</nowiki></pre>
 
</nowiki></pre>
# Open a terminal and type:
+
<ol><li>Open a terminal and type:</li></ol>
 +
 
 
<pre><nowiki>sudo debootstrap --variant=buildd --arch i386 gutsy /var/chroot/ http://archive.ubuntu.com/ubuntu/
 
<pre><nowiki>sudo debootstrap --variant=buildd --arch i386 gutsy /var/chroot/ http://archive.ubuntu.com/ubuntu/
 
</nowiki></pre>
 
</nowiki></pre>
第39行: 第41行:
 
There are some basic steps you can take to set-up the chroot, providing facilities such as DNS resolution and access to ''/proc''.
 
There are some basic steps you can take to set-up the chroot, providing facilities such as DNS resolution and access to ''/proc''.
 
'''Note:''' Type these commands in a shell which is ''outside'' the chroot.
 
'''Note:''' Type these commands in a shell which is ''outside'' the chroot.
# Type the following to mount the ''/proc'' filesystem in the chroot (required for managing processes):
+
<ol><li>Type the following to mount the ''/proc'' filesystem in the chroot (required for managing processes):</li></ol>
 +
 
 
<pre><nowiki>sudo mount -o bind /proc /var/chroot/proc
 
<pre><nowiki>sudo mount -o bind /proc /var/chroot/proc
 
</nowiki></pre>
 
</nowiki></pre>
# Type the following to allow DNS resolution from within the chroot (required for Internet access):
+
<ol><li>Type the following to allow DNS resolution from within the chroot (required for Internet access):</li></ol>
 +
 
 
<pre><nowiki>sudo cp /etc/resolv.conf /var/chroot/etc/resolv.conf
 
<pre><nowiki>sudo cp /etc/resolv.conf /var/chroot/etc/resolv.conf
 
</nowiki></pre>
 
</nowiki></pre>
第49行: 第53行:
 
=== Accessing graphical applications inside the chroot ===
 
=== Accessing graphical applications inside the chroot ===
 
You can run graphical applications within a chroot, but you need to provide an X server for them to run in first. Perform the following instructions ''outside'' the chroot:
 
You can run graphical applications within a chroot, but you need to provide an X server for them to run in first. Perform the following instructions ''outside'' the chroot:
# Install the <code><nowiki>xhost</nowiki></code> package.
+
<ol><li>Install the <code><nowiki>xhost</nowiki></code> package.
# Ensure that ''/proc'' is mounted and DNS resolution is set-up within the chroot (see above).
+
</li><li>Ensure that ''/proc'' is mounted and DNS resolution is set-up within the chroot (see above).
# Type the following into a Terminal:
+
</li><li>Type the following into a Terminal:</li></ol>
 +
 
 
<pre><nowiki>Xnest -ac :1
 
<pre><nowiki>Xnest -ac :1
 
</nowiki></pre>
 
</nowiki></pre>
第58行: 第63行:
 
<pre><nowiki>sudo chroot /var/chroot
 
<pre><nowiki>sudo chroot /var/chroot
 
</nowiki></pre>
 
</nowiki></pre>
# While in the chroot shell, type the following:
+
<ol><li>While in the chroot shell, type the following:</li></ol>
 +
 
 
<pre><nowiki>export DISPLAY=localhost:1
 
<pre><nowiki>export DISPLAY=localhost:1
 
</nowiki></pre>
 
</nowiki></pre>
# Start a window manager inside the chroot. For example, install the <code><nowiki>metacity</nowiki></code> package and type:
+
<ol><li>Start a window manager inside the chroot. For example, install the <code><nowiki>metacity</nowiki></code> package and type:</li></ol>
 +
 
 
<pre><nowiki>metacity &
 
<pre><nowiki>metacity &
 
</nowiki></pre>
 
</nowiki></pre>
# Start a graphical application inside the chroot (amking sure that you installed it in the chroot first). It should appear in the Xnest window.
+
<ol><li>Start a graphical application inside the chroot (amking sure that you installed it in the chroot first). It should appear in the Xnest window.</li></ol>
 +
 
 
''This section uses parts of the article [http://wiki.mandriva.com/en/Development/Howto/Chroot Installing Mandriva Linux in a Chroot], which is distributed under the [http://creativecommons.org/licenses/by-sa/2.5/ CC-BY-SA 2.5] license.''
 
''This section uses parts of the article [http://wiki.mandriva.com/en/Development/Howto/Chroot Installing Mandriva Linux in a Chroot], which is distributed under the [http://creativecommons.org/licenses/by-sa/2.5/ CC-BY-SA 2.5] license.''
 
=== References and further information ===
 
=== References and further information ===
# [http://en.wikipedia.org/wiki/Chroot Wikipedia - chroot]
+
<ol><li>[http://en.wikipedia.org/wiki/Chroot Wikipedia - chroot]
# [http://wiki.mandriva.com/en/Development/Howto/Chroot Installing Mandriva Linux in a Chroot]
+
</li><li>[http://wiki.mandriva.com/en/Development/Howto/Chroot Installing Mandriva Linux in a Chroot]
# [[UbuntuHelp:DebootstrapChroot|Debootstrap Chroot]]
+
</li><li>[[UbuntuHelp:DebootstrapChroot|Debootstrap Chroot]]</li></ol>
 +
 
 
----
 
----
 
[[category:CategorySecurity]]
 
[[category:CategorySecurity]]
  
 
[[category:UbuntuHelp]]
 
[[category:UbuntuHelp]]

2007年12月6日 (四) 15:09的版本

Geographylogo.png 文章出处: 

https://help.ubuntu.com/community/BasicChroot

Geographylogo.png 点击翻译: 

English  • 中文

请不要直接编辑翻译本页,本页将定期与来源同步。


  1. title Creating a basic chroot

A chroot is a way of isolating applications from the rest of your computer, by putting them in a jail. This is particularly useful if you are testing an application which could potentially alter important system files, or which may be insecure. This document explains the basic concepts surrounding the use of a chroot and provides instructions for getting a basic chroot up and running.

Basic Concepts

A chroot is basically a special directory on your computer which prevents applications, if run from inside that directory, from accessing files outside the directory. In many ways, a chroot is like installing another operating system inside your existing operating system. Technically-speaking, chroot temporarily changes the root directory (which is normally /) to the chroot directory (for example, /var/chroot). As the root directory is the top of the filesystem hierarchy, applications are unable to access directories higher up than the root directory, and so are isolated from the rest of the system. This prevents applications inside the chroot from interfering with files elsewhere on your computer. Note that it is possible for software from outside the chroot to access files inside the chroot. See Wikipedia - chroot for more information.

Uses of chroots

The following are some possible uses of chroots:

  • Isolating insecure and unstable applications
  • Running 32-bit applications on 64-bit systems
  • Testing new packages before installing them on the production system
  • Running older versions of applications on more modern versions of Ubuntu
  • Building new packages, allowing careful control over the dependency packages which are installed

Creating a chroot

This section provides instructions on creating a basic chroot. For more advanced chroots, see Debootstrap Chroot.

  1. Install the dchroot and debootstrap packages.
  2. As an administrator (i.e. using sudo), create a new directory for the chroot. In this procedure, the directory /var/chroot will be used.
  3. As an administrator, open /etc/schroot/schroot.conf in a text editor.
  4. Add the following lines into schroot.conf and then save and close the file. Replace your_username with your username.
[gutsy]
description=Ubuntu Gutsy
location=/var/chroot
priority=3
users=your_username
groups=sbuild
root-groups=root
  1. Open a terminal and type:
sudo debootstrap --variant=buildd --arch i386 gutsy /var/chroot/ http://archive.ubuntu.com/ubuntu/

This will create a basic 'installation' of Ubuntu 7.10 (Gutsy Gibbon) in the chroot. It may take a while for the packages to be downloaded. Note: You can replace gutsy with the Ubuntu version of your choice. 1.#6 A basic chroot should now have been created. Type sudo chroot /var/chroot to change to a root shell inside the chroot.

Setting-up the chroot

There are some basic steps you can take to set-up the chroot, providing facilities such as DNS resolution and access to /proc. Note: Type these commands in a shell which is outside the chroot.

  1. Type the following to mount the /proc filesystem in the chroot (required for managing processes):
sudo mount -o bind /proc /var/chroot/proc
  1. Type the following to allow DNS resolution from within the chroot (required for Internet access):
sudo cp /etc/resolv.conf /var/chroot/etc/resolv.conf

Very few packages are installed by default in a chroot (even sudo isn't installed). Use apt-get install package_name to install packages. See Debootstrap Chroot and Installing Mandriva Linux in a Chroot for more advanced set-up instructions.

Accessing graphical applications inside the chroot

You can run graphical applications within a chroot, but you need to provide an X server for them to run in first. Perform the following instructions outside the chroot:

  1. Install the xhost package.
  2. Ensure that /proc is mounted and DNS resolution is set-up within the chroot (see above).
  3. Type the following into a Terminal:
Xnest -ac :1

A blank Xnest window should appear. 1.#4 Open another Terminal and type the following to enter the chroot: 

sudo chroot /var/chroot
  1. While in the chroot shell, type the following:
export DISPLAY=localhost:1
  1. Start a window manager inside the chroot. For example, install the metacity package and type:
metacity &
  1. Start a graphical application inside the chroot (amking sure that you installed it in the chroot first). It should appear in the Xnest window.

This section uses parts of the article Installing Mandriva Linux in a Chroot, which is distributed under the CC-BY-SA 2.5 license.

References and further information

  1. Wikipedia - chroot
  2. Installing Mandriva Linux in a Chroot
  3. Debootstrap Chroot
取自“https://wiki.ubuntu.org.cn/index.php?title=UbuntuHelp:BasicChroot&oldid=65523