1 |
> |
2 |
> To enable chroot for users you have to chmod u+s /bin/chroot |
3 |
> The chroot will succeed and you will be as your user and not as root. |
4 |
|
5 |
You could also use sudo. After following the HOWTO |
6 |
http://www.gentoo.org/proj/en/base/amd64/howtos/index.xml?part=1&chap=3, |
7 |
I created a simple script that uses sudo to enter the chroot as |
8 |
any user. This assumes the init.d/gentoo32 script is used to copy the |
9 |
users and groups to the chroot. Here's what I did: |
10 |
|
11 |
As root: |
12 |
emerge -av sudo |
13 |
visudo (/etc/sudoers will be loaded in you default editor) |
14 |
add a line to the file like: |
15 |
|
16 |
%wheel ALL=NOPASSWD: /bin/linux32 /usr/bin/chroot /mnt/gentoo32 /bin/su - [a-z]* |
17 |
|
18 |
This line will allow anyone in the wheel group to chroot to |
19 |
/mnt/gentoo32 as any user. Change /mnt/gentoo32 to where ever your |
20 |
chroot environment is. Also, this assumes all user names are all lower |
21 |
case. I believe you could change [a-z] to [A-z] or [a-zA-Z] or something |
22 |
similar for mixed case userids. Also the current convention does not |
23 |
allow for numbers in the user id. |
24 |
|
25 |
Now, I just created this script and put it in /usr/local/bin: |
26 |
|
27 |
#!/bin/bash |
28 |
# /usr/local/bin/ch32 |
29 |
# Script used to enter 32bit chroot |
30 |
# |
31 |
# Author: B Johnson (baj) |
32 |
# Version: 0.2 |
33 |
# Date: 2005/12/10 |
34 |
# |
35 |
# Optional paramters: |
36 |
# [userid] # user to enter chroot as, default is current user. |
37 |
# |
38 |
# TODO: |
39 |
# verify userid exists in chroot env. |
40 |
# take additional parameter to exec after entering chroot env. |
41 |
# |
42 |
|
43 |
if [ -n "${1}" ]; then |
44 |
USER="${1}" |
45 |
fi |
46 |
sudo /bin/linux32 /usr/bin/chroot /mnt/gentoo32 /bin/su - ${USER} |
47 |
|
48 |
|
49 |
Again, /mnt/gentoo32 is the location where you chroot is installed, |
50 |
change it accordingly to match your environement and what was entered in |
51 |
/etc/sudoers. |
52 |
|
53 |
If all goes well, you should now be able to enter the chroot from a |
54 |
normal use as a normal user: |
55 |
|
56 |
brett@homer ~ $ uname -a |
57 |
Linux homer 2.6.14-gentoo-r2 #2 Fri Dec 9 13:31:31 CST 2005 x86_64 AMD Athlon(tm) 64 Processor 3400+ AuthenticAMD GNU/Linux |
58 |
|
59 |
brett@homer ~ $ ch32 |
60 |
|
61 |
brett@homer(i686) ~ $ uname -a |
62 |
Linux homer 2.6.14-gentoo-r2 #2 Fri Dec 9 13:31:31 CST 2005 i686 AMD Athlon(tm) 64 Processor 3400+ AuthenticAMD GNU/Linux |
63 |
|
64 |
You can also log in as root: |
65 |
brett@homer ~ $ ch32 root |
66 |
homer(i686) ~ # |
67 |
|
68 |
Now you may have noticed, I append (i686) to my prompt. This is becuase |
69 |
I tend to have many terms open, and sometimes forget which term is to |
70 |
which system I am working on. Having the machine name is great, but in |
71 |
the chroot environment it's the same as the host. I modified the |
72 |
/etc/bash/bashrc (or /etc/profile if using an older bash) in the chroot |
73 |
environment like this: |
74 |
|
75 |
if [[ ${EUID} == 0 ]] ; then |
76 |
PS1='\[\033[01;31m\]\h(`uname -m`)\[\033[01;34m\] \W \$\[\033[00m\] ' |
77 |
else |
78 |
PS1='\[\033[01;32m\]\u@\h(`uname -m`)\[\033[01;34m\] \w \$\[\033[00m\] ' |
79 |
fi |
80 |
|
81 |
I just added (`uname -m`) to each prompt. I made the same changes to the |
82 |
promptsbelow these, in case I log in from a non-color terminal (unlikely, |
83 |
but who knows). |
84 |
|
85 |
I am still working out a few issues with this script; |
86 |
1) the DISPLAY variable does not get set by default. |
87 |
2) how to pass additional args to the chroot shell (eg. launch cedega |
88 |
from script in 64 bit land) |
89 |
|
90 |
But so far, this seems to work really well for me. |
91 |
|
92 |
|
93 |
Brett |
94 |
-- |
95 |
gentoo-amd64@g.o mailing list |