1 |
On Tue, Mar 16, 2010 at 01:27:46PM +0100, Sebastian Beßler wrote: |
2 |
> Am Dienstag, 16. März 2010 12:22:56 schrieb Alex Alexander: |
3 |
> > On Tue, Mar 16, 2010 at 10:23:06AM +0100, Sebastian Beßler wrote: |
4 |
> > > Am 16.03.2010 02:56, schrieb Duncan: |
5 |
> > > > I posted the link to the guide in the doomsday thread pretty much |
6 |
> > > > concurrently to the discussion here, but for convenience, here's the |
7 |
> > > > link: |
8 |
> > > > |
9 |
> > > > http://www.gentoo.org/proj/en/base/amd64/howtos/index.xml?part=1&chap=2 |
10 |
> > > |
11 |
> > > What I don't like with this guide is that you have to be root to chroot |
12 |
> > > into and run the applications as root inside of the chroot. |
13 |
> > |
14 |
> > You don't need to be root in the chroot to run applications. Just create |
15 |
> > a user in the chroot and switch: |
16 |
> > |
17 |
> > su - youruser |
18 |
> |
19 |
> That is not really a solution, because all it need to be root again is a |
20 |
> simple exit. And chroot-root can break out of the chroot without problem. |
21 |
> |
22 |
> And you still need to be root to enter the chroot so you must always type in |
23 |
> your root password to start a simple app, even if you drop root inside the |
24 |
> chroot. So this is nothing more then a really fragile hack, to me at last. |
25 |
> |
26 |
> Greetings |
27 |
> |
28 |
> Sebastian |
29 |
|
30 |
I have a script that runs su - wired and I run that instead of /bin/bash |
31 |
(in my chroot script after all the necessary mounting, ofcourse) |
32 |
|
33 |
sudo chroot my_chroot /usr/local/bin/init_chroot_wired |
34 |
|
35 |
that script ends with an "exit" |
36 |
|
37 |
### /usr/local/bin/init_chroot_wired in my chroot ### |
38 |
|
39 |
#!/bin/bash |
40 |
env-update |
41 |
source /etc/profile |
42 |
su - wired |
43 |
exit |
44 |
|
45 |
so when I exit the chroot it dies instead of dropping me to the root |
46 |
chroot shell. |
47 |
|
48 |
-- |
49 |
Alex Alexander :: wired |
50 |
Gentoo Developer |
51 |
www.linuxized.com |