Re: Daemons in schroot or how to start chroot automatically
On Fri, 20 Jul 2012 17:32:14 +0100, Roger Leigh wrote:
> On Fri, Jul 20, 2012 at 12:48:49PM +0000, Ramon Hofer wrote:
>> On Fri, 20 Jul 2012 10:42:58 +0100, Roger Leigh wrote:
>>
>> > On Thu, Jul 19, 2012 at 12:34:26PM +0000, Ramon Hofer wrote:
>> >> I have some questions about starting daemons in a chroot environment
>> >> or rather about starting schroot on bootup.
>> >> The reason I want to do this is to clean up my server. It's a
>> >> Squeeze with an AMD64 kernel from backports. Some packages are from
>> >> testing which gives me problems because of dependencies that can't
>> >> be fullfilled: sabnzbdplus from testing depends on python so I can't
>> >> install build- essential...
>> >>
>> >> So far I was able to setup a chroot with schroot and installed sid
>> >> in it.
>> >>
>> >> [sid]
>> >> description=Debian sid (unstable)
>> >> directory=/srv/chroot/sid users=hoferr groups=hoferr
>> >> root-groups=root aliases=unstable,default
>> >
>> > set type=directory here
>>
>> That sounds great what I can read in the schroot.conf manpage:
>> "In consequence, filesystems such as /proc are not mounted in
>> plain chroots; it is the responsibility of the system
>> administrator to configure such chroots by hand, whereas directory
>> chroots are automatically configured."
>>
>> This means I can remove the remounts of /proc, /dev and /sys to /srv/
>> chroot/sid/... from my /etc/fstab?
>
> Yes, exactly. You still have an fstab--it's /etc/schroot/default/fstab,
> though this is configurable (set script=config with schroot 1.4.x, or
> profile= with schroot 1.6.x).
Very nice!
This is the default fstab which is used for all schroots right?
Is there another one which I can use to set specific mounts?
Like in my case the config dir in my home for sabnzbd?
And I should copy/bind another config file. Is it possible to have
different /etc/schroot/default/copyfiles for different schroot
environments?
Something like /etc/schroot/[SCHROOT]/fstab and /etc/schroot/[SCHROOT]/
copyfiles would be very handy :-)
>> But when I try this out and comment the proc and dev remounts and
>> restart the system sabnzbd+ isn't started automatically and when I try
>> it when the init.d script manually I get:
>> [....] Starting SABnzbd+ binary newsgrabber:start-stop-daemon: nothing
>> in /proc - not mounted?
>> failed!
>
> Hmm, it should have mounted it. Try looking at the information reported
> with "-v"; you should see the 10mount script mount mounting the
> filesystems. If it doesn't, you should see an error at this point.
> Or, if the configuration is broken for some reason, maybe you'll see an
> absence of mounting. You should see the reverse happen when you end the
> session as well.
I found what I did wrong: In the init.d script I used chroot instead of
schroot:
http://pastebin.com/raw.php?i=Lamy4K4a
Could you please help me with the correct command?
Instead of `chroot /srv/chroot/sid /etc/init.d/sabnzbdplus start` can I
use `schroot -c sid sabnzbdplus start`?
Then this would be my new schroot script:
http://pastebin.com/raw.php?i=Lamy4K4a
>> >> In the chroot I have created a new user called hoferr and am now
>> >> able to login without root privilieges.
>> >> But in there sudo is missing. Maybe this can be resolved by
>> >> installing the correct base system meta package mentioned above?
>> >
>> > You could install sudo. But why? This is what schroot /is/ (chroot
>> > +
>> > sudo). If you want to do stuff as root inside the chroot,
>> > just add yourself to root-groups/root-users.
>>
>> Or start it with `sudo schroot -p -c sid`.
>
> That's a possibility, though I would personally just configure schroot
> to give me root access directly.
I have tried to set root-groups=root,sudo in /etc/schroot/schroot.conf
for the (only) but this doesn't give me root access (even though I'm
member of the sudo group outside the chroot and inside it as it seems
the /etc/group files are the same).
I've also tried to add my user directly to the root-groups without
success. What could I possibly do wrong?
>> I'm still using version 1.4.19. But this feature sounds very good!
>>
>> Btw I have accidentally run `schroot -v` instead -V to get the version
>> number. First I got a little shock but now the prompt shows the name of
>> the chroot I'm logged into even if I only do `schroot -p -c sid`.
>> That's great :-)
>
> Fantastic! That's one of the little details set up by the setup scripts
> (50chrootname). It will also handle other things like copying over the
> passwd database so you have the same accounts inside the chroot that you
> have on the host.
What do you mean by the setup script? Using the -v option?
Or is it `setup-start`? Should I run it after I've changed schroot.conf
which is maybe the solution to my problem with the permission from above?
Btw do you know a some documentation on how I schroot and chroot work? Is
it really only changing the root directory. I'm wondering because when I
install a package from sid it's not sure that it'll work with the Squeeze
kernel?
Cheers
Ramon
Reply to: