Re: Daemons in schroot or how to start chroot automatically
On Sun, Jul 22, 2012 at 06:31:48PM +0200, Ramon Hofer wrote:
> On Sam, 2012-07-21 at 22:18 +0100, Roger Leigh wrote:
> > On Sat, Jul 21, 2012 at 11:54:58AM +0000, Ramon Hofer wrote:
> >
> > > Is there another one which I can use to set specific mounts?
> > > Like in my case the config dir in my home for sabnzbd?
> >
> > Not provided with the package. You could just
> > sudo cp -r /etc/schroot/default /etc/schroot/sabnzbd
> > and then set
> > script-config=/etc/schroot/sabnzdb/config
> > (you'll need to edit this file to update the paths in it from
> > /etc/schroot/default to /etc/schroot/sabnzdb.
>
> This has made me want to have a separate sid schroot for sabnzbd :-)
>
> That's why I renamed /srv/chroot/sid to /srv/chroot/sid-sab and the
> session name in /etc/schroot/schroot.conf to sid-sab too:
This is one place where schroot's support for cloned sessions may be
useful; if you use e.g. type=file|lvm-snapshot|btrfs-snapshot, you
can clone a session just for sab, and then make others for other
purposes, without having to physically copy the base chroot. For
a long-term persistent one I'd recommend file for simplicity (it
just unpacks a tarball of your chroot), or btrfs-snapshot if you
already use btrfs.
They will all share the same profile though; though in 1.6.x you
can configure schroot to allow these to be overridden on a per-
session basis.
> Because in my init.d script now both --session-name and --chroot are
> sid-sab I feared that this would lead to problems. But doesn't seem to.
> Is this true?
No. chroot names and session names are in separate "namespaces", so
it's allowed. They are actually named "chroot:sid-sab" and
"session:sid-sab" (run schroot -l). At least for the version of
schroot in wheezy and sid; it might not be exposed in the squeeze
version.
> > Did you run with "-u root" to switch to the root user inside the
> > chroot? If you don't use "-u" it will just run as the current
> > user, rather than switching. So long as one of the groups you
> > are a member of is in root-groups or root-users, you'll be
> > allowed to switch without a password. If you aren't in one of those,
> > you'll be prompted for a password IIRC.
>
> Aha, I thought my user would have the right to directly run commands
> like apt-get without sudo.
Not sure what you mean here.
sudo apt-get dist-upgrade
is the same as
schroot -c $chroot -u root -- apt-get dist-upgrade
You just don't get the switch to root as the default behaviour.
You can certainly run commands as root directly.
> But still when I run `sudo -u root` I get
> sudo: effective uid is not 0, is sudo installed setuid root?
This is /inside/ the chroot?
> I read that this could be because the filesystem is mounted with
> 'nosuid' [1]. But this isn't the case. Here's my fstab for this schroot:
I've never seen this. It's almost certainly due to the specific
filesystems or setup you have. Check if it's really set setuid root.
> I read that chroot doesn't create any overhead except disk space. So
> there's no drawback on using separate schroot environments for different
> daemons except the extra disk space?
Not really. And if you use e.g. btrfs snapshots, you avoid even
the space overhead.
> E.g. the python libraries are only loaded once for each sid session I
> run? No matter if python is installed in /srv/chroot/sid-sab and as well
> in a new /srv/chroot/sid-mythbackend?
No, they'll be separate files in this case, and hence loaded twice.
But if you use LVM or Btrfs snapshots they would be the same physical
disc blocks; and in the case of Btrfs the same file (AFAICK).
> And does it make sense to use different partitions for each chroot
> environment: Should I put /srv/chroot/sid-sab to an own partition?
> Atm I have a ~300 GB partition mounted to /srv. The /srv/chroot/sid-sab
> directory uses 466 MB so I could create a 5 GB partition for it?
That would be fine. Personally, I have each chroot on a btrfs
subvolume, that way there's no restrictions on how much each may
grow, and they can be freely snapshotted. You can then use
type=btrfs-snapshot or type=directory.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools
`- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800
Reply to: