Re: X applications under chroot
On Tue, 4 Oct 2005, Eduardo Costa Lisboa wrote:
How can I execute an X application, such as OpenOffice, under chroot?
you must:
1) retain environment variables (e.g. use the "-d" option of dchroot if
you use dchroot)
2) make available /tmp and /var/tmp in the chroot, making sure they are
bind mounted before running your program. I have the bind mounts in my
fstab, so that they are done automatically on boot. Here is an excerpt
from it (you will probably just need a small part of it):
# ia32 chroot
/dev /ia32/dev none rbind 0 3
/dev/pts /ia32/dev/pts none bind 0 4
/dev/shm /ia32/dev/shm none bind 0 4
/dev/.static/dev /ia32/dev/.static/dev none bind 0 4
/etc/passwd /ia32/etc/passwd none bind 0 3
/etc/shadow /ia32/etc/shadow none bind 0 3
/etc/group /ia32/etc/group none bind 0 3
/etc/gshadow /ia32/etc/gshadow none bind 0 3
/etc/hostname /ia32/etc/hostname none bind 0 3
/etc/hosts /ia32/etc/hosts none bind 0 3
#/home /ia32/home none bind 0 3
/proc /ia32/proc none rbind 0 3
/proc/bus/usb /ia32/proc/bus/usb none bind 0 4
/proc/sys/fs/binfmt_misc /ia32/proc/sys/fs/binfmt_misc none bind 0 4
/sys /ia32/sys none rbind 0 3
/tmp /ia32/tmp none rbind 0 3
/usr/tmp /ia32/usr/tmp none rbind 0 3
/var/tmp /ia32/var/tmp none rbind 0 3
/var/mail /ia32/var/mail none rbind 0 3
/var/www /ia32/var/www none rbind 0 3
/var/lock /ia32/var/lock none rbind 0 3
/var/run /ia32/var/run none rbind 0 3
/ /ia32/amd64 none rbind 0 3
/dev /ia32/amd64/dev none bind 0 4
/dev/pts /ia32/amd64/dev/pts none bind 0 5
/dev/shm /ia32/amd64/dev/shm none bind 0 5
/dev/.static/dev /ia32/amd64/dev/.static/dev none bind 0 5
/proc /ia32/amd64/proc none bind 0 4
/proc/bus/usb /ia32/amd64/proc/bus/usb none bind 0 5
/proc/sys/fs/binfmt_misc /ia32/amd64/proc/sys/fs/binfmt_misc none bind 0 5
/sys /ia32/amd64/sys none bind 0 4
This is actually redundant, you probably don't need /dev, /proc, /sys,
/var/lock, /var/run, /var/mail, /usr/tmp, /amd64 etc., but only /tmp and
/var/tmp to have working X in the chroot.
Moreover, my setup is redundant, because rbind already mounts recursively
underlying mounts, but I like having it explicit because it then makes it
easier to unmount things cleanly.
I have such an extensive setup because I have full 64 and 32 bit
installations, in sync with each other. This wastes some disk space (cheap
these days) but grants me more or less total 32 bit compatibility at all
levels, having the options to:
- run 64 bit apps when available
- run 32 bit apps from 64 bit environment
- run 32 bit apps in 32 bit environment in the chroot
The only thing which still causes me some headache is the debian
alternatives system in the chroot. It would be very nice if one could
just tell the debian package management system to use, system wide, a
given directory as its root for everything (unpacking, alternatives,
links...). Since I also have the 64 bit system available as /amd64 (both
in the native environment and in the 32bit chroot cage) and the 32 bit
system available as /ia32 (again both in the native environment and in
the 32bit chroot cage), I would then have a uniform name space in both
environments, making administration of (any number of) chrooted systems
a breeze. But this is dreaming... Anyway, my current setup works.
Hope this helps, bye
Giacomo
--
_________________________________________________________________
Giacomo Mulas <gmulas@ca.astro.it>
_________________________________________________________________
OSSERVATORIO ASTRONOMICO DI CAGLIARI
Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA)
Tel. (OAC): +39 070 71180 248 Fax : +39 070 71180 222
Tel. (UNICA): +39 070 675 4916
_________________________________________________________________
"When the storms are raging around you, stay right where you are"
(Freddy Mercury)
_________________________________________________________________
Reply to: