WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki
« previous next »
Pages: [1]   Go Down

Author Topic: chroot documentation, what i need to read ?  (Read 2323 times)

Offline halma

  • Full Member
  • ***
  • Posts: 164
chroot documentation, what i need to read ?
« on: April 05, 2020, 03:10:23 PM »
Hi,

i want to run Bftpd into a chroot envoirement in Tinycore x64, at the moment i dont know howto setup a correctly and secure chroot envoirement for Bftpd in Tinycorelinux.
Tinycore is based on busybox so i think the correct way for learning how chroot works i need to read the man pages, docs of busybox for chroot ? Is that correct ?

Thanks
Logged
1 + 2 = 6  cause  10 - 6 = 78 ;-) lol

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11595
Re: chroot documentation, what i need to read ?
« Reply #1 on: April 05, 2020, 10:54:30 PM »
Hi halma
There's the busybox version:
Code: [Select]
tc@E310:~/C_Programs/ImageEdge$ busybox chroot --help
BusyBox v1.29.3 (2018-12-19 15:29:37 UTC) multi-call binary.

Usage: chroot NEWROOT [PROG ARGS]

Run PROG with root directory set to NEWROOT
tc@E310:~/C_Programs/ImageEdge$
Then there's the GNU version included in  coreutils.tcz  which has additional options:
Code: [Select]
tc@E310:~/C_Programs/ImageEdge$ chroot --help
Usage: chroot [OPTION] NEWROOT [COMMAND [ARG]...]
  or:  chroot OPTION
Run COMMAND with root directory set to NEWROOT.

  --groups=G_LIST        specify supplementary groups as g1,g2,..,gN
  --userspec=USER:GROUP  specify user and group (ID or name) to use
  --skip-chdir           do not change working directory to '/'
      --help     display this help and exit
      --version  output version information and exit

If no command is given, run '"$SHELL" -i' (default: '/bin/sh -i').

GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Report chroot translation bugs to <https://translationproject.org/team/>
Full documentation at: <https://www.gnu.org/software/coreutils/chroot>
or available locally via: info '(coreutils) chroot invocation'
tc@E310:~/C_Programs/ImageEdge$
Maybe this is of interest:
https://www.gnu.org/software/coreutils/manual/html_node/chroot-invocation.html#chroot-invocation
Logged

Offline halma

  • Full Member
  • ***
  • Posts: 164
Re: chroot documentation, what i need to read ?
« Reply #2 on: April 06, 2020, 01:05:33 PM »
Hi Rich,

thanks for your answer, would it be enough to run Bftpd with the chroot command like this :
Code: [Select]
chroot /my/chrootdir bftpd -d -c bftpd.conf
or do i need to create the chroot directory structur and copy needed files also too there ?
Code: [Select]
mkdir -pv dev/pts proc etc lib usr/lib var/run var/log ... copying /etc/passwd/groups.... and also copy shared libs
Thanks a lot
Logged
1 + 2 = 6  cause  10 - 6 = 78 ;-) lol

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11595
Re: chroot documentation, what i need to read ?
« Reply #3 on: April 06, 2020, 01:19:07 PM »
Hi halma
I've never used  chroot,  but since it's meant to prevent access outside of the  chrooted  directory, I would think you need to
have copies of required libraries, programs, etc. in that directory. That directory would therefore also need to exist in advance.

If you search for something like:
Code: [Select]
linux chroot examplesyou'll probably find better advice than I can offer.
Logged

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11595
Re: chroot documentation, what i need to read ?
« Reply #4 on: April 06, 2020, 01:29:11 PM »
Hi halma
Maybe you can adapt these instructions to your needs:
https://docs.oracle.com/html/E36387_02/ol_cj_sec.html
Logged

Online Juanito

  • Administrator
  • Hero Member
  • *****
  • Posts: 14803
Re: chroot documentation, what i need to read ?
« Reply #5 on: April 06, 2020, 01:48:41 PM »
You could also look at linuxfromscratch to see how they construct a changeroot environment.
Logged
Pages: [1]   Go Up
« previous next »