Tiny Core Linux
		Tiny Core Base => TCB Talk => Topic started by: halma on April 05, 2020, 03:10:23 PM
		
			
			- 
				Hi,
 
 i want to run Bftpd into a chroot envoirement in Tinycore x64, at the moment i dont know howto setup a correctly and secure chroot envoirement for Bftpd in Tinycorelinux.
 Tinycore is based on busybox so i think the correct way for learning how chroot works i need to read the man pages, docs of busybox for chroot ? Is that correct ?
 
 Thanks
- 
				Hi halma
 There's the busybox version:
 tc@E310:~/C_Programs/ImageEdge$ busybox chroot --help
 BusyBox v1.29.3 (2018-12-19 15:29:37 UTC) multi-call binary.
 
 Usage: chroot NEWROOT [PROG ARGS]
 
 Run PROG with root directory set to NEWROOT
 tc@E310:~/C_Programs/ImageEdge$
 Then there's the GNU version included in  coreutils.tcz  which has additional options:
 tc@E310:~/C_Programs/ImageEdge$ chroot --help
 Usage: chroot [OPTION] NEWROOT [COMMAND [ARG]...]
 or:  chroot OPTION
 Run COMMAND with root directory set to NEWROOT.
 
 --groups=G_LIST        specify supplementary groups as g1,g2,..,gN
 --userspec=USER:GROUP  specify user and group (ID or name) to use
 --skip-chdir           do not change working directory to '/'
 --help     display this help and exit
 --version  output version information and exit
 
 If no command is given, run '"$SHELL" -i' (default: '/bin/sh -i').
 
 GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
 Report chroot translation bugs to <https://translationproject.org/team/>
 Full documentation at: <https://www.gnu.org/software/coreutils/chroot>
 or available locally via: info '(coreutils) chroot invocation'
 tc@E310:~/C_Programs/ImageEdge$
 Maybe this is of interest:
 https://www.gnu.org/software/coreutils/manual/html_node/chroot-invocation.html#chroot-invocation
 
- 
				Hi Rich,
 
 thanks for your answer, would it be enough to run Bftpd with the chroot command like this :
 chroot /my/chrootdir bftpd -d -c bftpd.conf
 or do i need to create the chroot directory structur and copy needed files also too there ?
 mkdir -pv dev/pts proc etc lib usr/lib var/run var/log ... copying /etc/passwd/groups.... and also copy shared libs
 Thanks a lot
- 
				Hi halma
 I've never used  chroot,  but since it's meant to prevent access outside of the  chrooted  directory, I would think you need to
 have copies of required libraries, programs, etc. in that directory. That directory would therefore also need to exist in advance.
 
 If you search for something like:
 linux chroot examplesyou'll probably find better advice than I can offer.
 
- 
				Hi halma
 Maybe you can adapt these instructions to your needs:
 https://docs.oracle.com/html/E36387_02/ol_cj_sec.html
 
- 
				You could also look at linuxfromscratch to see how they construct a changeroot environment.