Howto: Debian 32-bit chroot on Salix64
Posted: 27. Dec 2013, 15:37
Why?
- Because Debian has a more stable version of Wine
- Because building a 32-bit Salix chroot is more annoying
- Because I can
How?
What you need
- cdebootstrap-static package: http://packages.debian.org/sid/cdebootstrap-static
Download the 64-bit version. It contains a tarball, which in turn contains a binary and helper files that you can use from e.g. the /root directory. Don't use debootstrap from SBO, it's really really old and may not work.
How it's done
With the cdebootstrap static tarball unpacked in /root...
Add these lines, or equivalent, to /etc/fstab.
This way the necessary virtual filesystems will be mounted on boot. Then
Edit /etc/apt/sources.list (you should probably add the security updates repo!), apt-get update, apt-get upgrade. apt-get install whatever it is you want. Add a limited user (running as root in a chroot offers no security!), make sure both root and limited user are password-locked.
Congratulations, you now have a working chroot.
Getting devices working
Unfortunately Salix and Debian use different GIDs for groups like audio, etc. so you won't be able to just bind-mount /dev. You'll have to generate the device nodes you want manually... Or, you can use mdev, which is much more convenient.
Getting X working
First, you probably want your terminals to work; so add this to the host /etc/fstab
and run 'mount -a' again.
Anyway, there are two ways to get X working.
1. The safe way
This doesn't open any holes on the host, and has the advantage of offering protection against keylogging - keystrokes in the root window can't be logged from within the guest window.
First, make sure Xephyr is installed on the host OS, and run it:
Make sure the DISPLAY variable on the guest is correct:
Run stuff. (Preferably make sure a window manager is running in Xephyr first.)
2. The easy way
Allow local X connections on your host:
Run stuff; it will appear in your root window with everything else. Note however the disadvantage: any local user can connect to your display, and possibly log keystrokes. Therefore this method is not safe on multi-user systems.
That's all for now. Happy chrooting!
[Update 1: mdev comes with a config file, let's actually use it.]
[Update 2: yes, we want xterm to work, don't we? ]
- Because Debian has a more stable version of Wine
- Because building a 32-bit Salix chroot is more annoying
- Because I can
How?
What you need
- cdebootstrap-static package: http://packages.debian.org/sid/cdebootstrap-static
Download the 64-bit version. It contains a tarball, which in turn contains a binary and helper files that you can use from e.g. the /root directory. Don't use debootstrap from SBO, it's really really old and may not work.
How it's done
With the cdebootstrap static tarball unpacked in /root...
Code: Select all
# mkdir /home/chroot32
# ./cdebootstrap --arch=i386 wheezy /home/chroot32/ http://ftp.us.debian.org/debian
...
Code: Select all
none /home/chroot32/proc proc defaults 0 0
none /home/chroot32/sys sysfs defaults 0 0
Code: Select all
# mount -a
# chroot /home/chroot32
Code: Select all
# apt-get install <whatever>
# useradd -m -G audio -s /bin/bash foobar
# su - foobar
Getting devices working
Unfortunately Salix and Debian use different GIDs for groups like audio, etc. so you won't be able to just bind-mount /dev. You'll have to generate the device nodes you want manually... Or, you can use mdev, which is much more convenient.
Code: Select all
# apt-get install busybox
# cp /usr/share/doc/busybox/examples/mdev_fat.conf /etc/mdev.conf
# busybox mdev -s
First, you probably want your terminals to work; so add this to the host /etc/fstab
Code: Select all
none /home/chroot32/dev/pts devpts defaults 0 0
Anyway, there are two ways to get X working.
1. The safe way
This doesn't open any holes on the host, and has the advantage of offering protection against keylogging - keystrokes in the root window can't be logged from within the guest window.
First, make sure Xephyr is installed on the host OS, and run it:
Code: Select all
host$ Xephyr -screen 800x600 :1
Code: Select all
chroot$ export DISPLAY=:1
2. The easy way
Allow local X connections on your host:
Code: Select all
host$ xhost +local:all
That's all for now. Happy chrooting!
[Update 1: mdev comes with a config file, let's actually use it.]
[Update 2: yes, we want xterm to work, don't we? ]