From dde7b419537ee119d82582887b8f026efe956b4d Mon Sep 17 00:00:00 2001 From: Samuel Thibault Date: Thu, 9 Aug 2012 02:05:08 +0200 Subject: Add page about chroot configuration --- hurd/chroot.mdwn | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ hurd/running.mdwn | 2 ++ 2 files changed, 53 insertions(+) create mode 100644 hurd/chroot.mdwn (limited to 'hurd') diff --git a/hurd/chroot.mdwn b/hurd/chroot.mdwn new file mode 100644 index 00000000..60bf47b7 --- /dev/null +++ b/hurd/chroot.mdwn @@ -0,0 +1,51 @@ +[[!meta copyright="Copyright © 2012 Free Software Foundation, Inc."]] + +[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable +id="license" text="Permission is granted to copy, distribute and/or modify this +document under the terms of the GNU Free Documentation License, Version 1.2 or +any later version published by the Free Software Foundation; with no Invariant +Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license +is included in the section entitled [[GNU Free Documentation +License|/fdl]]."]]"""]] + +This documents the currently-needed tricks to successfully build a chroot in +GNU/Hurd. + +# Preparation + +For proper translator startup, the chroot storage needs to be handled by a +separate translator, for instance: + + # dd < /dev/zero > storage + # mke2fs storage + # settrans -c chroot /hurd/ext2fs $PWD/storage + +# Unpack + +Debootstrap should be able to build the content: + + # debootstrap sid chroot + +# Tricks + +One current issue to know about chroots is that since passive translators (e.g. +/servers/socket/pflocal) are started by the root translator, which is not aware +of the chrooting, these passive translators are started non-chrooted, leading to +a few issues. + +## Sockets + +Since the passive pflocal translator will not be chrooted, local socket creation +will actually happen in the root filesystem. To make things work correctly the +programs inside the chroot need to be able to access them: + + # settrans chroot/servers/socket/1 /hurd/firmlink /servers/socket/1 + # settrans chroot/tmp /hurd/firmlink /tmp + # settrans -c chroot/var/lib/dbus /hurd/firmlink /var/lib/dbus + +## Network + +Unless using a separate IP for the chroot, it is preferrable to share the pfinet translator: + + # settrans chroot/servers/socket/2 /hurd/firmlink /servers/socket/2 + # settrans chroot/servers/socket/26 /hurd/firmlink /servers/socket/26 diff --git a/hurd/running.mdwn b/hurd/running.mdwn index a96a78c4..a14106e1 100644 --- a/hurd/running.mdwn +++ b/hurd/running.mdwn @@ -23,3 +23,5 @@ There are several different ways to run a GNU/Hurd system: * [[FAQ]] * [[Public_hurd_boxen]] + +[[chroots|chroot]] need a couple of tricks to work properly. -- cgit v1.2.3