Friday, July 21, 2017

schroot for Mageia

To easily manage single or multiple chroot environments, schroot, a sophisticated and highly flexible change-root management tool, may be employed. I'm most interested in first using schroot to test beta versions of Crossover.

Chroot jails are commonly employed to add an additional level of security to some Linux services like ftp or http servers. If an attacker gains control of the server, he is trapped in the chroot jail and cannot easily harm the entire system. As well, chroot is often employed in a "rescue" mode where Linux is launched from a DVD of CD and the damaged root filesystem is run from a chroot to make repairs easier.

To see how a chroot environment for Mageia is created, refer to the Chroot HOWTO in the Mageia Wiki.

Mageia appears to have incorporated schroot from Debian because it makes for building and testing RPMs easier when they also use iurt.

Since schroot was initially developed on Debian systems, much of the technical information is focused on that particular distribution of Linux. Even the example configuration file is written for Debian and no one has bothered to change it for Mageia.

One of the benefits of schroot is that you can easily install different versions of your chroot environment and start with a clean install. Using the unionfs system, you can have a consistent base environment and install development libraries on top of that, then easily delete the build environment leaving a clean basesystem. In fact, this is just how the Mageia distribution is done, using an application called iurt to manage the build and schroot to create the build environment needs for each package.


HOWTO Create a chroot Cauldron environment lays down the basics of installing a baseline Mageia install.

You can install new packages from outside the chroot environment for example, by using --urpmi-root /mnt/chroot/mageia32. Alternatively, chroot into the environment and used the urpmi command as normal.

To launch a graphical desktop from the chroot environment is a little tricky. You need to provide the chroot with its own xserver, but not in the way you have an X server in your normal environment. The Ubuntu Help Community provides a good example as well as the Mageia wiki. Taken from there: 

Using Xnest
  • Install Xnest into your running host system
  urpmi x11-server-xnest
  
  • Run the following command outside the chroot:
  $ Xnest -ac :1
  
  • Then enter the chroot and load your graphical application as in the following example:
  $  export DISPLAY=localhost:1
  $ /usr/bin/mozilla
  

There is also Xephyr, a kdrive server that outputs to a window to a pre-existing X-server. From the same Mageia Wiki page:


Using Xephyr

  • Install Xephyr package into your running host system
  urpmi x11-server-xephyr
  
  • Run the following command outside the chroot:
  $ Xephyr -ac :1
  
  • Then enter the chroot and load your graphical application as in the following example:
  $  export DISPLAY=localhost:1
  $ /usr/bin/mozilla 
 
Although this will take some more experience on my part to use it correctly and then I can just script it.

Starting from scratch like this is a good way of seeing if there are any packages that Crossover needs to run that are not installed for some reason.


The ultimate target fr me and schroot is source-roots, or chroots with a union-type file system. There is an underlying filesystem that never changes with any modifications made disappearing upon exit.

what I would suggest is that your base system would be everything necessary to launch your app (cCrossover in my case) and the delete that app and use the base for a union-filesystem schroot. Then as updates occurr, you can always test them against a system known to work and not have to involve you daily desktop/laptop, run a virtual machine, or keep a spare computer.

RESOURCES

schroot Debian Wiki

debian chroots with schroot

schroot- Richard Darts - Debian Wiki


schroot - chroot for any user

schroot manpage


MaximumHoyt Mageia chroot HOWTO

Iurt Mageia Wiki

Mageia Bug Report

How to start Xorg-server inside plain chroot?

Accessing graphical applications inside the chroot




No comments: