Since I got an access on a remote computer without root access, I was wondering how to build rpm and test it. Some time, I need to install packages, -devel packages as dependencies or my own packages to test them. It seems to me unfair to notiy this computer administrator each time I want a package installed. Since root access isnot a good method, I thinks the best one is to set up a chroot enviromment.
chroot envirionnement have plenty of avantage for building. You may build packages in a fresh environnement each time you want to build one, install packages or remove it, etc.
To create it, I've just created a chroot directory in my home directory. I copied /bin, /usr, /sbin, /var, /opt, /srv. You must then create dev, proc and sys, and mount the corresponding pseudo-filesystems. Then you canchange root. You may ask to your admin to mount e pseudo-filesystems and to give you access to chroot() syscall via sudo. You just need to ask for %user ALL NOPASSWD: /usr/sbin/chroot
In a nutshell, commands are :
mkdir $HOME/chroot
cp -r /bin /sbin /root /usr /opt /var /srv $HOME/chroot
mkdir $HOME/chroot/{proc,dev,sys}
As root (or ask your admin)
mount -t proc none /home/user/chroot/proc
mount -t sysfs none /home/user/chroot/sys
mount -t debugfs none /home/user/chroot/sys/kernel/debug
mount -o bind /dev /home/user/chroot/dev
Then you just have to do chroot $HOME/chroot /bin/bash
If you plan to share the chroot with other users, you should be carefull, as everyone may be root at the same time.
This is not so safe for your
This is not so safe for your admin, since "sudo chroot /" will give you root access to the main system.
by Olivier Blin May 26, 2009 - 22:36
Right ! In fact, admin should
Right ! In fact, admin should give right to execute /usr/sbin/chroot $HOME/chroot only.
And even this is not secure, since you could make chroot a symlink to /.
Admins should not authorize this unless they are willing to give you power over the complete system.
by Vincent-Xavier JUMEL May 26, 2009 - 23:07
Post new comment