Setting Up a 32-bit chroot Environment in Ubuntu
May 30, 2007
A chroot environment is essentially a complete self-contained Linux
installation that is nested within the main system. There are several reasons
one might want to do this. It can be used to try out new (or old) Ubuntu or
Debian releases, for development or packaging for other releases, or for
running software that’s designed for another architecture. You can even have
several chroot environments on the same system if you like. The chroot
environment has it’s root somewhere in your filesystem, usually under
/var/chroot, with its own libraries, system binaries, etc. The
chroot command is used to change the root directory to that of the
chroot environment so that the rest of the system is hidden.
I am mainly interested in the last of the three usages I mentioned above.
Specifically, I need to run i386 programs on my AMD 64 system when there are
no native 64-bit versions available. I will outline the steps I took to
create a 32-bit chroot environment on Ubuntu Feisty Fawn (7.04). I will make
the root directory /var/chroot/feisty_i386, but you can name it whatever
you like. These steps should also translate to previous and future releases
by simply changing feisty to breezy or warty or whatever comes next
(see Releases on the Ubuntu Wiki).
The following instructions assume you are root, hence the #
prompt. First, you need to install debootstrap which allows you
to install a basic Ubuntu (which based on Debian) system from scratch, without
the need for apt or dpkg. Installing from the
repository should be fine as long as the chroot environment you wish to belongs
to the same release that’s running on the main system. That is, if you want a
Feisty i386 chroot environment on a Feisty amd64 system, go ahead and install
from the repositories:
# apt-get install debootstrap
If you want a Breezy amd64 chroot on a Feisty amd64 system, you should
download an older version of the debootstrap package. See
DebootstrapChroot on the Ubuntu Wiki for more details.
You will also need the dchroot package which provides a
convenient way to use the various chroot environments you set up. You will
need to install the package, make sure that the chroot directory of your choice
exists, and configure dchroot:
# apt-get install dchroot
# mkdir /var/chroot
To configure dchroot, edit the file /etc/dchroot.conf and add the line
feisty_i386 /var/chroot/feisty_i386
making sure to use the appropriate path and label for your system.
The next step is to install the new environment. I want an i386 Feisty environment so I use:
# debootstrap --variant=buildd --arch i386 feisty /var/chroot/feisty_i386 http://archive.ubuntu.com/ubuntu/
Your new system should now be installed. In order to configure it so that it’s usable, and to be able to install packages from the network, do the following:
# cp /etc/resolv.conf /var/chroot/feisty_i386/etc/resolv.conf
# cp /etc/apt/sources.list /var/chroot/feisty_i386/etc/apt/
# chroot /var/chroot/feisty_i386/
# apt-get update
# apt-get install gnupg locales dialog # Some fundamental packages
# apt-get update
# locale-gen en_US.UTF-8 # Change this to your locale.
# tzconfig # Configure your time zone.
# exit
Note that if you install a different release in the chroot, you should edit
your sources.list to point to the correct repositories. You probably also
want to install some basic packages like vim so that you can edit any
config files you need to. Switching to your new chroot is as easy as running
dchroot -d as root (or dchroot -d -c feisty_i386if you have more than one
chroot).
The above only works if you are root. You may want to set things up so that you can chroot as a normal user and still have access to your home directory. This requires copying the user and group configuration files from the main system. You can hard link them if they are on the same partition. To copy them over:
# cp /etc/passwd /var/chroot/feisty_i386/etc/
# sed 's/\([^:]*\):[^:]*:/\1:*:/' /etc/shadow | tee /var/chroot/feisty_i386/etc/shadow
# cp /etc/group /var/chroot/feisty_i386/etc/
# cp /etc/hosts /var/chroot/feisty_i386/etc/
The sed line above removes the encrypted passwords from the
shadow file. They aren’t needed since no one will be logging in to the chroot
environment. This is for security reasons, to prevent the shadow file from
being available in two places.
If you would rather hard link the files so they remain synchronized:
# cd /var/chroot/feisty_i386/etc
# rm passwd shadow group gshadow hosts
# ln /etc/passwd
# ln /etc/shadow
# ln /etc/group
# ln /etc/gshadow
# ln /etc/hosts
If you are paranoid about having your shadow file in two places, you can still use the sed line above instead of hard linking the shadow file. Just remember that if you add or remove users, you will need to update the file in the chroot environment as well if you want them to be able to access it.
If you want users to be able to use sudo in the chroot:
# cp /etc/sudoers /var/chroot/feisty_i386/etc/
# chroot /var/chroot/feisty_i386
# dpkg-reconfigure passwd
# passwd <username>
# apt-get install sudo
Add the following lines to /etc/sudoers (in the chroot):
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
Finally, if you want your home directory and other filesystems to be
available in the chroot, edit /etc/fstab (the real one for the
main system) and add the following:
/home /var/chroot/feisty_i386/home none bind 0 0
/tmp /var/chroot/feisty_i386/tmp none bind 0 0
/media/cdrom /var/chroot/feisty_i386/media/cdrom none bind 0 0
/dev /var/chroot/feisty_i386/dev none bind 0 0
proc-chroot /var/chroot/feisty_i386/proc proc defaults 0 0
devpts-chroot /var/chroot/feisty_i386/dev/pts devpts defaults 0 0
Make sure the cdrom mount point exists:
# mkdir /var/chroot/feisty_i386/media/cdrom
then mount all the filesystems:
# mount -a
If you want the prompt to give the chroot name when you are using it, edit
/var/chroot/feisty_i386/etc/debian_chroot and add the line
feisty_i386
making sure to change this to whatever you named your chroot.
Now you can use the chroot as a normal user by running dchroot -d, or
dchroot -d -c feisty_i386 if you have more than one.
References
- DebootstrapChroot on the Ubuntu Wiki