On Tue, Mar 16, 2010 at 01:27:46PM +0100, Sebastian Beßler wrote: > Am Dienstag, 16. März 2010 12:22:56 schrieb Alex Alexander: > > On Tue, Mar 16, 2010 at 10:23:06AM +0100, Sebastian Beßler wrote: > > > Am 16.03.2010 02:56, schrieb Duncan: > > > > I posted the link to the guide in the doomsday thread pretty much > > > > concurrently to the discussion here, but for convenience, here's the > > > > link: > > > > > > > > http://www.gentoo.org/proj/en/base/amd64/howtos/index.xml?part=1&chap=2 > > > > > > What I don't like with this guide is that you have to be root to chroot > > > into and run the applications as root inside of the chroot. > > > > You don't need to be root in the chroot to run applications. Just create > > a user in the chroot and switch: > > > > su - youruser > > That is not really a solution, because all it need to be root again is a > simple exit. And chroot-root can break out of the chroot without problem. > > And you still need to be root to enter the chroot so you must always type in > your root password to start a simple app, even if you drop root inside the > chroot. So this is nothing more then a really fragile hack, to me at last. > > Greetings > > Sebastian
I have a script that runs su - wired and I run that instead of /bin/bash
(in my chroot script after all the necessary mounting, ofcourse)
sudo chroot my_chroot /usr/local/bin/init_chroot_wired
that script ends with an "exit"
### /usr/local/bin/init_chroot_wired in my chroot ###
#!/bin/bash
env-update
source /etc/profile
su - wired
exit
so when I exit the chroot it dies instead of dropping me to the root
chroot shell.
--
Alex Alexander :: wired
Gentoo Developer
www.linuxized.com
pgpgQsllY1Uma.pgp
Description: PGP signature
