Difference between revisions of "Change root"
(→Example) |
m (→Example) |
||
| Line 139: | Line 139: | ||
sudo chroot myroot | sudo chroot myroot | ||
passwd # set a password | passwd # set a password | ||
| − | useradd -m -s /bin/bash user | + | useradd -m -s /bin/bash ''user'' |
| − | passwd user # set a password | + | passwd ''user'' # set a password |
# in a shell outside the chroot: | # in a shell outside the chroot: | ||
sudo pacman -S xorg-server-xnest | sudo pacman -S xorg-server-xnest | ||
| Line 152: | Line 152: | ||
pacman -S firefox | pacman -S firefox | ||
exit | exit | ||
| − | sudo chroot --userspec=user myroot | + | sudo chroot --userspec=''user'' myroot |
DISPLAY=:1 | DISPLAY=:1 | ||
openbox & | openbox & | ||
Revision as of 10:23, 6 February 2013
zh-CN:Change Root Chroot is the process of changing of the apparent disk root directory (and the current running process and its children) to another root directory. When you change root to another directory you cannot access files and commands outside that directory. This directory is called a chroot jail. Changing root is commonly done for system maintenance, such as reinstalling the bootloader or resetting a forgotten password.
Contents
Requirements
- You'll need to boot from another working Linux environment (e.g. from a LiveCD or USB flash media, or from another installed Linux distribution).
- Root privileges are required in order to chroot.
- Be sure that the architecture of the Linux environment you have booted into matches the architecture of the root directory you wish to enter (i.e. i686, x86_64). You can find the architecture of your current environment with:
-
# uname -m
- If you need any kernel modules loaded in the chroot environment, load them before chrooting. It may also be useful to initialize your swap (
swapon /dev/sdxY) and to establish an internet connection before chrooting.
Mount the partitions
The root partition of the Linux system that you're trying to chroot into needs to be mounted first. To find out the device name assigned by the kernel, run:
# lsblk /dev/sda
You can also run the following to get an idea of your partition layout.
# fdisk -l
Now create a directory where you would like to mount the root partition and mount it:
# mkdir /mnt/arch # mount /dev/sda3 /mnt/arch
Next, if you have separate partitions for other parts of your system (e.g. /boot, /home, /var, etc), you should mount them, as well:
# mount /dev/sda1 /mnt/arch/boot/ # mount /dev/sdb5 /mnt/arch/home/ # mount ...
While it's possible to mount filesystems after you've chrooted, it is more convenient to do so beforehand. The reasoning for this is that you'll have to unmount the temporary filesystems after you exit the chroot, so this lets you umount all the filesystems with a single command. This also allows for a safer shutdown. Because the external Linux environment knows all mounted partitions, it can safely unmount them during shutdown.
Change root
Mount the temporary filesystems:
mount commands can be replaced with arch-chroot /mnt/arch, if the root partition was mounted in that location. Of course, you may still type these, if you want, or if you only have some other "live" Linux distribution.# cd /mnt/arch # mount -t proc proc proc/ # mount -t sysfs sys sys/ # mount -o bind /dev dev/ # mount -t devpts pts dev/pts/
If you established an internet connection and want to use it in the chroot environment, you may have to copy over your DNS servers so that you will be connected to the network:
# cp -L /etc/resolv.conf etc/resolv.conf
Now chroot into your installed system and define your shell:
# chroot . /bin/bash
chroot: cannot run command '/bin/bash': Exec format error, it is likely that the two architectures do not match.Optionally, to source your Bash configuration (~/.bashrc and /etc/bash.bashrc), run:
# source ~/.bashrc # source /etc/profile
Optionally, create a unique prompt to be able to differentiate your chroot environment:
# export PS1="(chroot) $PS1"
Run graphical chrooted applications
If you have X running on your system, you can start graphical applications from the chroot environment.
To allow the connection to your X server, you have to run the following from a terminal:
# xhost +
Then, to direct the applications to your X server, run:
# export DISPLAY=:0.0
Perform system maintenance
At this point you can perform whatever system maintenance you require inside the chroot environment. A few common examples are:
- Reinstall the bootloader.
- Rebuild your initramfs image.
- Upgrade or downgrade packages.
- Reset a forgotten password.
Exit the chroot environment
When you're finished with system maintenance, exit the chroot:
# exit
Then unmount the temporary filesystems and any mounted devices:
# umount {proc,sys,dev,boot,[...],}
Finally, attempt to unmount your root partition:
# cd .. # umount arch/
/mnt (or any other partition) is busy, this can mean one of two things:
- A program was left running inside of the chroot.
- Or, more frequently, a sub-mount still exists (e.g.
/mnt/arch/bootwithin/mnt/arch). Check withlsblkto see if there are any mountpoints left:
-
lsblk /dev/sda
- If you are still unable to unmount a partition, use the
--forceoption:
-
# umount -f /mnt
After this, you will be able to safely reboot.
Example
This may protect your system from Internet attacks during browsing:
cd mkdir myroot sudo pacman -i arch-install-scripts sudo mount --bind myroot myroot # pacstrap must see myroot as mounted sudo pacstrap -i myroot base base-devel sudo mount -t proc proc myroot/proc/ sudo mount -t sysfs sys myroot/sys/ sudo mount -o bind /dev myroot/dev/ sudo mount -t devpts pts myroot/dev/pts/ sudo cp -i /etc/resolv.conf myroot/etc/ sudo chroot myroot passwd # set a password useradd -m -s /bin/bash user passwd user # set a password # in a shell outside the chroot: sudo pacman -S xorg-server-xnest Xnest -ac :1 # continue inside the chroot: pacman -S xterm xterm pacman -S xorg-server xorg-xinit xorg-server-utils pacman -S openbox pacman -S ttf-dejavu pacman -S firefox exit sudo chroot --userspec=user myroot DISPLAY=:1 openbox & firefox
See also: Basic Chroot