chroot sandbox question

krafczyk · 08-06-2012, 08:14 AM

I decided to try something which I guess is strange, but I haven't been able to figure out why. Here is what I did.

Code:

mkdir -p /home/user/chroot/{bin,lib}
sudo mount --bind /bin /home/user/chroot/bin
sudo mount --bind /lib /home/user/chroot/lib
sudo chroot /home/user/chroot

I get the error:

Code:

chroot: failed to run command `/bin/bash': No such file or directory

The thing is /home/user/chroot/bin/bash exists since I bind mounted the directory.

In addition, there are procedures which bind mount proc and sys and then chroot into a livecd or something at which point proc and sys are available.

So basically, why doesn't the chroot know about the bind mounted /bin/bash? Why is this procedure I'm doing incorrect? I figure for what I'm doing I don't need proc or sys and that I would get other errors if not including them int he chroot was causing the problem.

aus9 · 08-09-2012, 08:26 PM

assuming you have unpacked an iso or squashfile etc try this

Code:

su (or sudo su)
cd /home/user/chroot
mount --bind /proc proc && mount --bind /sys sys && mount --bind /dev dev && mount --bind /dev/pts dev/pts 
chroot .

krafczyk · 08-09-2012, 08:35 PM

The point of this question is to avoid copying the literal programs into the chroot directory, thus saving space, when a sandbox build is required.