home 
wiki
wiki
DebianChrootHowto
- Introduction
- Planning
- Starting out
- Using your chroot jail
- Upgrading to Debian testing
- Installing software
Introduction
Perhaps you want to test the latest bleeding-edge release of the Apache webserver. Or maybe you would like to let some friends host a website on your production system without letting them near your pristine configuration. Maybe you are paranoid and like to keep each application seperate from each other to minimise potential security problems. Whatever your intentions for setting up a chroot jail, the last thing you need is to spend hours configuring each jailed environment. Enter debootstrap to create a Debian chroot jail - all the power and ease of Debian in the secure jail you demand!Planning
You need to have a clear idea of what you intend on achieving before you begin. This example will focus on running a webserver from the Debian distribution, to be administered by a friend who we don't trust enough to have an account on the host system.Goals
Our goals for the purpose of this example will be to:- Install and configure a webserver with supporting software (PHP, MySQL)
- Install supporting services to allow maintenance by our friend (SSH, WebDav).
Layout
Layout on the host system is non-consequental for operation of the jail, but careful planning will save you effort in the long-term. It makes sense to keep things laid out in a logical manner by keeping like things together. The basic purpose of chroot is to provide a filesystem sandbox, that is to remap one directory to be the root directory (/) for the chroot'ed program.To this end, I suggest you keep all chroot'ed jail directories in a common location. I like to use /chroot/<systemname>/ where systemname is a basic description of what the chroot jail is for.
Starting out
Create the host directory
mkdir -p /chroot/webserver
Install debootstrap
apt-get install debootstrap / up2date install debootstrap / ...
Install the base system
debootstrap --arch i386 woody /chroot/webserver
Using your chroot jail
Root shell
chroot /chroot/webserver /bin/bash chroot /chroot/webserver su -
Upgrading to Debian testing
apt-get for beginners
vi /etc/apt/sources.list apt-get update apt-get dist-upgrade
Installing software
Webserver
apt-get install apache php4 mysql-server
System administration
apt-get install ssh vi /etc/ssh/sshd_config /etc/init.d/ssh restart
Adding user accounts
vi /etc/adduser.conf adduser bob su - bob usermod -G www-data bob
adduser sally usermod -G www-data sally ...
Bother! I'm due to go out 30 minutes ago, and this is nowhere near finished! Check back soon to see the rest of the howto... untill then, adios! -- TysonClugg.
Version 2 (current) modified Mon, 26 Jul 2021 12:49:29 +0000 by graybeard
[EditText] [Spelling] [Current] [Raw] [Code] [Diff] [Subscribe] [VersionHistory] [Revert] [Delete] [RecentChanges]