Re: Desktop user: Etch or the next testing?



On 4/4/07, Wei Chen <wchenhk@xxxxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Douglas Allan Tutty wrote:
> On Tue, Apr 03, 2007 at 08:33:49PM +0800, Wei Chen wrote:
>> Douglas Allan Tutty wrote:
>>
>>> So why not do both? Assuming that all your hardware runs under Etch,
>>> have a good etch setup that "just works", on one set of
>>> partitions/drives. Put /home on its own partition. Put Lenny on its
>>> own set of partitions. Then you can:
>>>
>>> Boot Etch and run etch's apps to get work done.
>>>
>>> Boot Etch and run Lenny's apps in a chroot to test out new
>>> features. This is simpler than compiling newer versions from
>>> source.
>>>
>>> Boot Lenny to see how its working.
>>>
>>> The first two can be done concurrently by different users.
>> I've never done it. I always set only one partition on the disk and put
>> everything in it whenever it is possible. I know there is chroot jail
>> and one can put a program in it (and copy all shared libraries that it
>> depends) to run. I've also heard (a little) of debootstrap using which
>> one can run a whole Debian operating system in a chroot jail. But I have
>> never had a chance to try those things. :)
>>
>
> Since you said you sometimes like to play, now's your chance.
>
I found that "chroot" can only be run by root. Why cannot it be run as a
normal user?

From the Wikipedia page on chroot:
"Only the root user can perform a chroot. This is intended to prevent
users from putting a setuid program inside a specially-crafted chroot
jail (for example, with a fake /etc/passwd file) that would fool it
into giving out privileges. It also, however, prevents non-root users
from using the chroot mechanism to create sandboxes of their own."

Also see the schroot package.
http://packages.debian.org/testing/admin/schroot

> I _always_ put /home on its own partition if nothing else.
>
I do not put /home on a separate partition because I never know how much
space I need for personal files and how much space I need for system
files. If I have another physical disk, I'd rather put backups on it.


I used to have that problem. But then I learnt about lvm and I now set
it up everytime, even on single disk systems, so that I have the
flexibility of being able to resize everything later.
--
Kushal


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx



Relevant Pages

  • Re: Need advice on setting of an SSH server for untrusted users
    ... > I've just set up an ssh server so that my customers can download code ... I've set up ssh so that it requires rsa authentication. ... There is a patch for openssh that will cause it to do a chroot like ... The issue with a chroot jail for ssh is that you have to hand-roll the ...
    (comp.os.linux.security)
  • Re: Linux chroot
    ... chroot jail natively. ... Shared Hosting, Reseller Hosting, Dedicated & Semi-Dedicated servers ...
    (comp.os.linux.security)
  • Re: migrating Debian GNU/Linux Etch to second SATA
    ... it on a new disk sdb in such a way that when the new disk is ... if sda and sdb are identical I use dd) of the old sda, ... and then inside the chroot I mount what i need: ...
    (Debian-User)
  • RE: Public Web server Help
    ... > that CHROOT may help lock users in. ... I heard chroot jail from a number of people. ... Will a SSHd chroot jail work differently then a 'normal' chroot jail? ... to facilitate one-on-one interaction with one of our expert instructors. ...
    (Security-Basics)
  • Re: chroot and BIND
    ... Subject: chroot and BIND ... It doesn't appear you actually need /etc/TIMEZONE in your chroot jail as ... but with a jail directory that looked more like 1). ...
    (Focus-SUN)