1 / 13

Maximizing Security and Accessibility with chroot

Learn how to use chroot to enhance security by isolating applications, troubleshooting errors, and gaining access to your system with ease. This guide covers chroot syntax, setup steps, and practical tips for utilizing this powerful tool effectively.

ralph-alvarez
Télécharger la présentation

Maximizing Security and Accessibility with chroot

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Saving Your Ass(ets) with chroot • Alan Bailward <alan@ufies.org> • April 15, 2004 • For the Fraser Valley Linux Users Group

  2. What is chroot? • Allows running of commands with an arbitrary root directory • Syntax: chroot NEWROOT [command] • Used to “jail” applications • Mostly used for security applications • i.e.: servers

  3. Getting in Trouble • Easy to have Linux problems • Errors on install • Broken kernel • Broken lilo • Normally you’re out of luck, to a degree, or need to deal with accessing things from a BootCD

  4. Getting Out of Trouble • The old way

  5. The Old way • Get to your system • Floppy • BootCD • Fix it • Mess with lilo/lilo.conf • Compile kernel, hope it works

  6. Getting Out of Trouble • The New Way

  7. Using chroot • Lets you access your system as it was • Full access to accurate /proc and /dev • No funky pathing • Easy to jump in and out of

  8. How To Use chroot 1 • Boot with BootCD • mkdir /mnt/new • mount /dev/hda1 /mnt/new • mount /dev/hda2 /mnt/new/boot • mount /dev/hda3 /mnt/new/var

  9. How To Use chroot 2 • mount -o bind /proc /mnt/new/proc/ • link the “real” /proc into your new file structure • mount -o bind /dev /mnt/new/dev/ • ditto for /dev (only for devfs systems)

  10. How To Use chroot 3 • cp /etc/resolv.conf /mnt/new/etc/ • need accurate network info • chroot /mnt/new /bin/bash • enter the system • env-update # gentoo only • update environment settings

  11. How To Use chroot 4 • You are now in a shell that is your old system • cd / puts you in your old / (really /mnt/new/) • Can run lilo, compile kernels, etc • To exit, type ‘exit’ to exit, then unmount disks and reboot

  12. Live Demo

  13. Questions?

More Related