[Mageia-dev] starting openssh inside a chroot, as per mageia wiki

Glen Ogilvie nelg at linuxsolutions.co.nz
Sun Dec 30 09:26:54 CET 2012


On 28 December 2012 00:17, Pascal Terjan <pterjan at gmail.com> wrote:

> On Thu, Dec 27, 2012 at 10:55 AM, Guillaume Rousse
> <guillomovitch at gmail.com> wrote:
> > Le 27/12/2012 11:29, Pascal Terjan a écrit :
> >
> >>> It seems like the systemd way of starting would be:
> >>> systemctl start openssh.service
> >>>
> >>> But, then produces an error:
> >>>
> >>> [root at localhost /]# systemctl start openssh.service
> >>> Running in chroot, ignoring request.
> >>>
> >>>
> >>> So,  Any thoughts on what is the recommended way, and I'll be happy to
> >>> update the wiki to reflect this.
> >>
> >>
> >> Last time I tried, I gave up after various attempts and now went back
> >> to the basics: running "sshd" and killing it to stop it.
> >> Maybe I'll fetch some old initscript.
> >
> > I guess using a specific unit file, using builtin systemd chroot support,
> > should help. See http://0pointer.de/blog/projects/changing-roots for
> > details.
>
> Yes having an unit outside of the chroot with
> RootDirectoryStartOnly=yes would probably help (I had tried the "full
> system" chroot and couldn't get it to work and gave up after an hour)
> but this is annoying to not be able to start a daemon from inside the
> chroot which is what I usually want to do.
>


Well, good to see I am not the only one that can't get the chroot to work
anymore.
So, I suggest, for the minute, I edit the wiki to explain that the chroot
does not work.
I am open to suggestions as to what it should recommend?  maybe using a full
virtual machine?

What I have found so far is, using the two attached files, in the following
locations:
/lib/systemd/system/sshd-mageia3.service
/usr/local/bin/setup-cauldron-chroot.sh

setup fstab: echo 'none /mnt/chroot/cauldron/dev/pts devpts defaults 0 0'
>> /etc/fstab

Then, the chroot sshd can be started, using:
systemctl enable sshd-mageia3.service
systemctl start sshd-mageia3.service

which will start a chroot, but.. it's not ideal..  It sees mount points
from the host (/proc/mounts)
and of course, processes.


The recommended approach according to systemd, appears to be systemd-nspawn.
This may be viable, when systemd-nspawn is updated beyond the version in
Mageia 2.
It does not currently work, because dbus won't start, see bug:
https://bugzilla.redhat.com/show_bug.cgi?id=795038.   The work around
mentioned is
not supported in the version of systemd-nspawn that Mageia 2 uses.  This
looks like
it would work for Mageia3.

Glen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-dev/attachments/20121230/8de0fa69/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sshd-mageia3.service
Type: application/octet-stream
Size: 507 bytes
Desc: not available
URL: </pipermail/mageia-dev/attachments/20121230/8de0fa69/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: setup-cauldron-chroot.sh
Type: application/x-sh
Size: 449 bytes
Desc: not available
URL: </pipermail/mageia-dev/attachments/20121230/8de0fa69/attachment.sh>


More information about the Mageia-dev mailing list