From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2012-December/021039.html | 142 +++++++++++++++++++++++++++ 1 file changed, 142 insertions(+) create mode 100644 zarb-ml/mageia-dev/2012-December/021039.html (limited to 'zarb-ml/mageia-dev/2012-December/021039.html') diff --git a/zarb-ml/mageia-dev/2012-December/021039.html b/zarb-ml/mageia-dev/2012-December/021039.html new file mode 100644 index 000000000..f9921c01f --- /dev/null +++ b/zarb-ml/mageia-dev/2012-December/021039.html @@ -0,0 +1,142 @@ + + + + [Mageia-dev] starting openssh inside a chroot, as per mageia wiki + + + + + + + + + +

[Mageia-dev] starting openssh inside a chroot, as per mageia wiki

+ Glen Ogilvie + nelg at linuxsolutions.co.nz +
+ Sun Dec 30 09:26:54 CET 2012 +

+
+ +
On 28 December 2012 00:17, Pascal Terjan <pterjan at gmail.com> wrote:
+
+> On Thu, Dec 27, 2012 at 10:55 AM, Guillaume Rousse
+> <guillomovitch at gmail.com> wrote:
+> > Le 27/12/2012 11:29, Pascal Terjan a écrit :
+> >
+> >>> It seems like the systemd way of starting would be:
+> >>> systemctl start openssh.service
+> >>>
+> >>> But, then produces an error:
+> >>>
+> >>> [root at localhost /]# systemctl start openssh.service
+> >>> Running in chroot, ignoring request.
+> >>>
+> >>>
+> >>> So,  Any thoughts on what is the recommended way, and I'll be happy to
+> >>> update the wiki to reflect this.
+> >>
+> >>
+> >> Last time I tried, I gave up after various attempts and now went back
+> >> to the basics: running "sshd" and killing it to stop it.
+> >> Maybe I'll fetch some old initscript.
+> >
+> > I guess using a specific unit file, using builtin systemd chroot support,
+> > should help. See http://0pointer.de/blog/projects/changing-roots for
+> > details.
+>
+> Yes having an unit outside of the chroot with
+> RootDirectoryStartOnly=yes would probably help (I had tried the "full
+> system" chroot and couldn't get it to work and gave up after an hour)
+> but this is annoying to not be able to start a daemon from inside the
+> chroot which is what I usually want to do.
+>
+
+
+Well, good to see I am not the only one that can't get the chroot to work
+anymore.
+So, I suggest, for the minute, I edit the wiki to explain that the chroot
+does not work.
+I am open to suggestions as to what it should recommend?  maybe using a full
+virtual machine?
+
+What I have found so far is, using the two attached files, in the following
+locations:
+/lib/systemd/system/sshd-mageia3.service
+/usr/local/bin/setup-cauldron-chroot.sh
+
+setup fstab: echo 'none /mnt/chroot/cauldron/dev/pts devpts defaults 0 0'
+>> /etc/fstab
+
+Then, the chroot sshd can be started, using:
+systemctl enable sshd-mageia3.service
+systemctl start sshd-mageia3.service
+
+which will start a chroot, but.. it's not ideal..  It sees mount points
+from the host (/proc/mounts)
+and of course, processes.
+
+
+The recommended approach according to systemd, appears to be systemd-nspawn.
+This may be viable, when systemd-nspawn is updated beyond the version in
+Mageia 2.
+It does not currently work, because dbus won't start, see bug:
+https://bugzilla.redhat.com/show_bug.cgi?id=795038.   The work around
+mentioned is
+not supported in the version of systemd-nspawn that Mageia 2 uses.  This
+looks like
+it would work for Mageia3.
+
+Glen
+-------------- next part --------------
+An HTML attachment was scrubbed...
+URL: </pipermail/mageia-dev/attachments/20121230/8de0fa69/attachment.html>
+-------------- next part --------------
+A non-text attachment was scrubbed...
+Name: sshd-mageia3.service
+Type: application/octet-stream
+Size: 507 bytes
+Desc: not available
+URL: </pipermail/mageia-dev/attachments/20121230/8de0fa69/attachment.obj>
+-------------- next part --------------
+A non-text attachment was scrubbed...
+Name: setup-cauldron-chroot.sh
+Type: application/x-sh
+Size: 449 bytes
+Desc: not available
+URL: </pipermail/mageia-dev/attachments/20121230/8de0fa69/attachment.sh>
+
+ + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1