1 | .\" Copyright © 2005-2007 Roger Leigh <rleigh@debian.org> |
---|
2 | .\" |
---|
3 | .\" schroot is free software: you can redistribute it and/or modify it |
---|
4 | .\" under the terms of the GNU General Public License as published by |
---|
5 | .\" the Free Software Foundation, either version 3 of the License, or |
---|
6 | .\" (at your option) any later version. |
---|
7 | .\" |
---|
8 | .\" schroot is distributed in the hope that it will be useful, but |
---|
9 | .\" WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
10 | .\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
---|
11 | .\" General Public License for more details. |
---|
12 | .\" |
---|
13 | .\" You should have received a copy of the GNU General Public License |
---|
14 | .\" along with this program. If not, see |
---|
15 | .\" <http://www.gnu.org/licenses/>. |
---|
16 | .\" |
---|
17 | .TH DCHROOT-DSA 1 "@RELEASE_DATE@" "Version @VERSION@" "Debian sbuild" |
---|
18 | .SH NAME |
---|
19 | dchroot\-dsa \- enter a chroot environment |
---|
20 | .SH SYNOPSIS |
---|
21 | .B dchroot\-dsa |
---|
22 | .RB [ \-h \[or] \-\-help " \[or] " \-V \[or] \-\-version |
---|
23 | .RB " \[or] " \-l \[or] \-\-list " \[or] " \-i \[or] \-\-info |
---|
24 | .RB " \[or] " \-\-config " \[or] " -p | \-\-listpaths ] |
---|
25 | .RB [ "\-d \fIdirectory\fP" \[or] "\-\-directory=\fIdirectory\fP" ] |
---|
26 | .RB [ \-q \[or] \-\-quiet " \[or] " \-v \[or] \-\-verbose ] |
---|
27 | .RB [ "\-c \fIchroot\fP" \[or] "\-\-chroot=\fIchroot\fP" |
---|
28 | .RB " \[or] " \-\-all " \[or] " CHROOT] |
---|
29 | .RB [ COMMAND ] |
---|
30 | .SH DESCRIPTION |
---|
31 | \fBdchroot\-dsa\fP allows the user to run a command or a login shell in a |
---|
32 | chroot environment. If no command is specified, a login shell will be started |
---|
33 | in the user's home directory inside the chroot. |
---|
34 | .PP |
---|
35 | The user's environment will be preserved inside the chroot. |
---|
36 | .PP |
---|
37 | The command is a single argument which must be an absolute path to the program. |
---|
38 | Additional options are not permitted. |
---|
39 | .PP |
---|
40 | The directory the command or login shell is run in depends upon the context. |
---|
41 | See \fI\-\-directory\fP option below for a complete description. |
---|
42 | .PP |
---|
43 | This version of dchroot\-dsa is a compatibility wrapper around the |
---|
44 | .BR schroot (1) |
---|
45 | program. It is provided for backward compatibility with the dchroot\-dsa |
---|
46 | command-line options, but schroot is recommended for future use. See the |
---|
47 | section \[lq]\fIMigration\fP\[rq] below for help migrating your existing |
---|
48 | dchroot\-dsa configuration to schroot. See the section |
---|
49 | \[lq]\fIIncompatibilities\fP\[rq] below for known incompatibilities with older |
---|
50 | versions of dchroot\-dsa. |
---|
51 | .PP |
---|
52 | .SH OPTIONS |
---|
53 | \fBdchroot\-dsa\fP accepts the following options: |
---|
54 | .SS Basic options |
---|
55 | .TP |
---|
56 | .BR \-h ", " \-\-help |
---|
57 | Show help summary. |
---|
58 | .TP |
---|
59 | .BR \-a ", " \-\-all |
---|
60 | Select all chroots. Note that earlier versions of dchroot\-dsa did not include |
---|
61 | this option. |
---|
62 | .TP |
---|
63 | .BR \-c ", " \-\-chroot=\fIchroot\fP |
---|
64 | Specify a chroot to use. This option may be used multiple times to specify |
---|
65 | more than one chroot, in which case its effect is similar to \fI\-\-all\fP. If |
---|
66 | this option is not used, the first non-option argument specified the chroot to |
---|
67 | use. Note that earlier versions of dchroot\-dsa did not include this option. |
---|
68 | .TP |
---|
69 | .BR \-l ", " \-\-list |
---|
70 | List all available chroots. |
---|
71 | .TP |
---|
72 | .BR \-i ", " \-\-info |
---|
73 | Print detailed information about the available chroots. Note that earlier |
---|
74 | versions of dchroot\-dsa did not include this option. |
---|
75 | .TP |
---|
76 | .BR \-p ", " \-\-listpaths |
---|
77 | Print absolute locations (paths) of the available chroots. |
---|
78 | .TP |
---|
79 | .BR \-\-config |
---|
80 | Print configuration of the available chroots. This is useful for testing that |
---|
81 | the configuration in use is the same as the configuration file. Any comments |
---|
82 | in the original file will be missing. Note that earlier versions of |
---|
83 | dchroot\-dsa did not include this option. |
---|
84 | .TP |
---|
85 | .BR \-d ", " \-\-directory=\fIdirectory\fP |
---|
86 | Change to \fIdirectory\fP inside the chroot before running the command or login |
---|
87 | shell. If \fIdirectory\fP is not available, dchroot\-dsa will exit with an |
---|
88 | error status. |
---|
89 | .IP |
---|
90 | The default behaviour (all directory paths are inside the chroot) is to run the |
---|
91 | login shell or command in the user's home directory, or \fI/\fP if the home |
---|
92 | directory is not available. If none of the directories are available, |
---|
93 | dchroot\-dsa will exit with an error status. |
---|
94 | .TP |
---|
95 | .BR \-q ", " \-\-quiet |
---|
96 | Print only essential messages. Note that earlier versions of dchroot\-dsa did |
---|
97 | not include this option. |
---|
98 | .TP |
---|
99 | .BR \-v ", " \-\-verbose |
---|
100 | Print all messages. Note that earlier versions of dchroot\-dsa did not include |
---|
101 | this option. |
---|
102 | .TP |
---|
103 | .BR \-V ", " \-\-version |
---|
104 | Print version information. |
---|
105 | .SH CONFIGURATION |
---|
106 | The original \fBdchroot\-dsa\fP configuration file, \fI@DCHROOT_CONF@\fP, used |
---|
107 | by earlier versions of dchroot\-dsa, has the following format: |
---|
108 | .IP \[bu] |
---|
109 | \[oq]#\[cq] starts a comment line. |
---|
110 | .IP \[bu] |
---|
111 | Blank lines are ignored. |
---|
112 | .IP \[bu] |
---|
113 | Chroot definitions are a single line containing an \f[CBI]identifier\fP, |
---|
114 | \f[CBI]path\fP, and \f[CBI]users\fP, an optional user list separated by |
---|
115 | whitespace (space and tab), or a colon (\[oq]:\[cq]), semicolon (\[oq];\[cq]), |
---|
116 | or comma (\[oq],\[cq]). |
---|
117 | .PP |
---|
118 | An example file: |
---|
119 | .PP |
---|
120 | .RS |
---|
121 | \f[CR]# Example comment\fP |
---|
122 | .br |
---|
123 | \f[CR]\fP |
---|
124 | .br |
---|
125 | \f[CR]sarge /srv/chroot/sarge\fP |
---|
126 | .br |
---|
127 | \f[CR]sid /srv/chroot/sid rleigh,fred\fP |
---|
128 | .br |
---|
129 | .RE |
---|
130 | .PP |
---|
131 | This file defines a chroot called \[oq]sarge\[cq], located at |
---|
132 | \fI/srv/chroot/sarge\fP, and a second chroot called \[oq]sid\[cq], located at |
---|
133 | \fI/srv/chroot/sid\fP. The second chroot specifies that it may only be used by |
---|
134 | the users \[lq]rleigh\[rq] and \[lq]fred\[rq]. |
---|
135 | .SH INCOMPATIBILITIES |
---|
136 | .SS DSA dchroot |
---|
137 | .IP \[bu] |
---|
138 | Log messages are worded and formatted differently. |
---|
139 | .IP \[bu] |
---|
140 | dchroot\-dsa provides a restricted subset of the functionality implemented by |
---|
141 | \fBschroot\fP, but is still schroot underneath. Thus dchroot\-dsa is still |
---|
142 | subject to schroot security checking, including PAM authentication and |
---|
143 | authorisation, and session management, for example, and hence may behave |
---|
144 | slightly differently to earlier versions of dchroot\-dsa in some circumstances. |
---|
145 | .SS Debian dchroot |
---|
146 | A \fBdchroot\fP package provides an alternative dchroot implementation. |
---|
147 | .IP \[bu] |
---|
148 | All the above incompatibilities apply. |
---|
149 | .IP \[bu] |
---|
150 | This version of dchroot has incompatible command-line options, and while some |
---|
151 | of those options are supported or have equivalent options by a different name, |
---|
152 | the \fI\-c\fP option is required to specify a chroot. It also allows a shell |
---|
153 | script to be used as the option instead of a single absolute path, and allows |
---|
154 | multiple command options instead of a single option. |
---|
155 | .IP \[bu] |
---|
156 | This version of dchroot has an incompatible format for \fIdchroot.conf\fP. |
---|
157 | While the first two fields are the same, the third field is a optional |
---|
158 | \f[CBI]personality\fP, instead of the \f[CI]users\fP user list permitted to |
---|
159 | access the chroot allowed by this version. If personality support is needed, |
---|
160 | please use \fIschroot.conf\fP and add the allowed users there, as shown in |
---|
161 | \[lq]\fIMigration\fP\[rq] below. |
---|
162 | .SH MIGRATION |
---|
163 | To migrate an existing \fBdchroot\-dsa\fP configuration to \fBschroot\fP, |
---|
164 | perform the following steps: |
---|
165 | .IP 1 |
---|
166 | Dump the dchroot\-dsa configuration in schroot keyfile format to |
---|
167 | \fI@SCHROOT_CONF@\fP. |
---|
168 | .PP |
---|
169 | .RS |
---|
170 | \f[CR]# \f[CB]dchroot\-dsa --config >> @SCHROOT_CONF@ |
---|
171 | .br |
---|
172 | .RE |
---|
173 | .PP |
---|
174 | .IP 2 |
---|
175 | Edit \fI@SCHROOT_CONF@\fP to add access to the users and/or groups which are to |
---|
176 | be allowed to access the chroots, and make any other desired changes to the |
---|
177 | configuration. See |
---|
178 | .BR schroot.conf (5). |
---|
179 | .IP 3 |
---|
180 | Remove \fI@DCHROOT_CONF@\fP, so that dchroot\-dsa will subsequently use |
---|
181 | \fI@SCHROOT_CONF@\fP for its configuration. |
---|
182 | .SH EXAMPLES |
---|
183 | \f[CR]$ \f[CB]dchroot\-dsa -l\fP\fP |
---|
184 | .br |
---|
185 | \f[CR]Available chroots: sarge, sid\fP |
---|
186 | .br |
---|
187 | \f[CR]\fP |
---|
188 | .br |
---|
189 | \f[CR]$ \f[CB]dchroot\-dsa \-\-listpaths\fP\fP |
---|
190 | .br |
---|
191 | \f[CR]/srv/chroot/sarge\fP |
---|
192 | .br |
---|
193 | \f[CR]/srv/chroot/sid\fP |
---|
194 | .br |
---|
195 | \f[CR]\fP |
---|
196 | .br |
---|
197 | \f[CR]$ \f[CB]dchroot\-dsa \-q sid \-\- /bin/uname\fP\fP |
---|
198 | .br |
---|
199 | \f[CR]Linux\fP |
---|
200 | .br |
---|
201 | \f[CR]\fP |
---|
202 | .br |
---|
203 | \f[CR]$ \f[CB]dchroot\-dsa sid\fP\fP |
---|
204 | .br |
---|
205 | \f[CR]I: [sid chroot] Running login shell: \[lq]/bin/bash\[rq]\fP |
---|
206 | .br |
---|
207 | \f[CR]$ \fP |
---|
208 | .br |
---|
209 | .LP |
---|
210 | Note that the top line was echoed to standard error, and the remaining lines to |
---|
211 | standard output. This is intentional, so that program output from commands run |
---|
212 | in the chroot may be piped and redirected as required; the data will be the |
---|
213 | same as if the command was run directly on the host system. |
---|
214 | .SH TROUBLESHOOTING |
---|
215 | If something is not working, and it's not clear from the error messages what is |
---|
216 | wrong, try using the \fB\-\-debug=\fP\fIlevel\fP option to turn on debugging |
---|
217 | messages. This gives a great deal more information. Valid debug levels are |
---|
218 | \[oq]none\[cq], and \[oq]notice\[cq], \[oq]info\[cq], \[oq]warning\[cq] and |
---|
219 | \[oq]critical\[cq] in order of increasing severity. The lower the severity |
---|
220 | level, the more output. |
---|
221 | .PP |
---|
222 | If you are still having trouble, the developers may be contacted on the mailing |
---|
223 | list: |
---|
224 | .br |
---|
225 | \f[CR]Debian\ buildd-tools\ Developers |
---|
226 | .br |
---|
227 | <buildd-tools-devel@lists.alioth.debian.org>\fP |
---|
228 | .SH BUGS |
---|
229 | None known at this time. |
---|
230 | .SH FILES |
---|
231 | .TP |
---|
232 | \f[BI]@DCHROOT_CONF@\fP |
---|
233 | The system-wide \fBdchroot\-dsa\fP chroot definition file. This file must be |
---|
234 | owned by the root user, and not be writable by other. If present, this file |
---|
235 | will be used in preference to \fI@SCHROOT_CONF@\fP. |
---|
236 | .TP |
---|
237 | \f[BI]@SCHROOT_CONF@\fP |
---|
238 | The system-wide \fBschroot\fP definition file. This file must be owned by the |
---|
239 | root user, and not be writable by other. It is recommended that this file be |
---|
240 | used in preference to \fI@DCHROOT_CONF@\fP, because the chroots can be used |
---|
241 | interchangeably with schroot, and the user and group security policies provided |
---|
242 | by schroot are also enforced. |
---|
243 | .SH AUTHORS |
---|
244 | Roger Leigh. |
---|
245 | .PP |
---|
246 | This implementation of dchroot\-dsa uses the same command-line options as |
---|
247 | the \fBdchroot\fP found on machines run by the Debian System Administrators for |
---|
248 | the Debian Project. These machines have a \fBdchroot-dsa\fP source package |
---|
249 | which provides a \fBdchroot\-dsa\fP package, written by Ben Collins |
---|
250 | \f[CR]<bcollins@debian.org>\fP and Martin Schulze \f[CR]<joey@debian.org>\fP. |
---|
251 | .SH COPYRIGHT |
---|
252 | Copyright \(co 2005\-2007 Roger Leigh \f[CR]<rleigh@debian.org>\fP |
---|
253 | .PP |
---|
254 | \fBdchroot-dsa\fP is free software: you can redistribute it and/or modify it |
---|
255 | under the terms of the GNU General Public License as published by the Free |
---|
256 | Software Foundation, either version 3 of the License, or (at your option) any |
---|
257 | later version. |
---|
258 | .SH SEE ALSO |
---|
259 | .BR schroot (1), |
---|
260 | .BR sbuild (1), |
---|
261 | .BR chroot (2), |
---|
262 | .BR schroot-setup (5), |
---|
263 | .BR schroot.conf (5). |
---|
264 | .\"# |
---|
265 | .\"# The following sets edit modes for GNU EMACS |
---|
266 | .\"# Local Variables: |
---|
267 | .\"# mode:nroff |
---|
268 | .\"# fill-column:79 |
---|
269 | .\"# End: |
---|