source: trunk/debathena/third/schroot/man/schroot.1.in @ 24167

Revision 24167, 19.1 KB checked in by broder, 15 years ago (diff)
Import schroot upstream into subversion.
Line 
1.\" Copyright © 2005-2008  Roger Leigh <rleigh@debian.org>
2.\" Copyright © 2006       Andreas Bombe <aeb@debian.org>
3.\"
4.\" schroot is free software: you can redistribute it and/or modify it
5.\" under the terms of the GNU General Public License as published by
6.\" the Free Software Foundation, either version 3 of the License, or
7.\" (at your option) any later version.
8.\"
9.\" schroot is distributed in the hope that it will be useful, but
10.\" WITHOUT ANY WARRANTY; without even the implied warranty of
11.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12.\" General Public License for more details.
13.\"
14.\" You should have received a copy of the GNU General Public License
15.\" along with this program.  If not, see
16.\" <http://www.gnu.org/licenses/>.
17.\"
18.TH SCHROOT 1 "@RELEASE_DATE@" "Version @VERSION@" "Debian sbuild"
19.SH NAME
20schroot \- securely enter a chroot environment
21.SH SYNOPSIS
22.B schroot
23.RB [ \-h \[or] \-\-help " \[or] " \-V \[or] \-\-version
24.RB " \[or] " \-l \[or] \-\-list " \[or] " \-i \[or] \-\-info
25.RB " \[or] " \-\-config " \[or] " \-\-location
26.RB " \[or] " \-\-automatic\-session
27.RB " \[or] " \-b \[or] \-\-begin\-session " \[or] " \-\-recover\-session
28.RB " \[or] " \-r \[or] \-\-run\-session " \[or] " \-e \[or] \-\-end\-session ]
29.RB [ \-f \[or] "\-\-force" ]
30.RB [ "\-n \fIsession-name\fP" \[or] "\-\-session\-name=\fIsession-name\fP" ]
31.RB [ "\-d \fIdirectory\fP" \[or] "\-\-directory=\fIdirectory\fP" ]
32.RB [ "\-u \fIuser\fP" \[or] "\-\-user=\fIuser\fP" ]
33.RB [ \-p \[or] \-\-preserve\-environment ]
34.RB [ \-q \[or] \-\-quiet " \[or] " \-v \[or] \-\-verbose ]
35.RB [ "\-c \fIchroot\fP" \[or] "\-\-chroot=\fIchroot\fP"
36.RB " \[or] " \-\-all " \[or] " \-\-all\-chroots " \[or] " \-\-all\-sessions ]
37.RB [ COMMAND " [ " ARG1 " [ " ARG2 " [ " ARGn ]]]]
38.SH DESCRIPTION
39\fBschroot\fP allows the user to run a command or a login shell in a chroot
40environment.  If no command is specified, a login shell will be started in the
41user's current working directory inside the chroot.
42.PP
43The command is a program, plus as many optional arguments as required.  Each
44argument may be separately quoted.
45.PP
46The directory the command or login shell is run in depends upon the context.
47See \fI\-\-directory\fP option below for a complete description.
48.PP
49If the user is not an allowed user, or a member of the allowed groups (or if
50changing to root, the allowed root users or allowed root groups) for the
51specified chroot(s), the user will be required to authenticate themselves
52(typically with a password, but this depends upon the PAM configuration).  All
53chroot usage will be logged in the system logs.
54.PP
55If no chroot is specified, the chroot name or alias \[oq]default\[cq] will be
56used as a fallback.  This is equivalent to \[lq]\-\-chroot=default\[rq].
57.SH OPTIONS
58\fBschroot\fP accepts the following options:
59.SS Actions
60.TP
61.BR \-h ", " \-\-help
62Show help summary.
63.TP
64.BR \-V ", " \-\-version
65Print version information.
66.TP
67.BR \-l ", " \-\-list
68List all available chroots.
69.TP
70.BR \-i ", " \-\-info
71Print detailed information about the specified chroots.
72.TP
73.BR \-\-config
74Print configuration of the specified chroots.  This is useful for testing that
75the configuration in use is the same as the configuration file.  Any comments
76in the original file will be missing.
77.TP
78.BR \-\-location
79Print location (path) of the specified chroots.  Note that chroot types which
80can only be used within a session will not have a location until they are
81active.
82.SS General options
83.TP
84.BR \-q ", " \-\-quiet
85Print only essential messages.
86.TP
87.BR \-v ", " \-\-verbose
88Print all messages.
89.SS Chroot selection
90.TP
91.BR \-c ", " \-\-chroot=\fIchroot\fP
92Specify a chroot or active session to use.  This option may be used multiple
93times to specify more than one chroot, in which case its effect is similar to
94\fI\-\-all\fP.
95.TP
96.BR \-a ", " \-\-all
97Select all chroots and active sessions.  When a command has been specified, the
98command will be run in all chroots and active sessions.  If \fI\-\-info\fP has
99been used, display information about all chroots.  This option does not make
100sense to use with a login shell (when no command has been specified).  This
101option is equivalent to \[lq]\-\-all\-chroots \-\-all\-sessions\[rq].
102.TP
103.BR \-\-all\-chroots
104Select all chroots.  Identical to \fI\-\-all\fP, except that active sessions
105are not considered.
106.TP
107.BR \-\-all\-sessions
108Select all active sessions.  Identical to \fI\-\-all\fP, except that chroots
109are not considered.
110.SS Chroot environment
111.TP
112.BR \-d ", " \-\-directory=\fIdirectory\fP
113Change to \fIdirectory\fP inside the chroot before running the command or login
114shell.  If \fIdirectory\fP is not available, schroot will exit with an error
115status.
116.IP
117The default behaviour is as follows (all directory paths are inside the
118chroot).  A login shell is run in the current working directory.  If this is
119not available, it will try $HOME (when \fI\\-\-preserve\-environment\fP is
120used), then the user's home directory, and \fI/\fP inside the chroot in turn.
121A command is always run in the current working directory inside the chroot.  If
122none of the directories are available, schroot will exit with an error status.
123.TP
124.BR \-u ", " \-\-user=\fIuser\fP
125Run as a different user.  The default is to run as the current user.  If
126required, the user may be required to authenticate themselves with a password.
127.TP
128.BR \-p ", " \-\-preserve\-environment
129Preserve the user's environment inside the chroot environment.  The default is
130to use a clean environment; this option copies the entire user environment and
131sets it in the session.  The environment variables allowed are subject to
132certain restrictions; see the section \[lq]\fIEnvironment\fP\[rq], below.
133.SS Session actions
134.TP
135.BR \-\-automatic\-session
136Begin, run and end a session automatically.  This is the default action, so
137does not require specifying in normal operation.
138.TP
139.BR \-b ", " \-\-begin\-session
140Begin a session.  A unique session identifier (session ID) is returned on
141standard output.  The session ID is required to use the other session options.
142Note that the session identifier may be specified with the
143\fI\-\-session\-name\fP option.
144.TP
145.BR \-\-recover\-session
146Recover an existing session.  If an existing session has become unavailable,
147for example becoming unmounted due to a reboot, this option will make the
148session available for use again, for example by remounting it.  The session ID
149is specified with the \fI\-\-chroot\fP option.
150.TP
151.BR \-r ", " \-\-run\-session
152Run an existing session.  The session ID is specified with the \fI\-\-chroot\fP
153option.
154.TP
155.BR \-e ", " \-\-end\-session
156End an existing session.  The session ID is specified with the \fI\-\-chroot\fP
157option.
158.SS Session options
159.TP
160.BR \-n ", " \-\-session\-name=\fIsession-name\fP
161Name a session.  The specified \fIsession-name\fP replaces the default session
162name containing an automatically-generated session ID.
163.TP
164.BR \-f ", " \-\-force
165Force a session operation, even if it would otherwise fail.  This may be used
166to forcibly end a session, even if it has active users.  This does not
167guarantee that the session will be ended cleanly; filesystems may not be
168unmounted, for example.
169.SH EXAMPLES
170.SS List available chroots
171\f[CR]% \f[CB]schroot \-l\fP\fP\[CR]
172.br
173\f[CR]default\fP
174.br
175\f[CR]etch\fP
176.br
177\f[CR]sid\fP
178.br
179\f[CR]testing\fP
180.br
181\f[CR]unstable\fP
182.SS Get information about a chroot
183\f[CR]%\ \f[CB]schroot\ \-i\ \-c\ sid\fP\fP\[CR]
184.br
185\f[CR]\ \ \[em]\[em]\[em]\ Chroot\ \[em]\[em]\[em]\fP
186.br
187\f[CR]\ \ Name\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ sid\fP
188.br
189\f[CR]\ \ Description\ \ \ \ \ \ \ \ \ \ \ \ Debian sid (unstable)\fP
190.br
191\f[CR]\ \ Type\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ plain\fP
192.br
193\f[CR]\ \ Priority\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 3\fP
194.br
195\f[CR]\ \ Users\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ rleigh\fP
196.br
197\f[CR]\ \ Groups\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ sbuild\fP
198.br
199\f[CR]\ \ Root\ Users\fP
200.br
201\f[CR]\ \ Root\ Groups\ \ \ \ \ \ \ \ \ \ \ \ sbuild\fP
202.br
203\f[CR]\ \ Aliases\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ unstable\ unstable\-sbuild\ unstable\-p\fP
204.br
205\f[CR]owerpc\-sbuild\fP
206.br
207\f[CR]\ \ Environment\ Filter\ \ \ \ \ ^(BASH_ENV|CDPATH|ENV|HOSTALIASES|I\fP
208.br
209\f[CR]FS|KRB5_CONFIG|KRBCONFDIR|KRBTKFILE|KRB_CONF|LD_.*|LOCALDOMA\fP
210.br
211\f[CR]IN|NLSPATH|PATH_LOCALE|RES_OPTIONS|TERMINFO|TERMINFO_DIRS|TE\fP
212.br
213\f[CR]RMPATH)$\fP
214.br
215\f[CR]\ \ Run\ Setup\ Scripts\ \ \ \ \ \ true\fP
216.br
217\f[CR]\ \ Script\ Configuration\ \ \ script\-defaults\fP
218.br
219\f[CR]\ \ Session\ Managed\ \ \ \ \ \ \ \ true\fP
220.br
221\f[CR]\ \ Personality\ \ \ \ \ \ \ \ \ \ \ \ linux32\fP
222.br
223\f[CR]\ \ Location\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ /srv/chroot/sid\fP
224.LP
225Use \fI\-\-all\fP or \fI\-c\fP multiple times to use all or multiple chroots,
226respectively.
227.SS Running commands in a chroot
228\f[CR]% \f[CB]schroot \-c sid /bin/ls\fP\fP\[CR]
229.br
230\f[CR][sid chroot] Running command: \[lq]/bin/ls\[rq]\fP
231.br
232\f[CR]CVS          sbuild\-chroot.c   sbuild\-session.h  schroot.conf.5\fP
233.br
234\f[CR]Makefile     sbuild\-chroot.h   schroot.1         schroot.conf.5.in\fP
235.br
236\f[CR]Makefile.am  sbuild\-config.c   schroot.1.in\fP
237.br
238\f[CR]Makefile.in  sbuild\-config.h   schroot.c\fP
239.br
240\f[CR]pam          sbuild\-session.c  schroot.conf\fP
241.PP
242\f[CR]% \f[CB]schroot \-c sid \-\- ls \-1 | head \-n 5\fP\fP\[CR]
243.br
244\f[CR][sid chroot] Running command: \[lq]ls \-1\[rq]\fP
245.br
246\f[CR]ABOUT\-NLS\fP
247.br
248\f[CR]AUTHORS\fP
249.br
250\f[CR]COPYING\fP
251.br
252\f[CR]ChangeLog\fP
253.br
254\f[CR]INSTALL\fP
255.LP
256Use \fI\-\-\fP to allow options beginning with \[oq]\-\[cq] or \[oq]\-\-\[cq]
257in the command to run in the chroot.  This prevents them being interpreted as
258options for schroot itself.  Note that the top line was echoed to standard
259error, and the remaining lines to standard output.  This is intentional, so
260that program output from commands run in the chroot may be piped and redirected
261as required; the data will be the same as if the command was run directly on
262the host system.
263.SS Switching users
264\f[CR]% \f[CB]schroot \-c sid \-u root\fP\fP\[CR]
265.br
266\f[CR]Password:\fP
267.br
268\f[CR][sid chroot] (rleigh\[->]root) Running login shell: \[lq]/bin/bash\[rq]\fP
269.br
270\f[CR]# \fP
271.LP
272If the user \[oq]rleigh\[cq] was in \f[CI]root\-users\fP in
273\fI@SCHROOT_CONF@\fP, or one of the groups he belonged to was in
274\f[CI]root\-groups\fP, they would be granted root access without
275authentication, but the PAM authorisation step is still applied.
276.SS Sessions
277A chroot may be needed to run more than one command.  In particular, where the
278chroot is created on the fly from an LVM LV or a file on disc, there is a need
279to make the chroot persistent while a given task (or set of tasks) is
280performed.  Sessions exist for this purpose.  For simple chroot types such as
281\[oq]plain\[cq] and \[oq]directory\[cq], sessions may be created but are not
282strictly necessary.
283.PP
284Let's start by looking at a session-capable chroot:
285.PP
286\f[CR]%\ \f[CB]schroot\ \-i\ \-c\ sid\-snap\fP\fP\[CR]
287.br
288\f[CR]\ \ \[em]\[em]\[em]\ Chroot\ \[em]\[em]\[em]\fP
289.br
290\f[CR]\ \ Name\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ sid\-snap\fP
291.br
292\f[CR]\ \ Description\ \ \ \ \ \ \ \ \ \ \ \ Debian sid snapshot\fP
293.br
294\f[CR]\ \ Type\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ lvm\-snapshot\fP
295.br
296\f[CR]\ \ Priority\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 3\fP
297.br
298\f[CR]\ \ Users\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ maks rleigh\fP
299.br
300\f[CR]\ \ Groups\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ sbuild\fP
301.br
302\f[CR]\ \ Root\ Users\fP
303.br
304\f[CR]\ \ Root\ Groups\ \ \ \ \ \ \ \ \ \ \ \ root sbuild\fP
305.br
306\f[CR]\ \ Aliases\fP
307.br
308\f[CR]\ \ Environment\ Filter\ \ \ \ \ ^(BASH_ENV|CDPATH|ENV|HOSTALIASES|I\fP
309.br
310\f[CR]FS|KRB5_CONFIG|KRBCONFDIR|KRBTKFILE|KRB_CONF|LD_.*|LOCALDOMA\fP
311.br
312\f[CR]IN|NLSPATH|PATH_LOCALE|RES_OPTIONS|TERMINFO|TERMINFO_DIRS|TE\fP
313.br
314\f[CR]RMPATH)$\fP
315.br
316\f[CR]\ \ Run\ Setup\ Scripts\ \ \ \ \ \ true\fP
317.br
318\f[CR]\ \ Script\ Configuration\ \ \ script\-defaults\fP
319.br
320\f[CR]\ \ Session\ Managed\ \ \ \ \ \ \ \ true\fP
321.br
322\f[CR]\ \ Personality\ \ \ \ \ \ \ \ \ \ \ \ linux\fP
323.br
324\f[CR]\ \ Device\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ /dev/hda_vg/sid_chroot\fP
325.br
326\f[CR]\ \ Mount\ Options\ \ \ \ \ \ \ \ \ \ \-o atime,async,user_xattr\fP
327.br
328\f[CR]\ \ Source\ Users\fP
329.br
330\f[CR]\ \ Source\ Groups\ \ \ \ \ \ \ \ \ \ root rleigh\fP
331.br
332\f[CR]\ \ Source\ Root\ Users\fP
333.br
334\f[CR]\ \ Source\ Root\ Groups\ \ \ \ \ root rleigh\fP
335.br
336\f[CR]\ \ LVM\ Snapshot\ Options\ \ \ \-\-size 2G \-c 128\fP
337.PP
338Note that the \fISession Managed\fP option is set to \[oq]true\[cq].  This is a
339requirement in order to use session management, and is supported by most chroot
340types.  Next, we will create a new session:
341.PP
342\f[CR]% \f[CB]schroot \-b \-c sid\-snap\fP\fP\[CR]
343.br
344\f[CR]sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d4ccc899f0f\fP
345.PP
346The session ID of the newly-created session is returned on standard output.  It
347is common to store it like this:
348.PP
349\f[CR]% \f[CB]SESSION=$(schroot \-b \-c sid\-snap)\fP\fP\[CR]
350.br
351\f[CR]% \f[CB]echo $SESSION\fP\fP\[CR]
352.br
353\f[CR]sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d4ccc899f0f\fP
354.PP
355The session may be used just like any normal chroot.  This is what the session
356looks like:
357.PP
358\f[CR]%\ \f[CB]schroot\ \-i\ \-c\ sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d4ccc899f0f\fP\fP\[CR]
359.br
360\f[CR]\ \ \[em]\[em]\[em]\ Session\ \[em]\[em]\[em]\fP
361.br
362\f[CR]\ \ Name\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d\fP
363.br
364\f[CR]4ccc899f0f\fP
365.br
366\f[CR]\ \ Description\ \ \ \ \ \ \ \ \ \ \ \ Debian sid snapshot\fP
367.br
368\f[CR]\ \ Type\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ lvm\-snapshot\fP
369.br
370\f[CR]\ \ Priority\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ 3\fP
371.br
372\f[CR]\ \ Users\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ maks rleigh\fP
373.br
374\f[CR]\ \ Groups\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ sbuild\fP
375.br
376\f[CR]\ \ Root\ Users\fP
377.br
378\f[CR]\ \ Root\ Groups\ \ \ \ \ \ \ \ \ \ \ \ root sbuild\fP
379.br
380\f[CR]\ \ Aliases\fP
381.br
382\f[CR]\ \ Environment\ Filter\ \ \ \ \ ^(BASH_ENV|CDPATH|ENV|HOSTALIASES|I\fP
383.br
384\f[CR]FS|KRB5_CONFIG|KRBCONFDIR|KRBTKFILE|KRB_CONF|LD_.*|LOCALDOMA\fP
385.br
386\f[CR]IN|NLSPATH|PATH_LOCALE|RES_OPTIONS|TERMINFO|TERMINFO_DIRS|TE\fP
387.br
388\f[CR]RMPATH)$\fP
389.br
390\f[CR]\ \ Run\ Setup\ Scripts\ \ \ \ \ \ true\fP
391.br
392\f[CR]\ \ Script\ Configuration\ \ \ script\-defaults\fP
393.br
394\f[CR]\ \ Session\ Managed\ \ \ \ \ \ \ \ true\fP
395.br
396\f[CR]\ \ Personality\ \ \ \ \ \ \ \ \ \ \ \ linux\fP
397.br
398\f[CR]\ \ Mount\ Location\ \ \ \ \ \ \ \ \ /var/lib/schroot/mount/sid\-snap\-461\fP
399.br
400\f[CR]95b04\-0893\-49bf\-beb8\-0d4ccc899f0f\fP
401.br
402\f[CR]\ \ Path\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ /var/lib/schroot/mount/sid\-snap\-461\fP
403.br
404\f[CR]95b04\-0893\-49bf\-beb8\-0d4ccc899f0f\fP
405.br
406\f[CR]\ \ Mount\ Device\ \ \ \ \ \ \ \ \ \ \ /dev/hda_vg/sid\-snap\-46195b04\-0893\-\fP
407.br
408\f[CR]49bf\-beb8\-0d4ccc899f0f\fP
409.br
410\f[CR]\ \ Device\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ /dev/hda_vg/sid_chroot\fP
411.br
412\f[CR]\ \ Mount\ Options\ \ \ \ \ \ \ \ \ \ \-o\ atime,async,user_xattr\fP
413.br
414\f[CR]\ \ Source\ Users\fP
415.br
416\f[CR]\ \ Source\ Groups\ \ \ \ \ \ \ \ \ \ root\ rleigh\fP
417.br
418\f[CR]\ \ Source\ Root\ Users\fP
419.br
420\f[CR]\ \ Source\ Root\ Groups\ \ \ \ \ root\ rleigh\fP
421.br
422\f[CR]\ \ LVM\ Snapshot\ Device\ \ \ \ /dev/hda_vg/sid\-snap\-46195b04\-0893\-\fP
423.br
424\f[CR]49bf\-beb8\-0d4ccc899f0f\fP
425.br
426\f[CR]\ \ LVM\ Snapshot\ Options\ \ \ \-\-size\ 2G\ \-c\ 128\fP
427.PP
428Now the session has been created, commands may be run in it:
429.PP
430\f[CR]% \f[CB]schroot \-r \-c sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d4ccc899f0f \-\- uname \-sr\fP\fP\[CR]
431.br
432\f[CR]I: [sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d4ccc899f0f chroot] Running command: \[lq]uname \-sr\[rq]\fP
433.br
434\f[CR]Linux 2.6.18\-3\-powerpc\fP
435.br
436\f[CR]% \f[CB]schroot \-r \-c $SESSION \-\- uname \-sr\fP\fP\[CR]
437.br
438\f[CR]I: [sid\-snap\-fe170af9\-d9be\-4800\-b1bd\-de275858b938 chroot] Running command: \[lq]uname \-sr\[rq]\fP
439.br
440\f[CR]Linux 2.6.18\-3\-powerpc\fP
441.PP
442When all the commands to run in the session have been performed, the session
443may be ended:
444.PP
445\f[CR]% \f[CB]schroot \-e \-c sid\-snap\-46195b04\-0893\-49bf\-beb8\-0d4ccc899f0f\fP\fP\[CR]
446.br
447\f[CR]% \f[CB]schroot \-e \-c $SESSION\fP\fP\[CR]
448.PP
449Finally, the session names can be long and unwieldy.  A name may be specified
450instead of using the automatically generated session ID:
451.PP
452\f[CR]% \f[CB]schroot \-b \-c sid\-snap \-n my\-session\-name\fP\fP\[CR]
453.br
454\f[CR]my\-session\-name\fP
455.SH TROUBLESHOOTING
456If something is not working, and it's not clear from the error messages what is
457wrong, try using the \fB\-\-debug=\fP\fIlevel\fP option to turn on debugging
458messages.  This gives a great deal more information.  Valid debug levels are
459\[oq]none\[cq], and \[oq]notice\[cq], \[oq]info\[cq], \[oq]warning\[cq] and
460\[oq]critical\[cq] in order of increasing severity.  The lower the severity
461level, the more output.
462.PP
463If you are still having trouble, the developers may be contacted on the mailing
464list:
465.br
466\f[CR]Debian\ buildd-tools\ Developers
467.br
468<buildd-tools-devel@lists.alioth.debian.org>\fP
469.SH BUGS
470On the \fBmips\fP and \fBmipsel\fP architectures, Linux kernels up to and
471including at least version 2.6.17 have broken
472.BR personality (2)
473support, which results in a failure to set the personality.  This will be seen
474as an \[lq]Operation not permitted\[rq] (EPERM) error.  To work around this
475problem, set \f[CI]personality\fP to \[oq]undefined\[cq], or upgrade to a more
476recent kernel.
477.SH ENVIRONMENT
478By default, the environment is not preserved, and the following environment
479variables are defined: HOME, LOGNAME, PATH, SHELL, TERM (preserved if already
480defined), and USER.  The environment variables SCHROOT_COMMAND, SCHROOT_USER,
481SCHROOT_GROUP, SCHROOT_UID and SCHROOT_GID are set inside the chroot specifying
482the command being run, the user name, group name, user ID and group ID,
483respectively.
484.PP
485The following, potentially dangerous, environment variables are removed for
486safety by default: BASH_ENV, CDPATH, ENV, HOSTALIASES, IFS, KRB5_CONFIG,
487KRBCONFDIR, KRBTKFILE, KRB_CONF, LD_.*, LOCALDOMAIN, NLSPATH, PATH_LOCALE,
488RES_OPTIONS, TERMINFO, TERMINFO_DIRS, and TERMPATH.  If desired, the
489\f[CI]environment\-filter\fP configuration key will allow the exclusion list to
490the modified; see
491.BR schroot.conf (5)
492for further details.
493.SH FILES
494.TP
495\f[BI]@SCHROOT_CONF@\fP
496The system-wide chroot definition file.  This file must be owned by the root
497user, and not be writable by other.
498.TP
499\f[BI]@SCHROOT_CONF_CHROOT_D@\fP
500Additional chroot definitions may be placed in files under this directory.
501They are treated in exactly that same manner as \fI@SCHROOT_CONF@\fP.  Each
502file may contain one or more chroot definitions.  Note that the files in this
503directory follow the same naming rules as
504.BR run\-parts (8)
505when run with the \fI\-\-lsbsysinit\fP option.
506.TP
507\f[BI]@SCHROOT_CONF_SETUP_D@\fP
508The system-wide chroot setup script directories.  See
509.BR schroot-setup (5).
510.TP
511\f[BI]/etc/pam.d/schroot\fP
512PAM configuration.
513.SH AUTHORS
514Roger Leigh.
515.SH COPYRIGHT
516Copyright \(co 2005\-2008  Roger Leigh \f[CR]<rleigh@debian.org>\fP
517.PP
518\fBschroot\fP is free software: you can redistribute it and/or modify it under
519the terms of the GNU General Public License as published by the Free Software
520Foundation, either version 3 of the License, or (at your option) any later
521version.
522.SH SEE ALSO
523.BR dchroot (1),
524.BR sbuild (1),
525.BR chroot (2),
526.BR run\-parts (8),
527.BR schroot\-setup (5),
528.BR schroot.conf (5).
529.\"#
530.\"# The following sets edit modes for GNU EMACS
531.\"# Local Variables:
532.\"# mode:nroff
533.\"# fill-column:79
534.\"# End:
Note: See TracBrowser for help on using the repository browser.