View previous topic :: View next topic |
Author |
Message |
joshualonsdale n00b
Joined: 30 Mar 2014 Posts: 6
|
Posted: Sun Mar 30, 2014 3:49 pm Post subject: Quick Question |
|
|
I made four Gentoo directories i'll list them now:
/boot
/core
/home
/server
I want to initialize /bin/bash from /core for a full path of /core/bin/bash
however I've tried updating all the config files, and when I chroot into it, it simply says cannot find /bin/bash.
The reasoning for this directory structure, is that i want to secure all the core and program files into one area, while the user
files and server files remain out of the core directory.
In summary, I want to write something that sets the terminal to
/core/bin/bash
Then go out of the core folder and lock it down, leaving it only open when needed, this could be a script I suppose, but until I figure out how
to link /shell/bashstart (linked to /core/bin/bash via soft link) to /core/bin/bash... I'm kinda of stuck at the moment. |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54243 Location: 56N 3W
|
Posted: Sun Mar 30, 2014 5:36 pm Post subject: |
|
|
joshualonsdale,
Welcome to Gentoo.
/bin must be on your root filesystem, wherever that is.
If you want to put things into chroot jails, thats fine but you need to copy everything they need to the jail too.
So your root filesystem will have /bin/bash.
You may Code: | cp -a /bin/bash /core/bin/bash | but ...
Code: | $ lddtree /bin/bash
/bin/bash (interpreter => /lib64/ld-linux-x86-64.so.2)
libreadline.so.6 => /lib64/libreadline.so.6
libncurses.so.5 => /lib64/libncurses.so.5
libdl.so.2 => /lib64/libdl.so.2
libc.so.6 => /lib64/libc.so.6 | bash needs a few libraries too, so you need to copy them too. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
joshualonsdale n00b
Joined: 30 Mar 2014 Posts: 6
|
Posted: Sun Mar 30, 2014 6:35 pm Post subject: Thanks. |
|
|
thanks. I'll give it a whirl. |
|
Back to top |
|
|
joshualonsdale n00b
Joined: 30 Mar 2014 Posts: 6
|
Posted: Sun Mar 30, 2014 7:14 pm Post subject: for the most part |
|
|
for the most part it worked, just missing a few config files.
I'll be redoing the config to set accordingly...
As you stated, I need all files on each jails, so I think the best way to handle this and I COULD BE WRONG,
make a root File System on the main drive (as bin/bash needs to be here.)
then create sub directory from that hosting the user jail.
create shortcuts (links) to the host core for the files they need, such as BIN and LIB, USR, ETC...
from there emerge in the user jail the desktop, this will hopefully not effect the root system.
implement quotas as needed.
and go from there... |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54243 Location: 56N 3W
|
Posted: Sun Mar 30, 2014 7:32 pm Post subject: |
|
|
joshualonsdale,
Almost .... your links won't work, if I follow your post correctly.
Consider the following
You have /bin/bash as the host system needs it.
From /core/bin/bash, you create a symlink to the host /bin/bash. It all looks good from the host.
Now you chroot /core /bin/bash. Once in the chroot, /core becomes / and the files on the host outside of /core vanish.
All your symlinks are broken ... nothing less than real files will do. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
joshualonsdale n00b
Joined: 30 Mar 2014 Posts: 6
|
Posted: Sun Mar 30, 2014 7:40 pm Post subject: actually |
|
|
i was going to do the correct files on the root filesystem
from there link to /core/bin/bash so that when the new root takes place, the files are loaded from root. |
|
Back to top |
|
|
joshualonsdale n00b
Joined: 30 Mar 2014 Posts: 6
|
Posted: Sun Mar 30, 2014 7:42 pm Post subject: So... |
|
|
If i see this right install bin/bash on root file system then copy to /core/bin/bash. easy enough.
Thanks for the help. |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54243 Location: 56N 3W
|
Posted: Sun Mar 30, 2014 9:04 pm Post subject: |
|
|
joshualonsdale,
As you say the copy is easy enough.
Run lddtree on whatever you copy to /core and copy the files it returns too. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
steveL Watchman
Joined: 13 Sep 2006 Posts: 5153 Location: The Peanut Gallery
|
Posted: Mon Mar 31, 2014 8:34 am Post subject: Re: Quick Question |
|
|
joshualonsdale wrote: | The reasoning for this directory structure, is that i want to secure all the core and program files into one area, while the user
files and server files remain out of the core directory. |
I use partitions and logical volumes for that. It means for instance I can set different permissions at the fs level, as well as tailor for particular workloads like /usr/portage vs distfiles. |
|
Back to top |
|
|
1clue Advocate
Joined: 05 Feb 2006 Posts: 2569
|
Posted: Mon Mar 31, 2014 4:47 pm Post subject: |
|
|
@joshualonsdale,
What constitutes a 'server' file? A database, or custom files for a web server, or what?
Generally speaking, the separation you want seems to be already there. Make a separate volume for /home, and a separate volume for wherever the server files are going, and you're done.
Don't mess with user permissions, and they won't be able to write outside of their home directory. Placing /home on a separate partition or logical volume makes it so nothing the user does regarding the filesystem will affect the server.
Putting databases and such on a separate partition or logical volume is also recommended.
See here: http://www.pathname.com/fhs/
Another thing that you seem to want based on your statements here is, you want a traditional core filesystem and then a separate /usr, which means you should stay away from systemd and gnome. The traditional approach specifies that a minimum amount of core software is placed in / and /bin and /sbin among others, and "extras" are placed in /usr and its subdirectories. The core in / is, theoretically, rarely written to and as such SHOULD be much less prone to error. So you can boot to some sort of usable system even if there's a problem with the more often updated /usr/* code.
The systemd proponents think this is silly and want to combine everything into the same sets of directories. Gnome is pretty much hardwired to need systemd, so if you want that then you're going with systemd. I'm not telling you which one to use, just saying that what you're trying for will be most likely affected by this choice. |
|
Back to top |
|
|
joshualonsdale n00b
Joined: 30 Mar 2014 Posts: 6
|
Posted: Wed Apr 02, 2014 12:14 am Post subject: A lot to take in. |
|
|
There's a lot to take in here.
I guess, what I was trying to aim for is load everything into /core,
then in the root directories, use /home /server from root directories, lessing the total folder structure to try and minimize impact on
different types of data.
The base linux file structure if I read this right consists of multiple directories, 14 directories and I was trying to load / as root, and from root all other programs would be in /core.
So i guess on the root file structure, I wanted just enough to get the system up and running, then link to /core for everything else, that way if /core gets corrupted, i still would have
a system to run on, albeit a minimal one.
/boot on the file structure would have grub and stuff on it to boot to /, then from / I would have /home (for the users) and /server (for server files - such as Apache Documents, Perl, Python, Ruby, Etc...)
simply put...
Code: | ---40 GB HD 1---
/boot - 0.5 GB : SDA1
swap space - 6.5 GB : SDA2
/ - 5 GB : SDA3
/server - 22 GB : SDA4
---120 GB HD 2---
/core - 40 GB : SDB1
/home - 71 GB : SDB2
|
Anyway... I've got a lot of research to do. |
|
Back to top |
|
|
1clue Advocate
Joined: 05 Feb 2006 Posts: 2569
|
Posted: Wed Apr 02, 2014 1:20 am Post subject: |
|
|
Again, what you're trying to do is pretty much the way it is now, without the systemd-inspired modifications. You should understand the FHS before you go through all this trouble.
Here might be a little easier to read: http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
Or google FHS or filesystem hierarchy standard and click on almost anything that comes up.
I strongly suspect that if you go through with this, you'll realize you've done all the work to get what you had in the first place. |
|
Back to top |
|
|
1clue Advocate
Joined: 05 Feb 2006 Posts: 2569
|
Posted: Wed Apr 02, 2014 4:11 pm Post subject: Re: A lot to take in. |
|
|
joshualonsdale wrote: |
simply put...
Code: | ---40 GB HD 1---
/boot - 0.5 GB : SDA1
swap space - 6.5 GB : SDA2
/ - 5 GB : SDA3
/server - 22 GB : SDA4
---120 GB HD 2---
/core - 40 GB : SDB1
/home - 71 GB : SDB2
|
Anyway... I've got a lot of research to do. |
Code: |
/boot 0.5
swap 6.5
/ as low as 1.0, depending on your other partitions
/server 22 -- This could be on its own partition, but you might want to mount or link the traditional directories as appropriate to cut down on partition count.
/usr 40 -- your /core
/home 71
and a few other mounts to take the load off of /.
|
The / filesystem, traditionally, is solely for what it takes to boot the machine.
/usr is for "the rest" of the software that comes with the distro, stuff that is not required to run the basic machine.
/home is good to have on its own partition so that downloading too much junk can't take down the entire system.
Your /server files could be one or more chroot jails, but typically web server documents go in /var/www which you could make its own partition.
There are some standard approaches to doing what you're trying to do, but there's not really much reason to change the locations of things. Doing so will make it very hard for you to get support, since people generally know where they USUALLY are, and nobody will know where you put it. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|