On Thu, 2005-04-07 at 12:51 -0400, Edward Faulkner wrote:
> On Apr 7, 2005 12:43 PM, Dave Pearson <dp@...> wrote:
> > mount (as root) proc on /home/todd/proc
>
> I would add one small improvement. Instead of mounting all of proc in
> the chroot, you can bind only what you need (/proc/mm) with something
> like this:
>
> mount --bind /proc/mm /home/todd/proc/mm
>
> regards,
> Ed
Yep. The tun bit was a mess too, heres a slight improvement, just pulling in
the stuff out of the uml site. Now to pull all the names/ids out of the script
and make it more generic! But it works...
Now on 'rod', not todd btw!
cd /home/rod
mkdir ./dev/net
mknod ./dev/net/tun c 10 200 & chown as your user
copy in 'linux' and chmod a+x
mkdir ./proc
touch ./proc/mm
mount --bind /proc/mm ./proc/mm
mkdir tmp , chown rod tmp
run this perl script...
#!/usr/bin/perl
use POSIX;
$userid="rod";
$uid=1005;
$gid=100;
$tun=`tunctl -u $uid -b`;
chomp($tun);
print "tun=$tun\n";
print `ifconfig $tun 192.168.30.41 up`,"\n"; # host end of the 'net'
`echo 1>/proc/sys/net/ipv4/ip_forward`;
print `route add -host 192.168.30.44 dev $tun`,"\n"; # configure guest to match this ip
`echo 1>/proc/sys/net/ipv4/conf/$tun/proxy_arp`;
print `arp -Ds 192.168.30.44 eth0 pub`;
chroot("/home/$userid");
POSIX::setuid($uid);
POSIX::setgid($gid);
exec( "./linux", "ubd0=./$userid-root", "ubd1=./$userid-swap", "devfs=nomount","mem=200M", "con=null", "eth0=tuntap,$tun");
---snip---
there you have it, chrooted uml running as normal user, with network working, and not too much luggage carried
into the chroot.
itchy rod # ps -furod
UID PID PPID C STIME TTY TIME CMD
rod 20415 19972 8 23:43 pts/25 00:01:02 ./linux [rm]
rod 20430 20415 0 23:43 pts/25 00:00:07 [linux]
rod 20434 20415 0 23:43 pts/25 00:00:00 ./linux [rm]
itchy rod # ls /proc/20430/root -l
lrwxrwxrwx 1 root root 0 Apr 7 23:46 /proc/20430/root -> /home/rod
itchy rod #
Cheers
Dave
|