Chroot howto

Jump to bottom Edit New page

adrian-bl edited this page Feb 7, 2011 · 3 revisions

Bitflu can run in a chroot jail. This is recommended for security reasons.

Chroot example for Linux

Replace 12345 with the UID/GID that bitflu should use

Create the 'base directory'

mkdir /foo/bitflu/chroot
chown root:root /foo/bitflu/chroot
mkdir /foo/bitflu/chroot/workdir
chown 12345:12345 /foo/bitflu/chroot/workdir

Create directory for some system libs

mkdir /foo/bitflu/chroot/etc
mkdir /foo/bitflu/chroot/lib
mkdir /foo/bitflu/chroot/dev

..and populate them:

cp /etc/hosts /etc/nsswitch.conf /etc/protocols /etc/resolv.conf /foo/bitflu/chroot/etc
cp /lib/libnss_* /lib/libresolv.so* /foo/bitflu/chroot/lib
mknod /foo/bitflu/chroot/dev/urandom c 1 9

Edit/Create the '.bitflu.config' file and add:

chroot = /foo/bitflu/chroot
runas_uid = 12345
runas_gid = 12345