Archive for the ‘Linux Installation’ Category

h1

Missing Dependency: perl(URI)

November 10, 2010

Solution with an example below
###########################################

-bash-3.2# yum install subversion
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: centos.mirror.netriplex.com
* base: mirror.sanctuaryhost.com
* extras: mirror.steadfast.net
* updates: mirrors.serveraxis.net
addons                                                                                                                                           |  951 B     00:00
base                                                                                                                                             | 2.1 kB     00:00
extras                                                                                                                                           | 2.1 kB     00:00
updates                                                                                                                                          | 1.9 kB     00:00
Excluding Packages in global exclude list
Finished
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package subversion.i386 0:1.4.2-4.el5_3.1 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Processing Dependency: neon >= 0.25.5-6.el5 for package: subversion
–> Processing Dependency: libneon.so.25 for package: subversion
–> Running transaction check
—> Package neon.i386 0:0.25.5-10.el5_4.1 set to be updated
—> Package subversion.i386 0:1.4.2-4.el5_3.1 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Finished Dependency Resolution
subversion-1.4.2-4.el5_3.1.i386 from base has depsolving problems
–> Missing Dependency: perl(URI) >= 1.17 is needed by package subversion-1.4.2-4.el5_3.1.i386 (base)
Error: Missing Dependency: perl(URI) >= 1.17 is needed by package subversion-1.4.2-4.el5_3.1.i386 (base)
You could try using –skip-broken to work around the problem
You could try running: package-cleanup –problems
package-cleanup –dupes
rpm -Va –nofiles –nodigest
The program package-cleanup is found in the yum-utils package.

Solution
#########################
Get the latest perl-URI rpm from http://packages.sw.be/perl-URI/ and install it:


-bash-3.2# wget http://packages.sw.be/perl-URI/perl-URI-1.17-1.el2.rf.noarch.rpm
–2010-11-09 19:43:20–  http://packages.sw.be/perl-URI/perl-URI-1.17-1.el2.rf.noarch.rpm
Resolving packages.sw.be… 85.13.226.40
Connecting to packages.sw.be|85.13.226.40|:80… connected.
HTTP request sent, awaiting response… 302 Found
Location: http://rpmforge.sw.be/redhat/el2.1/en/i386/rpmforge/RPMS/perl-URI-1.17-1.el2.rf.noarch.rpm [following]
–2010-11-09 19:43:20–  http://rpmforge.sw.be/redhat/el2.1/en/i386/rpmforge/RPMS/perl-URI-1.17-1.el2.rf.noarch.rpm
Resolving rpmforge.sw.be… 85.13.226.40
Reusing existing connection to packages.sw.be:80.
HTTP request sent, awaiting response… 200 OK
Length: 94140 (92K) [application/x-rpm]
Saving to: `perl-URI-1.17-1.el2.rf.noarch.rpm’

100%[==============================================================================================================================>] 94,140       193K/s   in 0.5s

2010-11-09 19:43:21 (193 KB/s) – `perl-URI-1.17-1.el2.rf.noarch.rpm’ saved [94140/94140]

-bash-3.2# rpm -ivh perl-URI-1.17-1.el2.rf.noarch.rpm
Preparing…                ########################################### [100%]
1:perl-URI               ########################################### [100%]

-bash-3.2# yum install subversion
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: centos.mirror.netriplex.com
* base: mirror.sanctuaryhost.com
* extras: mirror.steadfast.net
* updates: mirrors.serveraxis.net
addons                                                                                                                                           |  951 B     00:00
base                                                                                                                                             | 2.1 kB     00:00
extras                                                                                                                                           | 2.1 kB     00:00
updates                                                                                                                                          | 1.9 kB     00:00
Excluding Packages in global exclude list
Finished
Setting up Install Process
Resolving Dependencies
–> Running transaction check
—> Package subversion.i386 0:1.4.2-4.el5_3.1 set to be updated
–> Processing Dependency: neon >= 0.25.5-6.el5 for package: subversion
–> Processing Dependency: libneon.so.25 for package: subversion
–> Running transaction check
—> Package neon.i386 0:0.25.5-10.el5_4.1 set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

========================================================================================================================================================================
Package                                  Arch                               Version                                           Repository                          Size
========================================================================================================================================================================
Installing:
subversion                               i386                               1.4.2-4.el5_3.1                                   base                               2.3 M
Installing for dependencies:
neon                                     i386                               0.25.5-10.el5_4.1                                 base                               101 k

Transaction Summary
========================================================================================================================================================================
Install       2 Package(s)
Upgrade       0 Package(s)

Total download size: 2.4 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): neon-0.25.5-10.el5_4.1.i386.rpm                                                                                                           | 101 kB     00:00
(2/2): subversion-1.4.2-4.el5_3.1.i386.rpm                                                                                                       | 2.3 MB     00:01
————————————————————————————————————————————————————————
Total                                                                                                                                   1.2 MB/s | 2.4 MB     00:02
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : neon                                                                                                                                             1/2
Installing     : subversion                                                                                                                                       2/2

Installed:
subversion.i386 0:1.4.2-4.el5_3.1

Dependency Installed:
neon.i386 0:0.25.5-10.el5_4.1

Complete!
-bash-3.2#

h1

Virtuozzo Upgrade : Upgrading from Virtuozzo3 to Virtuozzo4

August 18, 2008

Upgrading from Virtuozzo 3 to Virtuozzo 4
================================

First of all refer to :  http://www.parallels.com/en/products/virtuozzo/easy-upgrade/ for detailed explanation. When I decided to upgrade, there was not much available except the above docs. I used the inbuilt vzup2date for the upgrade purpose.

First of all apply all updates on your current Virtuozzo 3 using vzup2date , by selecting udate for virtuozzo 3.0.x only. Once updates are applied, it also does a kernel upgrade. It will finally ask if you want to reboot. Just select finish, and dont reboot. It is better to reboot manually, so that you can swith back to old kernel, in case the new kernel panics or hang up during boot.

Step 1
===================================================

[root@vpsMainNode virtuozzo]# vzup2date

Apply all updates on your current Virtuozzo 3.
Select option reboot manually and dont hit the reboot option, just select finish.

Next,

Edit /etc/grub.conf  and change the option

default=0 to default=1 , so that the current kernel is selected in grub , instead of the new kernel , that was just installed.

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB  version 0.95  (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported.  For the first word, TAB
lists possible command completions.  Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf  and change the option

default=1 to default=0

Next,

Run vzup2date again and select updates for Virtuozzo 3 , and go next , next to finish install ( select option manual reboot )
[root@vpsMainNode virtuozzo]# vzup2date

If all Virtuozzo 3 are already applied, you will see no more update available message.

Now that Virtuozzo 3 has all its latest stuff in its version, we will update Virtuozzo 3 to Virtuozzo 4.

Run vzup2date again,
[root@vpsMainNode virtuozzo]# vzup2date

This time, select Virtuozzo 4 for upgrades, do the usual next , next to apply updates. ( select option manual reboot )

This process will take some time depending on speed. Usually 20 to 60 minutes.

Again this will install a newer kernel, so

Next we configure grub to boot the new kernel only for the next reboot. If the reboot does not go well and the system does not boot properly, do a hard reset ( ask your DC, if

reqd. ) and you will successfully boot into the last working kernel.

[root@vpsMainNode virtuozzo]# grub shell
Probing devices to guess BIOS drives. This may take a long time.

GNU GRUB  version 0.95  (640K lower / 3072K upper memory)

[ Minimal BASH-like line editing is supported.  For the first word, TAB
lists possible command completions.  Anywhere else TAB lists the possible
completions of a device/filename.]

grub> savedefault –default=0 –once
grub> quit

[root@vpsMainNode virtuozzo]#

Reboot the server. If all goes fine, and the server comes up with the new kernel, edit /etc/grub.conf  and change the option

default=1 to default=0

Voila !   you have upgraded your server from Virtuozzo 3 to Virtuozzo 4. You will see that all nodes will work properly, start the nodes, if any active node is down in the usual

way.

[root@vpsMainNode virtuozzo]# vzctl start VE_ID

Note VE_ID is now also called as CT_ID ( container ID )

You will find that the Service VE ( now called as Service Container )  will fail to start. If not, then fine. You have nothing left to do , except running a vzup2date again and

apply any newer updates for one more time. If any new kernel is installed , then modify grub.conf as already discussed, while rebooting.

In case Service VE ( now called as Service Container )  fails to start or does not start, you will be unable to access your virtuozzo control panel.

Note , I destroyed old Service VE and recreated it, if for any reason, you want backup of old service , you might chose to make a backup of it.

Here is what I did to install the service CT
###############################################
[root@vpsMainNode virtuozzo]# vzctl destroy 1
[root@vpsMainNode virtuozzo]# cd /root/
[root@vpsMainNode virtuozzo]# wget http://download.parallels.com/virtuozzo/virtuozzo4.0/linux/iso/lin-i386.iso
[root@vpsMainNode virtuozzo]# mkdir /mnt/iso
[root@vpsMainNode virtuozzo]# mount -o loop lin-i386.iso /mnt/iso
[root@vpsMainNode virtuozzo]# vzsveinstall -D /mnt/iso -s xx.yy.zz.IP

[root@vpsMainNode virtuozzo]# vzlist -a | grep CT
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
1         77 running   xx.yy.zz.IP  ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# lsof  -i :4643
COMMAND   PID   USER   FD   TYPE   DEVICE SIZE NODE NAME
vzaproxy  531   root    4u  IPv4 10286471       TCP *:4643 (LISTEN)
vzcp      591   root    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      595 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp      596 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
vzcp     3004 apache    4u  IPv4 10286403       TCP *:4643 (LISTEN)
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode virtuozzo]# vzctl  restart 1
Restart Container
Stopping Container …
Container was stopped
[  OK  ] down vzagent: [  OK  ]
[  OK  ] vzagent: [  OK  ]
Container is unmounted
Starting Container …
Starting vzagent: [  OK  ]
Starting vzagent: [  OK  ]
Container is mounted
Setting devperms 20006 dev 0x7d00
Adding IP address(es): xx.yy.zz.IP
Hostname for Container set: ServiceCT
File resolv.conf was modified
Container start in progress…

[root@vpsMainNode virtuozzo]# vzlist  -a | grep CT
CTID      NPROC STATUS    IP_ADDR         HOSTNAME
1         77 running   xx.yy.zz.IP  ServiceCT
[root@vpsMainNode virtuozzo]#

[root@vpsMainNode log]# cd /root/
[root@vpsMainNode ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             9.9G  4.1G  5.3G  44% /
/dev/sda1             494M   81M  388M  18% /boot
none                  4.0G     0  4.0G   0% /dev/shm
/dev/sda3             448G  267G  158G  63% /vz
/dev/sdb1             459G  123G  313G  29% /backup
/root/lin-i386.iso    582M  582M     0 100% /mnt/iso

[root@vpsMainNode ~]# mkdir /root/virt4_source
[root@vpsMainNode ~]# cp -r /mnt/iso/* /root/virt4_source/
[root@vpsMainNode ~]# umount /mnt/iso

[root@vpsMainNode ~]# df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/sda2             9.9G  4.7G  4.8G  50% /
/dev/sda1             494M   81M  388M  18% /boot
none                  4.0G     0  4.0G   0% /dev/shm
/dev/sda3             448G  267G  158G  63% /vz
/dev/sdb1             459G  123G  313G  29% /backup
[root@vpsMainNode ~]#

Congrats !!! , now that you have got the Service Container Up and Running, time to explore/enjoy the new looks in Virtuozzo 4 control panel.

h1

Linux jail

July 2, 2006

Introduction to Jail

Basic concepts and supported platforms

Introduction to Jail

Basic concepts and supported platforms

Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automagically configures & builds all the required files, directories and libraries. Jail is licensed under the GNU General Public License.

Jail program has been written using C, and the setup script has been written using a bash script and perl. Jail has been tested under Linux (Debian 2.1 & 2.2, RedHat 6.1, 6.2 and 7.0 and Caldera Openlinux 7.0), Solaris (2.6), IRIX (6.5) and FreeBSD 4.3. Some people has contributed to jail with patches and ideas. Thanks to all of them.

Jail supports lots of interesting features:

  • Runs on Linux, Solaris, IRIX and freeBSD (tested) and should run in any of the flavours of these operating systems.
  • Modular design, so you can port Jail in an easy way.
  • Support for multiple users in a single chrooted environment.
  • Fully customizable user shell.
  • Support for multiple servers: telnetd, sshd, ftpd…
  • Easy to install thanks to the enviroment creation script.
  • Should work in any UNIX.
  • Ease of porting.
  • Allows run any kind of program as a shell.

An html version of the mailing list has been added to the web site. Now you can read all the user contributions, ideas and patches here.

How Jail works

Jail’s design

How Jail works

Jail’s design

Jail is a login tool. Jail works as a wrapper to the user shell, so when the user log in the machine Jail is launched, and the chrooted environment is activated. Then, Jail execs the real user shell, so he gets his session in the server.

The ’chrooted environment’ is a subtree of the full tree in the filesystem, and the top of this subtree is saw by the chrooted user as the root ’/’ entry of the tree. So Jail is so useful for isolate users from the main filesystem’s directory tree. As you can see in the diagram, the light-gray shaded boxes are the chrooted environment:

So any user configured to be chrooted using Jail (e.g. user3) when log into the machine, he will be changed to his home directory (light-grey shaded box labeled user3) and his ’root’ directory will be ’chroot’ that will be showed just like ’/’. That is, user3 only can see the files under the directory called ’chroot’.

Jail internals

How jail interacts with the login process

by Juan M. Casillas

created at 26/08/2003 17:10:48
last updated at 05/09/2003 23:08:47

Before configure Jail, we have to need how Jail works. As you can see in the following diagram, the first things that Jail does is get the user’s information from the non-chrooted /etc/passwd. In this file there are information about where jail is located (the shell entry of the password file for this user) and which directory will be chrooted (the home directory entry of the password file for this user).

After that, Jail changes to the user directory and then it calls chroot in this directory, creating the chrooted environment. After this call, Jail only can see the files under the chrooted directory. Now, Jail setups some environment variables (the HOME and the SHELL variable that will be used by the real shell).

Now, Jail gets the users’ information from the /etc/passwd file in the chrooted environment, and checks if the user home directory is the same that the user home directory information readed from the non-chrooted file. If they are the same, the HOME variable is set to / else, Jail changes to this directory, and changes the HOME variable to this one.

Last, Jail set up again enviroment variables, SHELL is set up with the information readed from the chrooted /etc/passwd file. Now Jail replaces itsef with the shell program stored in the SHELL variable, runing the shell.

Configuring Jail

Overview of the installation process

Jail is launched as a login shell for any of the servers that allows access to the machine from the net, e.g. sshd, telnetd, ftpd, etc. So Jail is the shell of the chrooted users. To build a chrooted user, four steps are required:

  • Build user’s passwd entries in the non-chrooted environment.
  • Setup chrooted environment.
  • Add the software to the chrooted environment.
  • Add the users to the chrooted environment.

The first one is required to allow the user launch jail when a login process is invoked. The second, three and four steps are required to built the chrooted enviroment (create the required directories, copying the library and binary files, changing chrooted /etc/passwd file, and so on).

So these are the required steps in order to setup jail:

  1. Setup Entries
  2. Create directories
  3. Adding users
  4. Adding software
  5.  

Configuring Jail entries

The non-chrooted /etc/passwd file

To build the user’s password entries we can use a user creation script (just one like adduser) or to add the entries by hand. I usually prefer the second way, but first is also fine. If you choose the first method, when the creation scripts ends its work, you have to edit the files by hand. Here, I will use the second. Our nick name for the test user used in the examples will be user3.

All the magic resides on the /etc/passwd file. We have to add a line in this file to create a user in this machine. You have to setup also /etc/group and /etc/shadow if you have shadow passwords installed. Note also that you have to fit the uid an gid fields password, etc.

  user3:x:101:101:Jail Test User:/var/chroot:/usr/local/bin/jail

Note the /var/chroot field. This is the root directory of the chroot environment for this user.

Creating the Jail environment

Or how to invoke mkjailenv

Creating the Jail environment

Or how to invoke mkjailenv

mkjailenv creates the directories, and generates the basic filesystem layout with the special devices. mkjailenv has been written in perl. This are the command line arguments:

mkjailenv chrootdir

Argument

Description

chrootdir

The directory where the chrooted environment will live. It its the home entry in the non-chrooted /etc/passwd file

Invocation example:

mkjailenv /home/chroot

This will create the chrooted enviroment under the directory /home/chroot.

 

Adding users to the Jail

Or how to invoke addjailuser

Adding users to the Jail

Or how to invoke addjailuser

addjailuser edit the chrooted /etc/passwd automatically, creates the user directories, addjailuser has been written in perl script. This are the command line arguments:

addjailuser chrootdir userdir usershell username

Argument

Description

chrootdir

The directory where the chrooted environment will live. It its the home entry in the non-chrooted /etc/passwd file

userdir

The directory inside the chrooted enviroment when the user will live, in our example, /home/user3.

usershell

The user’s shell full path (e.g. /bin/bash)

username

The user’s name. In our example, user3

Invocation example:

addjailuser /var/chroot /home/user3 /bin/bash user3

This will add a user under the directory /var/chroot setups the home directory of the user3 into /home/user3, and selects /bin/bash as default shell for user3. Also edits the chrooted /etc/passwd, /etc/group and /etc/shadow to configure propertly jail.

 

Adding software to Jail

Or how to invoke addjailsw

Adding software to Jail

Or how to invoke addjailsw

addjailsw will copy the programs and the dependencies (libraries, auxiliar files, special devices) into the right places in the chrooted environment. addjailsw has been written in perl script. This are the command line arguments:

addjailsw chrootdir [-D] [-P program args]

Argument

Description

chrootdir

The directory where the chrooted environment will live. It its the home entry in the non-chrooted /etc/passwd file

-P program args (optional)

installs the specific program “program” into the chrooted environment. The script uses the “args” parameter to launch the program where doing the strace command, to allows the program exit nicely, so the strace can do its work. If this parameter isn’t specified, the standard programs included in the file will be installed. See addjailsw’s code for in-deep details.

Invocation examples:

addjailsw /var/chroot
addjailsw /var/chroot -D
addjailsw /var/chroot -P vi "-c q"

The first invocation will add the standard programs under the /var/choot directory. The second invocation will do the same that first’s but also will show what files are going to be copied in /var/chroot. Last, the third invocation will install only the program vi, and when launched in the strace call, the arguments “-c q” will be passed to it (so vi will exit inmediatly).

 

Jail install HOWTO

Installation quick guide

Jail install HOWTO

Installation quick guide

Index

  1. Compiling and installing
  2. Creating the chrooted environment
  3. Adding software into the chrooted environment
  4. Adding users into the chrooted environment
  5. Troubleshooting
  6. Porting, improvements and hacks
  7. Copyright

Compiling and installing

Just untar the package, cd to ./src and edit the makefile and do a ’make’. Now you can choose your architecture from Linux, FreeBSD, Solaris and IRIX. then configure the installation directory (default /usr/local) and you’re ready !. Perhaps you need to tune some of the compiler directives, if you are in a different platform than these ones supported by Jail. After a while, you will have the jail binary created. Then, issue a ’make install’, to do this, you have to be root (the default path to install is /usr/local). Now you are ready to play with jail.

Creating the chrooted environment

Now choose where directory will be your chroot environment. In my example, I choose /var/chroot for the chrooted environment. Now become root, and launch the mkjailenv command:

/usr/local/bin/mkjailenv /var/chroot

The output should look like this:

                mkjailenv
                A component of Jail
                http://www.gsyc.inf.uc3m.es/~assman/jail/
                Juan M. Casillas
 
                Making chrooted environment into /var/chroot
                        Doing preinstall()
                        Doing special_devices()
                        Doing gen_template_password()
                        Doing postinstall()
                Done.
 

After that, you will have the basic chrooted environment installed under /var/chroot.

Adding software into the chrooted environment

After the chrooted environment has been created, we have to add some software inside it. To do this, we will use addjailsw. This scripts, if called without -P argument, will install a default set of programs into the chrooted environment. First of all, were are going to install the basic set of programs, an then we will install the less command.

To install the basic set of programs, we will issue the following command:

/usr/local/bin/addjailsw /var/chroot

The output of the program should look like this:

 
  addjailsw
  A component of Jail
  http://www.gsyc.inf.uc3m.es/~assman/jail/
  Juan M. Casillas
 
  Guessing head args()
  Guessing bash args()
  Guessing cat args()
  Guessing pwd args()
  Guessing ln args()
  Guessing mkdir args()
  Guessing rmdir args()
  Guessing ls args()
  Guessing sh args()
  Guessing mv args()
  Guessing rm args()
  Guessing more args()
  Guessing grep args()
  Guessing vi args()
  Guessing id args()
  Guessing cp args()
  Guessing tail args()
  Guessing touch args()
  creating /var/chroot//bin/ln
  creating /var/chroot//etc/nsswitch.conf
  creating /var/chroot//var/tmp/vi.recover/vi.wTrhwB
  creating /var/chroot//etc/group
  Warning: not allowed to overwrite /var/chroot/etc/group
  creating /var/chroot//lib/libncurses.so.5
  creating /var/chroot//bin/ls
  creating /var/chroot//etc/mtab
  creating /var/chroot//bin/mkdir
  creating /var/chroot//bin/rmdir
  creating /var/chroot//bin/bash
  creating /var/chroot//bin/sh
  creating /var/chroot//etc/passwd
  Warning: not allowed to overwrite /var/chroot/etc/passwd
  creating /var/chroot//tmp/vi.UrdLM7
  creating /var/chroot//bin/mv
  creating /var/chroot//etc/ld.so.cache
  creating /var/chroot//etc/terminfo/x/xterm
  creating /var/chroot//bin/rm
  creating /var/chroot//usr/bin/vi
  creating /var/chroot//lib/libdl.so.2
  creating /var/chroot//usr/bin/id
  creating /var/chroot//lib/ld-linux.so.2
  creating /var/chroot//usr/bin/tail
  creating /var/chroot//bin/cp
  creating /var/chroot//lib/libc.so.6
  creating /var/chroot//usr/bin/head
  creating /var/chroot//bin/cat
  creating /var/chroot//lib/libnsl.so.1
  creating /var/chroot//bin/touch
  creating /var/chroot//lib/libnss_compat.so.2
  creating /var/chroot//bin/pwd
  creating /var/chroot//bin/more
  creating /var/chroot//bin/grep
  creating /var/chroot//proc/meminfo
  creating /var/chroot/null:c:1:3
  creating /var/chroot/tty:c:5:0
 
  Done.
 

As you can see in the output there are some temporal files, and also, there are some files that are begin overwritten, and other that are not allowed to be overwritted. This files are the passwd, group and shadow files of the chrooted environment. When the scripts ends, it cleans all the temporal directories in the chrooted environment.

Now, we are going to install the ’awk’ program into the chrooted environment. We need to call the addjailsw script with the -P argument:

/usr/local/bin/addjailsw /var/chroot -P awk

The output for the script will be something like this:

 
  addjailsw
  A component of Jail
  http://www.gsyc.inf.uc3m.es/~assman/jail/
  Juan M. Casillas
 
  Guessing awk args(0)
  creating /var/chroot//lib/libc.so.6
  Warning: file /var/chroot/lib/libc.so.6 exists.
  Overwritting it
  creating /var/chroot//usr/bin/awk
  creating /var/chroot//etc/ld.so.cache
  Warning: file /var/chroot/etc/ld.so.cache exists.
  Overwritting it
  creating /var/chroot//lib/libm.so.6
  creating /var/chroot//lib/ld-linux.so.2
  Warning: file /var/chroot/lib/ld-linux.so.2 exists.
  Overwritting it
 
  Done.
 

Now, you have awk installed into the chroot environment. You should use this script to install all the software into the chrooted environment

Adding users into the chrooted environment

Now, it is time to add some users into the chroot environment. First of all we need to have the users created in the system, so you can add them by hand, or using adduser. For this example, I will create a new user called chroottest with adduser To do this:

/usr/local/bin/addjailuser /var/chroot /home/chroottest /bin/bash chroottest

After answer all the questions and set the user password, we are ready to add this users to the chrooted environment. This program accepts some parameters:

  1. the first parameter is the full path to the chrooted environment (in my example, is /var/chroot)
  2. the full path of the directory under the user will live. This path will be created under the chrooted environment, and when the user logs into, it will see it as the full path. (e.g, in our example, /home/chroottest is the home directory. addjailuser will create /var/chroot/home/chrootest, and when the user logs into, he will see /home/chroottest. Because it lives under the chrooted environment, he will see a ’virtual’ home directory).
  3. The full path to the shell that the user will use. (e.g, I like to use bash, so I use the /bin/bash parameter. NOTE: if you want yo use some other shell (or program) you will need to add it to the list of the installed programs (see section 2 to see how to do that).
  4. The name of the user, in my example, chroottest

After that, we are ready to launch the program (always as root):

   /usr/local/bin/addjailuser
   /var/chroot
   /home/chroottest
   /bin/bash
   chroottest

The inverted slashes are to allow us insert carriage returns because the line is too long to type it in a single shell line. After launch the command, the output should look like this:

  addjailuser
  A component of Jail
  http://www.gsyc.inf.uc3m.es/~assman/jail/
  Juan M. Casillas
 
  Adding user pruebas in  chrooted environment /var/chroot
  Done.

That’s all. You have the user added into the chrooted environment. Now is time to try it:

su - chroottest

As you can see, you are in the new created chrooted environment, Congratulations !

Troubleshooting

Setting up SSH & scp

Now jail support terminal handling and parameter-passing, so configure ssh & scp now is possible. You only have to install a standard chrooted environment (just as described in this section) and then, install the two programs with the addjailsw script. First of all, install ssh:

/usr/local/bin/addjailsw /var/chroot -P ssh --version

To finish, install scp in the same way:

/usr/local/bin/addjailsw /var/chroot -P scp --version

Now you have the two programs installed in the chrooted environment; you can test it doing a ssh form in and out the chrooted environment, and a scp.

Well, there are not troubleshooting section 😦 Im writting some documentation, and improving the code for jail, mkjailenv, addjailsw and addjailuser. Also we have a mailinglist with some of the tricks and recipes to have jail working:

Jail mail archive

Also, you can generate some log files and send them back to me, so I will try to manage them and find an answer for your problems. I usually need a log for mkenv.pl, addjailuser.pl, addjailsw.pl and the output for a login session into a chrooted account.

Porting, improvements and hacks

If you tailor mkenv.pl for your platform, please send me the new mkenv.pl, so I can put it into the distribution, also, send me patches if you write any of them for jail.

Copyright

This program, the web site, all the documentation an the scripts has been written by Juan M. Casillas . All the source code, web pages, documentation and scripts has been released using the GNU Public License, version 2.0 or above (you can find the complete GPL text in a file called GPL, in the root file of jail’s distribution). Also, this program has been done and improved thanks to the help of lot of people arround the world. Thanks to all for your work, your test-drives, and your improvements & ideas.

 

h1

Linux Install options in Fedora

June 23, 2006

A commonly asked question among new users and some experienced users is how do I do get this or that during the installation of Fedora Core Linux. Below is a list of command line options that can be used when you first boot from your Fedora distro media–taken from Anaconda-10.0:

 

Boot time command args:
-----------------------

expert          Turns on special features:
- allows partitioning of removable media
- prompts for driver disk

noshell         Do not put a shell on tty2 during install.

lowres          Force GUI installer to run at 640x480.

resolution=<mode> Run installer in mode specified, '1024x768' for example.

nousb           Do not load USB support (helps if install hangs
early sometimes).

nofb            Do not load the VGA16 framebuffer required for doing
text-mode installation in some languages

nofirewire      Do not load support for firewire devices

askmethod       Do not automatically use the CD-ROM as the install
source if we detect a Red Hat Linux CD in your CD-ROM drive.

nousbstorage    Do not load usbstorage module in loader.  May help with
device ordering on SCSI systems.

noparport       Do not attempt to load support for parallel ports

noprobe         Do not attempt to detect hw, prompts user instead.

nopcmcia        Ignore PCMCIA controller in system.

skipddc         Skips DDC probe of monitor, may help if its handing system.

graphical       Force graphical install. Required to have ftp/http use GUI.

text            Force text mode install.

vnc             Enable vnc-based installation. You will need to connect
to the machine using a vnc client application.

vncpassword=<password>  Enable a password for the vnc connection. This will
prevent someone from inadvertantly connecting to the
vnc-based installation.

Requires 'vnc' option to be specified as well.

vncconnect=<host>[:<port>]   Once installation is up and running, connect to
the vnc client named <host>, and optionally use port <port>.

Requires 'vnc' option to be specified as well.

updates         Prompt for floppy containing updates (bug fixes).

isa             Prompt user for ISA devices configuration.

dd              Use a driver disk.

driverdisk      Same as 'dd'.

mediacheck      Activates loader code to give user option of testing integrity
of install source (if an ISO-based method).

rescue          Run rescue environment.

nomount         Don't automatically mount any installed Linux partitions
in rescue mode.

nopass          Don't pass keyboard/mouse info to stage 2 installer, good for
testing keyboard and mouse config screens in stage2 installer
during network installs.


serial          Turns on serial console support.

ksdevice        Takes an argument like 'eth0', tells install what network
device to use for kickstart from network.

ks              Kickstart over NFS.

ks=cdrom:       Kickstart from CDROM

ks=nfs:<path>   Kickstart from NFS.

ks=<url>        Kickstart via HTTP.

ks=hd:<dev>     Kickstart via harddrive (dev = 'hda1', for example)

ks=file:<path>  Kickstart from a file (path = 'fd0/ks.cfg')

ks=ftp://<path> Kickstart from FTP.

ks=http://<path> Kickstart from HTTP.

kssendmac       Adds HTTP headers to ks=http:// request that can be helpful
for provisioning systems.  Includes MAC address of all nics in
a CGI environment variable of the form
HTTP_X_RHN_PROVISIONING_0, HTTP_X_RHN_PROVISIONING_1, etc, for
all nics.

dhcpclass=<class> Sends a custom DHCP vendor class identifier. ISC's dhcpcd can
inspect this value using "option vendor-class-identifier".

upgradeany      Don't require an /etc/redhat-release that matches the
expected syntax to upgrade.

lang=<lang>     Language to use for the installation.  This should be a
language which is valid to be used with the 'lang' kickstart
command.

keymap=<keymap> Keyboard layout to use.  Valid values are those which can be
used for the 'keyboard' kickstart command.

ip=<ip>         IP to use for a network installation, use 'dhcp' for DHCP.

netmask=<nm>    Netmask to use for a network installation.

gateway=<gw>    Gateway to use for a network installation.

dns=<dns>       Comma separated list of nameservers to use for a network
installation.

method=nfs:<path> Use <path> for an NFS installation.

method=http://<path> Use <path> for an HTTP installation

method=ftp://<path> Use <path> for an FTP installation

method=hd://<dev>/<path> Use <path> on <dev> for a hard drive installation

method=cdrom    Do a CDROM based installation.

vnc             Do graphical installation via VNC.  Instead of
starting a normal X server, vncserver will be started
and you can then connect remotely to do the
installation.

vncpassword=<password>  Set a password for the vnc session.

vncconnect=<host>[:<port>]   Once installation is up and running, connect to
the vnc client named <host>, and optionally, on port <port>.
Requires 'vnc' option to be specified as well.

Below is a list of undocumented commands that I found contained in the anaconda source:

 

test
debug           Start up pdb immediately
nofallback      If GUI fails exit
rootpath=       Where to install packages (default /mnt/sysimage)
pcic=           Specify pcmcia controller
overhead=       Override LVM overhead calculation
testpath=
mountfs
traceonly       Don't run, just list modules we use
kickstart=      Set serial install and kickstart file
kbdtype=        Set the type of keyboard
module=         Load additional kernel modules
class=          Choose install class to use
autostep        Make kickstart non-interactive
noselinux       Disable Security Enhanced Linux
selinux         Enable Security Enhanced Linux
vnc=
cmdline         Use command line installer
headless        Automate install for machines with no display
virtpconsole=
xfs             Allows the creation of a xfs filesystem
reiserfs        Allows the creation of a reiserfs filesystem
jfs             Allows the creation of a jfs filesystem
syslogd