ไม่สามารถเล่นวิดีโอนี้
ขออภัยในความไม่สะดวก
Linux Tip - Understanding Chroot - Episode 2
ฝัง
- เผยแพร่เมื่อ 23 ก.พ. 2020
- This is a tutorial on using Linux which is a new regular series. The current episode will teach you about the chroot command and how this is used in many phone operating systems. It also will explain the difference between a chroot and a virtual machine.
A chroot is a heavily used feature in any OS currently working on mobile like Android and even Linux Phones. So this has very heavy practical value for those interested in how Phone OS's work.
I'm using Ubuntu 18.04 as my computer. My computer is a brand new Star-labtop.
--------------------------
I'm the Internet Privacy Guy. I'm a public interest technologist. I'm here to educate. You are losing your Internet privacy and Internet security every day if you don't fight for it. Your data is collected with endless permanent data mining. Learn about a TOR router, a VPN , antivirus, spyware, firewalls, IP address, wifi triangulation, data privacy regulation, backups and tech tools, and evading mass surveillance from NSA, CIA, FBI. Learn how to be anonymous on the Internet so you are not profiled. Learn to speak freely with pseudo anonymity. Learn more about the dangers of the inernet and the dangers of social media, dangers of email.
I like alternative communication technology like Amateur Radio and data communications using Analog. I'm a licensed HAM operator.
Contact Rob on the Brax.Me App (@robbraxman) for encrypted conversations (open source platform)
Support this channel on Patreon! www.patreon.co...
bytzVPN.com Premium VPN with Cloud-Based TOR Routing
whatthezuck.net Cybersecurity Reference
brax.me Privacy Focused Social Media - Open Source - Encrypted Communications
rob.brax.me Store for BytzVPN, BraxWifi Router, and merchandise
![[UNCUT] ชาวบ้านถาม “นายกอุ๊งอิ๊งค์” ประชาชนมีกิน มีใช้ กี่โมง? I คนดังนั่งเคลียร์ I 16 ส.ค. 67](http://i.ytimg.com/vi/tKZvOzLIJJc/mqdefault.jpg)
I recently got some project where I needed to build a chroot and jail environment. It was a completely new concept for me at that time. So I fiddled with countless tutorial on this topic and all of them were confusing and messy. I got some idea created some sample chroot environments also but always ran into one or another problem. This tutorial is too good. Too clean and concise. The way you have described an advanced topic like chroot in a simple manner just made me wow. Too good sir. Keep up the good work.
Very helpful! I would have liked a series on this, including the mount bind :)
Dude, this SO powerful!! It's the first time that I hear about chroot. I'm actually learning docker and this video it really helped me to understand the basics. Thank you so much!!!
Chroot! chroot! chroot is on fire!!
The roof! The roof! The roof is on fire!
😂
Amazing explanation and elegant demo. Perfect and clear. Thanks
Thanks! chroot is a very interesting! If I remember correctly, the concept is borrowed from FreeBSD jails.. a powerful and logical implementation on secure containers.
You know more history about it then! I never used FreeBSD. I used Unix back in the day.
chroot was introduced in UNIX all the way back in 1979. no relation to FreeBSD or jails at all!
@@babyboomertwerkteam5662 Thank you for the correction! I didn't know 🙂👍
The content perfectly stimulated my thought process, very well explained.
If you're searching for simplified explanation instead of reading man pages, then you're in the correct place ;)
was having a hard time understanding the topic when I was reading about it else where. Your video was very clear and helped me understand chroot way better. Thank you for your video!
4:50 You dont' need to copy the /bin /lib /lib64 directories.
You can either mount --bind or cp -alf (to create hard links since symbolic links won't work).
# mount --bind /bin /chroot/bin
# mount --bind /lib /chroot/lib
or
# cp -alf /bin /chroot/bin
# cp -alf /lib /chroot/lib
exactly. I mentioned that I wasn't going to teach mount --bind to not complicate the concept. Copying the files required no other explanation
also you don't need to do cd lib, ls, cd .., cd lib64, ls, cd..
you can just do ls lib/, ls lib64/, ls bin/
That would save you about 0.5µs :)
@@svampebob007 you do not seem to get the point of a focused tutorial. the point is not trying to prove how much you think you know or the fastest solution or anything like that. it is to cut out the things that might distract from the main topic and teach something focused and isolated.
@@johnjoyce The pointless use of `cd` does distract from the main topic. `ls ./bin` or `ls /jail/bin` is much cleaner and easier to follow.
New subscriber here! Really enjoying your channel content keep up the great stuff!
I built the same chroot jail for getting restricted access to a subdomain on server via "mount --bind ... " of two directories. Just one problem I can not fix at the moment, the terminal opens in Bash instead of selected ZSH and it does not open in the ~. It opens in chroot directory. If I SSH with "root" and switch to the account in chroot "su - chroot-user", then everything works correctly.
Thanks, Rob!
Windows does have junction links, which is simlar to chroot.
Excellent lesson. I really appreciate the simplicity of your lesson. Keep up the good work! :-)
Most usful for fixing badly broken machines or installing a linux distro from scratch without an installer (eg Gentoo).
nice video Rob, just a was looking to understand the idea of containers. thanks
helpful, thanks
so it shares a similar concept with docker, thank you
Thank you so much! Definitely the best intro tutorial I've seen about chroot. I've watched it twice, and now I understand how to set up SFTP (or even SSH) access for users, but not give those users access to the entire system. BTW - I'm using arch, and I had to also copy across my /usr directory. The size of the jail becomes quite large (relatively speaking):
$ du -sh ./*
338M ./bin
4.3G ./lib
4.3G ./lib64
7.5G ./usr
Probably because I have a lot of things installed.
Yes, /usr is also an important directory. Although often pronounced as "user", the directory actually stands for User System Resources. Part of the reason you needed /usr is because things like SFTP are located here rather than in /bin or /lib(64). This directory is also often where things like GUIs such as Weyland or KDE store their files (e.g. under /usr/lib or /usr/local/lib).
/usr tends to be rather large since this is the directory most applications will write their contents into. Another common approach is to use /opt (which means "optional packages").
It is probably better to have a chroot env. in Docker container and just install it on Linux when is needed.
Amazingly clear and easy to follow, thank you !
9:25 Oof! I thought I'd be in jail forever!😂
Excellent
Great explanation! Just a quick question: why are you using sudo to create the directories? does the ownership of the directories have any effect?
this is absolutely incredible
Can you create a tutorial on how to install the Linux OS on an iPhone? I’ve been told that it can install on an iPhone up to iPhone 7. Appreciate your channel and the content you provide. Best wishes.
I'm using WSL. I got "/bin/bash: error while loading shared libraries: libreadline.so.8: cannot open shared object file: No such file or directory."
Thanks for the video =)
Hey Rob,
Great stuff. Just wanted to check can we restrict a new user to be in the jailed environment and how would i do that ? also is this like a virtual environment where i can play with stuff like installing stuff and if doesn't work out i can delete the folder and everything is gone ? Its like a container from what i understand right but with using the same kernel as we are using on our system.
Looking forward for your thoughts on this.
Thanks!
looks at like count,
419...😏
don't mind if I do. 😎
thanks this is really a nice description
Excellent brother.......
Nicely explained.
Music name please someone :)
Thank you so much, very useful vid!
What are the diferences and similarities between docker and chroot?
docker extensivly uses chroot. Its not one over the other.
You did a better job! Standing ovation !
Thank you so much.
thx
Great video, thanks
Thanks for the video Rob :D
Yes. I previously though chroot was a way of spoofing permissions, but now stand better informed.
Thank you sir!
Chroot, chroot, chroot on the file
Recent
13:25 | 25 Feb Tue || 13:25 25-02-2020 *|* 13:25 Tuesday 25 February 2020
liked
Star laptops or system 76?
whatever you can afford. LOL.
firejail or chroot?
Firejail is for sandboxing applications. Chroot is for changing root user to another root user on a different environment / distro.
So, can one get reel root access on a Ubuntu Touch phone, or is one stuck in a chroot space?
You are stuck in chroot.
@@robbraxmantech I don't like that. I tend to think that as the owner of the device, I should have access to full r/w/ee permissions on the entire filesystem, should I want them.
@@ozzymandius666 What if you want to try something that could mess up your whole file system? One could use chroot to minimize the possible damage zone.
I'm just letting you know the interactions between, in theory, up to 3 OS's in Ubuntu Touch: Ubuntu 16.04, Ubuntu Touch, Android (Halium). It cannot function without a chroot since each has to operate independently in an Android phone. Now is that strictly necessary in a Pinephone? There it's more for simplification. Normally you don't have any reason to mess with the host of the chroot since its only operation is to deal with device drivers
To be specific, Android has to think it's running as Android so it can detect the native Android drivers. So if the chroot didn't exist, there would be no way to separate out the Android binaries from the Ubuntu binaries. Chroots allow different binaries to coexist
Engagement