[X2Go-User] x2go + chroot

Mike Gabriel mike.gabriel at das-netzwerkteam.de
Thu Mar 15 20:16:47 CET 2012


Hi BUGHUNTER,

On Do 15 Mär 2012 12:58:41 CET BUGHUNTER wrote:

> I need instructions for how to setup a chroot environment on the
> server - I found this old discussion:

> http://www.x2go.org/doku.php/wiki:components:tce

The TCE is a thin client system (lying in a chroot) that can be booted  
via PXE/NFS. The chroot is the rootfs of the netbootet thin client.

> but this seems to be a tool for setting up chroot on the CLIENT side?
> Seems to be a different use case.

Yes.

> What I want:
>
> I would like to chroot users that logged into the server via x2go
> client to see only files in their home directory (or inside their
> "jail") - what is the recommended + most efficient way of doing this
> with the least administrative overhead? - mind the updates! - so
> recompiling jail binaries after every update of relevant software
> should happen automatically, most preferable solution would be:

Have you taken a look at the generic schroot (package name) tool? For  
X2Go you will have to run install one X2Go server per chroot and run  
one SSHd per chroot, I guess. So that is: many SSH ports, one for each  
chroot.

> apt-get install x2go-server-chroot
> x2go-create-chroot /home/user

Nothing like this exists, yet. If you aim at working on such a thing,  
then please contribute it to the project.

I know, that John Sullivan offers a software service designed like you  
suggest, based on VServer.

> without any needed (or minimal) additional interaction after future
> updates so that your jail is always uptodate after an apt-get update.

Big goal...

> does this exist?

No, not yet. But soon???

> if not, how to create it?
>
> THANK you very much for your attention,
> Bughunter

Will be happy to help you with your issues. If you start working on  
actual code, let's move the discussion to the x2go-dev ML.

> BTW search for x2go +chroot with Google to see how small the internet
> can be ;)

Right...

Mike


-- 

DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419

GnuPG Key ID 0xB588399B
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de

freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digitale PGP-Unterschrift
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20120315/1ec9db3d/attachment.pgp>


More information about the x2go-user mailing list