Using debootstrap and schroot to run a chroot jail
By the Bootstrap
We provide basic instructions for using Debian's debootstrap to create a schroot jail for building and testing packages.
Before containers, before Virtualbox, there was chroot . Chroot does precisely what its name implies: It changes the apparent root directory, isolating it in what is known as a chroot or jail. By itself, a chroot jail falls short of a complete guest operating system, but in a Debian-based system, you can come close to one, thanks to debootstrap . The result is a semi-independent installation of Debian or derivative running on the same machine as your main installation.
chroot command first appeared in Version 7 Unix in 1979, and in BSD in 1982, where it was used to test the installation and build system. How chroot operates has remained almost entirely unchanged over the years. However, because you cannot detect the system's true root or its directory tree from within a chroot jail, you are severely limited in what you can do unless you install a separate operating system in the jail – a task that can be daunting if done manually. What debootstrap does is remove the drudgery, making the installation of a CLI operating system a matter of a single command. Similarly, schroot simplifies the daily management of the jail.
Once the chroot is configured, it becomes ideal for sandboxing  – testing a program where it can do minimal harm because it is isolated from the host operating system. In fact, the first use of chroot was to test an installation and build system. Today, debootstrap – usually with the addition of schroot, the chroot manager – remains an important tool for package maintainers who build and test packages for multiple hardware platforms.
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.