How do one do chrooting in Puppy?

[Mike3]

So I'm thinking about chrooting to be able to run browsers isolated from the rest of the system.

Does it make like a copy of the whole filesystem to fool the app it is running in the original or real environment when it is running in a copy and this would then like double the space that is loaded to RAM at startup?

I also looked at some descriptions on how to do the chrooting but it was debian or ubuntu.

how is it done in puppy?

[snoring_cat]

Hi Mike3,

You can use chroot in Puppy Linux the same way you do in other Linux distributions. If you are just running apps more securely, BarryK's EasyOS does a lot of "jail"ing and compartmentalization for you out-of-the-box. I would recommend that option versus doing what follows, since you will have to do a lot of file copying, getting the browser to display, etc. Alternatively to using chroot or EasyOS, you can use VirtualBox or QEMU. The key thing is that chroot is only part of the security solution. VirtualBox, QEMU, etc. can also restrict access to network devices and other hardware.

If You Still Want to Know About chroot
Warning, geeky stuff follows
To use chroot with Puppy Linux, here is a simple example file/folder setup with files that I copied from my OS (yes, you have to copy over all necessary files into your chroot "jail" folder)

Code: Select all

find /root/my_little_jail
/root/my_little_jail/lib64/ld-linux-x86-64.so.2
/root/my_little_jail/lib/x86_64-linux-gnu/libpcre2-8.so.0
/root/my_little_jail/lib/x86_64-linux-gnu/libselinux.so.1
/root/my_little_jail/lib/x86_64-linux-gnu/libtinfo.so.6.2
/root/my_little_jail/lib/x86_64-linux-gnu/libtinfo.so.6
/root/my_little_jail/lib/x86_64-linux-gnu/libpthread.so.0
/root/my_little_jail/lib/x86_64-linux-gnu/libgtk3-nocsd.so.0
/root/my_little_jail/lib/x86_64-linux-gnu/libdl.so.2
/root/my_little_jail/lib/x86_64-linux-gnu/libc.so.6
/root/my_little_jail/bin/ls
/root/my_little_jail/bin/bash

mkdir -p /root/my_little_jail/usr
ln -s /lib /root/my_little_jail/usr/lib

Then if you type the following, you will be in your chroot "jail", where you only have a bash shell and can only run "ls".

Code: Select all

chroot /root/my_little_jail

To exit out of your chroot jail back to your main Puppy Linux, type exit.

To clarify, only files that are copied into the /root/my_little_jail folder will be accessible once you run "chroot /root/my_little_jail". Regarding the fact that you will use more disk space, and possibly ramdisk space, you can make a work around by creating a SFS file that would contain all of the files under /root/my_litle_jail. The command to make the SFS file would be similar to the following

Code: Select all

mksquashfs /root/my_little_jail my_litle_jail.sfs -keep-as-directory
sfs_load my_little_jail.sfs
chroot /my_little_jail

This way, when chrooted into your jail, only data things, like browser profile settings and downloads will be saved to disk/ramdisk/savefile. All of your apps are in the my_little_jail.sfs file (which you can tell Puppy Linux NOT to load into memory/savedisk/ramdisk).