TransWikia.com

How to build a chroot using docker?

Unix & Linux Asked by Wimateeka on January 20, 2021

Currently I am able to build an Ubuntu 18.04 32-bit chroot on my developer machine and I wanted to know if I can have the process happen inside a docker container.

The process I use:

  • Untar an ubuntu base image (ubuntu-base-18.04.3-base-i386.tar.gz)
  • Copy the resolve.conf from the host to the untarred file system
  • Mount /sys, /proc and /dev
  • Run chroot /location/of/filesystem /bin/bash to get into the chroot and run further setup
  • When done I unmount everything and tar up the /location/of/filesystem.

Is it possible to do this same method inside a docker container?

I don’t see anything about being able to mount/unmount files from within a docker container.

2 Answers

The problem I thought I initially had was because of how I had programmed the script run by the docker container to create the chroot.

It is possible to create a 32-bit chroot in a docker container. I had to run a privileged container, otherwise I could not mount required dirs/file systems (Ex: /proc) to the chroot (And I would receive errors).

I had to modify the steps I used slightly:

  • The docker command I used was: docker run -t --rm --name "chrootTest" -v $(pwd):/root/<CHROOT_SCRIPT_DIR> --privileged --workdir /root/<CHROOT_SCRIPT_DIR> <IMAGE>:<TAG> ./build-chroot.sh <CHROOT_DIR_LOCATION>
  • I do not have to mount /dev or /sys for the chroot modifications I am doing. (The modifications consist of removing directories/files/symlinks and apt-get install-ing some dependencies. I only needed to mount /proc for these actions, but if you are doing something different you may need to mount the other directories.)
  • The script untars the archive into <CHROOT_DIR_LOCATION> and copies the resolve.conf from the host to the untarred file system, while also making any required dirs for mounting.
  • Then I have a heredoc that goes into the chroot and does required setup chroot "$CHROOT_DIR_LOCATION" /bin/bash <<'EOF' ... EOF
  • After setup I tar up the chroot files system, and remove the workdir <CHROOT_DIR_LOCATION> and the script ends and the docker container is removed.

Because of the volume mount, the tar archive with the newly created chroot still exists on the host running the docker command.

Correct answer by Wimateeka on January 20, 2021

I use docker to make changes to the Ubuntu installer live CD. It contains a casper/filesystem.squashfs that is similar to a chroot environment; i.e., it is a complete root filesystem that gets written to the target filesystem during installation. I make changes to the filesystem.squashfs like this:

# extract installer iso
$ osirrox -indev ubuntu-18.04.4-desktop-amd64.iso -extract ./ ./ubuntu-18.04.4-desktop-amd64.d

# extract filesystem squashfs
$ unsquashfs ubuntu-18.04.4-desktop-amd64.d/casper/filesystem.squashfs

# create filesystem tarball
$ tar -cf squashfs-root.tar -C squashfs-root .

# create docker image 
$ docker image import squashfs-root.tar squashfs-root:latest

# create docker container, make changes inside
$ docker run --name squashfs-mine squashfs-root sh -c 'touch /etc/my.conf'

At this point, the now-stopped container squashfs-mine contains the original filesystem, along with any modifications performed during its run. You can now export the container's filesystem as a tar archive:

# extract filesystem tarball
$ docker export -o squashfs-mine.tar squashfs-mine

In my case, I would want to generate a new filesystem.squashfs into the original *.iso contents and re-pack the *.iso:

# populate filesystem directory
$ tar -xf squashfs-mine.tar --one-top-level

# create filesystem squashfs
$ mksquashfs squashfs-mine ubuntu-18.04.4-desktop-amd64.d/casper/filesystem.squashfs

# re-pack iso
$ xorriso -as mkisofs ... -o ubuntu-18.04.4-desktop-amd64.iso ubuntu-18.04.4-desktop-amd64.d

...but your needs are probably different.

Answered by rubicks on January 20, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP