Multiples entornos X chroot Debian y Ubuntu

Entornos

distro	version	chroot	X	usuario	uso
debian	lenny	no		osiux	boot
debian	testing	si	fluxbox	osiris	personal
debian	lenny	si	fluxbox	debdev	desarrollo
debian	sid	si		debsid	desarrollo
ubuntu	intrepid	si	xfce	ubuntu	pruebas

Servicios

chroot	apache2	mysql	ssh	cups
osiux	8888		22	631
osiris	8080
debdev	80/443	3306
debsid
ubuntu

Esquema

+------------------------------------------------------+
| Sistema Operativo                                    |
|                                                      |
| +--------------------------------------------------+ |
| | Capa de Aplicación                               | |
| |                                                  | |
| |  +--------+  +--------+  +--------+  +--------+  | |
| |  | chroot |  | chroot |  | chroot |  | chroot |  | |
| |  | osiris |  | debdev |  | debsid |  | ubuntu |  | |
| |  +--------+  +--------+  +--------+  +--------+  | |
| |      |           |           |           |       | |
| +------|-----------|-----------|-----------|-------+ |
|        |           |           |           |         |
| +------|-----------|-----------|-----------|-------+ |
| |      |           |           |           |       | |
| | +----|-----------|-----+     |           |       | |
| | | +------+    +------+ |  +------+       |       | |
| | | | sda6 |    | sda7 | |  | sda5 |-------+       | |
| | | +------+    +------+ |  +------+               | |
| | | Datos Encriptados    |                         | |
| | +----------------------+                         | |
| |                                                  | |
| | Capa de Datos                                    | |
| +--------------------------------------------------+ |
|                                                      |
+------------------------------------------------------+

Particiones

/dev/sda1 /              ext3  5Gb
/dev/sda2 swap           swap  5Gb
/dev/sda5 /home          ext3 20Gb
/dev/sda6 /home/osiris   luks 20Gb
/dev/sda7 /www           luks 20Gb


/dev/sda5 /home/chroot/osiris
/dev/sda7 /var/www
/var/www  /home/chroot/osiris/www
/var/www  /home/chroot/devdev/www
/var/www  /home/chroot/ubuntu/www

/etc/fstab

<system>    <mount point>   <type>  <options>       <dump>  <pass>
proc         /proc           proc    defaults        0       0
/dev/sda1    /               ext3    errors=remount-ro 0     1
/dev/sda2    none            swap    sw              0       0
/dev/hda     /media/cdrom0   udf,iso9660 user,noauto     0   0

/dev/sda5    /home           xfs     defaults        0       0
/dev/sda8    /home/media     xfs     defaults        0       0
/home/media  /home/chroot/osiris/home/media  none    bind    0 0
/home/media  /home/chroot/debdev/home/media  none    bind    0 0

proc-osiris  /home/chroot/osiris/proc        proc    none    0 0
proc-debdev  /home/chroot/debdev/proc        proc    none    0 0
proc-debsid  /home/chroot/debsid/proc        proc    none    0 0
proc-ubuntu  /home/chroot/ubuntu/proc        proc    none    0 0

sysfs-osiris /home/chroot/osiris/sys         sysfs   none    0 0
sysfs-debdev /home/chroot/debdev/sys         sysfs   none    0 0
sysfs-debsid /home/chroot/debsid/sys         sysfs   none    0 0
sysfs-ubuntu /home/chroot/ubuntu/sys         sysfs   none    0 0

Instalando el Sistema Principal

aptitude install iptables dmsetup cryptsetup xfsdump xfsprogs testdisk

Particiones Encriptadas

cryptsetup luksFormat /dev/sda6
cryptsetup luksOpen /dev/sda6 osiris
mkfs.ext3 /dev/mapper/osiris

cryptsetup luksOpen /dev/sda6 osiris
mount /dev/mapper/osiris /home/chroot/osiris/home/osiris

Creando una jaula

#!/usr/bin

USERS='osiris debdev debsid ubuntu'

mkdir -p /home/chroot/$USER
debootstrap lenny /home/chroot/$USER http://localhost:8888/debian

echo "proc-$USER /home/chroot/$USER/proc proc none 0 0" >>/etc/fstab
echo "sysfs-$USER /home/chroot/$USER/sys sysfs none 0 0" >>/etc/fstab

mount proc-$USER /home/chroot/$USER/proc -t proc
mount sysfs-$USER /home/chroot/$USER/sys -t sysfs

echo "127.0.0.1 localhost" >/home/chroot/$USER/etc
echo "deb http://localhost:8888/debian lenny main contrib" >/home/chroot/$USER/etc/apt/sources.list

chroot /home/chroot/$USER

--------------------
# devices
cd /dev
MAKEDEV -v generic

# terminal
umount /dev/pts
mount -t devpts -o rw,gid=5,mode=620 none /dev/pts

# deboostrap apt fix
rm -rf /var/lib/apt
mkdir -p /var/lib/apt/lists/partial
touch /var/lib/apt/lists/lock
apt-get update

apt-get install locales
dpkg-reconfigure locales

apt-get install aptitude
aptitude install ssh screen vim mc ncftp htop irssi mutt rsync w3m telnet wget sudo ntpdate

aptitude install apache2-mpm-prefork apache2-utils php5 php5-cli libapache2-mod-php5 php-db
aptitude install php-mail php-net-smtp php-net-socket php-pear php5-curl php5-mysql php5-xdebug
aptitude install mysql-client-5.0 mysql-server-5.0

aptitude install sun-java6-bin sun-java6-jre sun-java6-plugin

aptitude install build-essential linux-headers-$(uname -r)

aptitude install python2.5 python-docutils python-setuptools ipython python-simplejson
easy_install rst2pdf
easy_install sphinx

aptitude install subversion git mercurial

aptitude install graphviz imagemagick


aptitude install alsa-base alsa-tools alsa-utils mocp

aptitude install xserver-xorg xserver-xorg-core xserver-xorg-input-all xinit
aptitude install xfonts-utils xfonts-base xfonts-100dpi xfonts-75dpi
aptitude install xserver-xorg-video-intel
aptitude install fluxbox adesklets
aptitude install ttf-mscorefonts-installer
aptitude install thunar iceweasel epiphany-browser xchat irssi pidgin
aptitude install mplayer

aptitude install geany emacs meld

aptitude install xpdf gqview gthumb
aptitude install wine antiword
aptitude install unrar arj

------------

Editar /etc/inittab

1:2345:respawn:/sbin/getty 38400 tty1
2:23:respawn:/usr/sbin/chroot /home/chroot/osiris/ /sbin/getty 38400 tty2
3:23:respawn:/usr/sbin/chroot /home/chroot/debdev/ /sbin/getty 38400 tty3
4:23:respawn:/usr/sbin/chroot /home/chroot/debsid/ /sbin/getty 38400 tty4
5:23:respawn:/usr/sbin/chroot /home/chroot/ubuntu/ /sbin/getty 38400 tty5

Editar sudoers

osiris  ALL=NOPASSWD: /usr/sbin/chroot /home/chroot/osiris/ /bin/su - osiris*
debdev  ALL=NOPASSWD: /usr/sbin/chroot /home/chroot/debdev/ /bin/su - debdev*
debsid  ALL=NOPASSWD: /usr/sbin/chroot /home/chroot/debsid/ /bin/su - debsid*
ubuntu  ALL=NOPASSWD: /usr/sbin/chroot /home/chroot/ubuntu/ /bin/su - ubuntu*

Chroot Shell

#!/bin/bash
if [ "$1" = "-c" ]; then
    i=0;
    PARAMS="";
    for param in $*; do
            if [ $i -gt 0 ]; then
                PARAMS="$PARAMS $param";
            fi
            let i++;
    done;
    sudo /usr/sbin/chroot /home/chroot/debdev/home/debdev/ /bin/su - $USER -c "$PARAMS"
else
    sudo /usr/sbin/chroot /home/chroot/debdev/home/debdev/ /bin/su - $USER
fi;

Creando usuarios

#!/bin/bash
ID=1000
USERS='osiris debdev debsid ubuntu'
for USER in USERS
do
    $ID = $[ $ID + 1 ]
    groupadd -g $ID $USER
    useradd -d /home/chroot/$USER/home/$USER -u $ID -g $ID -s /usr/local/sbin/chroot-shell $USER
done

ABSOLUTELY NO WARRANTY | free software

Multiples entornos X chroot Debian y Ubuntu

Entornos

Servicios

Esquema

Particiones

/etc/fstab

Instalando el Sistema Principal

Particiones Encriptadas

Creando una jaula

Editar /etc/inittab

Editar sudoers

Chroot Shell

Creando usuarios