Last active
May 11, 2021 15:48
-
-
Save Javinator9889/71f2efd7d6ff071aade0976add9f6944 to your computer and use it in GitHub Desktop.
Scripts for creating/removing a chroot
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# exit on error | |
set -e | |
# define tput commands | |
# background color using ANSI escape | |
bgBlack=$(tput setab 0) # black | |
bgRed=$(tput setab 1) # red | |
bgGreen=$(tput setab 2) # green | |
bgYellow=$(tput setab 3) # yellow | |
bgBlue=$(tput setab 4) # blue | |
bgMagenta=$(tput setab 5) # magenta | |
bgCyan=$(tput setab 6) # cyan | |
bgWhite=$(tput setab 7) # white | |
# foreground color using ANSI escape | |
fgBLack=$(tput setaf 0) # black | |
fgRed=$(tput setaf 1) # red | |
fgGreen=$(tput setaf 2) # green | |
fgYellow=$(tput setaf 3) # yellow | |
fgBlue=$(tput setaf 4) # blue | |
fgMagenta=$(tput setaf 5) # magenta | |
fgCyan=$(tput setaf 6) # cyan | |
fgWhite=$(tput setaf 7) # white | |
# text editing options | |
txBold=$(tput bold) # bold | |
txHalf=$(tput dim) # half-bright | |
txUnderline=$(tput smul) # underline | |
txEndUnder=$(tput rmul) # exit underline | |
txReverse=$(tput rev) # reverse | |
txStandout=$(tput smso) # standout | |
txEndStand=$(tput rmso) # exit standout | |
txReset=$(tput sgr0) # reset attributes | |
function app_exists { | |
local path=$(command -v "$1") | |
if [ ! $(command -v "$1") ]; then | |
printf "❌ ${txBold}$1 is not installed!${txReset}\n" 1>&2 | |
exit 1 | |
else | |
printf "✅ ${txBold}$1 found at path: ${path}\n" | |
fi | |
} | |
function dir_exists { | |
if [ -d "$1" ]; then | |
printf "✅ Directory $1 found!\n" | |
else | |
printf "❌ Directory $1 not found! Exiting...\n" 1>&2 | |
exit 1 | |
fi | |
} | |
function usage { | |
printf "\t${txBold}Usage${txReset}: [sudo] ${txUnderline}$0 CHROOT_DIR${txReset}\n\n" 1>&2 | |
printf "\t>> Example: sudo ${txReverse}$0 /home/demo\n" 1>&2 | |
exit 1 | |
} | |
[ $# -eq 0 ] && printf "❌ ${bgRed}Jail directory not supplied!${txReset}\n" && usage | |
if [ "$EUID" -ne "0" ]; then | |
printf "❌ ${bgRed}This script must be run with root privileges!${txReset}\n" 1>&2 | |
usage | |
exit 1 | |
fi | |
D="$1" | |
printf "${txBold}▶ [1/5] Checking prerequisites...${txReset}\n" | |
dir_exists "$D" | |
app_exists "schroot" | |
app_exists "debootstrap" | |
printf "Prerequisites checked ✅\n" | |
printf "${txBold}▶ [2/5] Stopping NGINX service...${txReset}\n" | |
chroot $D /etc/init.d/nginx stop || true | |
printf "NGINX stopped ✅\n" | |
printf "${txBold}▶ [3/5] Stopping schroot sessions...${txReset}\n" | |
session=$(schroot --list --all-sessions | grep ubuntu-amd64) || true | |
schroot -e -c $session || true | |
printf "schroot session stopped ✅\n" | |
printf "${txBold}▶ [4/5] Unmounting /run...${txReset}\n" | |
umount $D/run || true | |
printf "/run unmounted ✅\n" | |
printf "${txBold}▶ [5/5] Cleaning-up directory...${txReset}\n" | |
rm -r $D | |
rm /etc/schroot/chroot.d/ubuntu-amd64.conf | |
printf "$D cleaned ✅\n" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# exit on error | |
set -e | |
# define tput commands | |
# background color using ANSI escape | |
bgBlack=$(tput setab 0) # black | |
bgRed=$(tput setab 1) # red | |
bgGreen=$(tput setab 2) # green | |
bgYellow=$(tput setab 3) # yellow | |
bgBlue=$(tput setab 4) # blue | |
bgMagenta=$(tput setab 5) # magenta | |
bgCyan=$(tput setab 6) # cyan | |
bgWhite=$(tput setab 7) # white | |
# foreground color using ANSI escape | |
fgBLack=$(tput setaf 0) # black | |
fgRed=$(tput setaf 1) # red | |
fgGreen=$(tput setaf 2) # green | |
fgYellow=$(tput setaf 3) # yellow | |
fgBlue=$(tput setaf 4) # blue | |
fgMagenta=$(tput setaf 5) # magenta | |
fgCyan=$(tput setaf 6) # cyan | |
fgWhite=$(tput setaf 7) # white | |
# text editing options | |
txBold=$(tput bold) # bold | |
txHalf=$(tput dim) # half-bright | |
txUnderline=$(tput smul) # underline | |
txEndUnder=$(tput rmul) # exit underline | |
txReverse=$(tput rev) # reverse | |
txStandout=$(tput smso) # standout | |
txEndStand=$(tput rmso) # exit standout | |
txReset=$(tput sgr0) # reset attributes | |
function app_exists { | |
local path=$(command -v "$1") | |
if [ ! $(command -v "$1") ]; then | |
printf "❌ ${txBold}$1 is not installed!${txReset}\n" 1>&2 | |
exit 1 | |
else | |
printf "✅ ${txBold}$1 found at path: ${path}\n" | |
fi | |
} | |
function dir_exists { | |
if [ -d "$1" ]; then | |
printf "✅ Directory $1 found!\n" | |
else | |
printf "❗ Directory $1 not found! Creating...\n" 1>&2 | |
mkdir -vp $1 | |
fi | |
} | |
function tree_dir { | |
local exists=$(command -v tree) | |
if [ exists ]; then | |
tree -L 1 "$1" | |
fi | |
} | |
function create_schroot_config { | |
tee /etc/schroot/chroot.d/ubuntu-amd64.conf > /dev/null << EOF | |
[ubuntu-amd64] | |
description=Ubuntu minimal 20.04 for amd64 | |
directory=$1 | |
root-users=$2 | |
type=directory | |
users=$2 | |
EOF | |
} | |
function schroot_init_config { | |
debootstrap --variant=buildd --arch=amd64 focal $1 https://fr.archive.ubuntu.com/ubuntu | |
schroot -c chroot:ubuntu-amd64 -u root --directory=/ -- sh -c "apt-get update && apt-get install -y ubuntu-minimal" | |
} | |
function patch_schroot { | |
sed -i -e 's/^\/dev\s/#&/g' -e 's/^\/home/#&/g' -e 's/^\/tmp/#&/g' -e 's/^\/run/#&/g' /etc/schroot/default/fstab | |
} | |
function create_node { | |
if [ ! -c "/dev/$1" ]; then | |
printf "❌ ${txBold}Character device \"/dev/$1\" does not exist!\n" 1>&2 | |
exit 1 | |
fi | |
local minor=$(stat -c %T "/dev/$1") | |
local major=$(stat -c %t "/dev/$1") | |
if [[ "$minor" -eq "0" && "$major" -eq "0" ]]; then | |
printf "❗ \"/dev/$1\" is not a character device\n" | |
else | |
if [ -z "$2" ]; then | |
printf "❌ ${txBold}Target character directory not provided!\n" 1>&2 | |
exit 1 | |
fi | |
local perms=$(stat -c %a "/dev/$1") | |
printf "\tCreating device \"$1\" with permissions ${perms}...\n" | |
if [ ! -c "$2/dev/$1" ]; then | |
mknod -m "$perms" "$2/dev/$1" c "$major" "$minor" | |
fi | |
fi | |
} | |
function usage { | |
printf "\t${txBold}Usage${txReset}: [sudo] ${txUnderline}$0 CHROOT_DIR USER${txReset}\n\n" 1>&2 | |
printf "\t>> Example: sudo ${txReverse}$0 /home/demo user1\n" 1>&2 | |
exit 1 | |
} | |
[ $# -lt 1 ] && printf "❌ ${bgRed}Jail directory and user not supplied!${txReset}\n" 1>&2 && usage | |
if [ "$EUID" -ne "0" ]; then | |
printf "❌ ${bgRed}This script must be run with root privileges!${txReset}\n" 1>&2 | |
usage | |
exit 1 | |
fi | |
D="$1" | |
U="$2" | |
printf "${txBold}▶ [1/6] Checking prerequisites...${txReset}\n" | |
dir_exists "$D" | |
app_exists "schroot" | |
app_exists "debootstrap" | |
if ! id "$U" &> /dev/null; then | |
printf "❌ ${bgRed}User \"$U\" does not exist!${txReset}\n" | |
exit 1 | |
fi | |
printf "Prerequisites checked ✅\n" | |
printf "${txBold}▶ [2/6] Initializing base system...${txReset}\n" | |
create_schroot_config $D $U | |
patch_schroot | |
schroot_init_config $D | |
printf "Base system created ✅\n" | |
printf "${txBold}▶ [3/6] Creating directory structure...${txReset}\n" | |
mkdir -p $D/{etc/init.d,dev,var/log,/var/lib,var/lib,var/run,usr,usr/sbin,usr/share,usr/lib,lib64,lib32,lib,home/$U} | |
mkdir -p -m 1777 $D/{tmp,var/tmp} | |
tree_dir "$D" | |
printf "Directory structure completed ✅\n" | |
printf "${txBold}▶ [4/6] Creating character devices...${txReset}\n" | |
create_node "tty" "$D" | |
create_node "zero" "$D" | |
create_node "null" "$D" | |
create_node "random" "$D" | |
create_node "urandom" "$D" | |
tree_dir "$D/dev" | |
printf "Character devices created ✅\n" | |
printf "${txBold}▶ [6/6] Adding user to chroot sudoers...${txReset}\n" | |
echo "$U ALL=(ALL) NOPASSWD:ALL" | tee -a $D/etc/sudoers > /dev/null | |
printf "User $U is now an admin ✅\n" | |
printf "✅ ${txBold} All operations are complete!${txReset}\n" | |
printf "▶ Now you can access the chroot by typing:\n" | |
printf "\t${txUnderline}schroot -c chroot:ubuntu-amd64 -u ${U}${txReset}\n" | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment