Installing ArchLinux inside an Alpine chroot: Difference between revisions

From Alpine Linux
(Add Category:Installation)
m (add missing dependencies)
 
(2 intermediate revisions by 2 users not shown)
Line 2: Line 2:


Some useful links:
Some useful links:
* https://wiki.archlinux.org/index.php/Remote_Arch_Linux_Install
* https://wiki.archlinux.org/title/Remote_Arch_Linux_Install
* https://wiki.archlinux.org/index.php/Install_from_Existing_Linux
* https://wiki.archlinux.org/title/Install_from_Existing_Linux
* https://wiki.archlinux.org/index.php/Installation_Guide
* https://wiki.archlinux.org/title/Installation_Guide
* [http://superuser.com/questions/111152 What's the proper way to prepare chroot to recover a broken Linux installation?]
* [https://superuser.com/questions/111152 What's the proper way to prepare chroot to recover a broken Linux installation?]




Line 11: Line 11:
<LI><div>
<LI><div>
Inside your Alpine system:
Inside your Alpine system:
{{Cmd|<nowiki>sudo apk add bash wget # BusyBox wget is inadequate
{{Cmd|<nowiki>sudo apk add bash zstd curl wget # BusyBox wget is inadequate
wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh
wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh
mkdir chroot64
mkdir chroot64
Line 67: Line 67:
For more info, see:
For more info, see:


* http://en.wikibooks.org/wiki/Grsecurity
* https://en.wikibooks.org/wiki/Grsecurity
* http://www.gentoo.org/proj/en/hardened/grsecurity.xml
* https://www.gentoo.org/proj/en/hardened/grsecurity.xml


</div>
</div>
<LI><div>
<LI><div>
Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See [https://wiki.archlinux.org/index.php/Pacman-key#Initializing_the_keyring this link] for more info, and tips about how to speed the process up.)
Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See [https://wiki.archlinux.org/title/Pacman-key#Initializing_the_keyring this link] for more info, and tips about how to speed the process up.)


{{Cmd|<nowiki>pacman-key --init
{{Cmd|<nowiki>pacman-key --init

Latest revision as of 17:54, 20 November 2024

It's sometimes useful to have another Linux system installed inside a chroot on an Alpine system. This page explains how to install a recent version of ArchLinux (either x86 or x86_64) inside an existing Alpine system (assumed to have the same architecture).

Some useful links:


  1. Inside your Alpine system:

    sudo apk add bash zstd curl wget # BusyBox wget is inadequate wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh mkdir chroot64 sudo bash arch-bootstrap.sh -a x86_64 chroot64

  2. Then chroot into the newly-created Arch system. I use the following script to do this:

    Contents of /usr/local/bin/start-chroot

    #!/bin/sh -e user=`whoami` if [ "$user" != "root" ]; then echo "This script needs root access" >&2 exit 1 fi if ! [ -d "$1" ]; then echo "Usage: $0 <chroot directory>" >&2 exit 1 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chmod` ]; then echo "Warning: can't suid/sgid inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chroot` ]; then echo "Warning: can't chroot inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mknod` ]; then echo "Warning: can't mknod inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mount` ]; then echo "Warning: can't mount inside chroot" >&2 fi cd "$1" shift cp -L /etc/resolv.conf ./etc/ || true mount -t proc proc ./proc mount -t sysfs sys ./sys mount -o bind /dev ./dev # next line is said to be important for pacman's signature check mount -o bind /dev/pts ./dev/pts case $1 in -l) shift;; -l*) one=${1#-l}; shift; set -- -$one "$@";; esac chroot . /bin/sh -l "$@" umount ./dev/pts umount ./dev ./sys ./proc

    At least when setting the Arch system up, you'll want to disable Alpine's grsecurity prohibition against suid/sgid:

    sysctl -w kernel.grsecurity.chroot_deny_chmod=0

    For more info, see:

  3. Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See this link for more info, and tips about how to speed the process up.)

    pacman-key --init pacman-key --populate archlinux pacman -Syyu pacman -Rs systemd # inside a chroot, we don't need an init system (nor a kernel) pacman -S sudo

    You can also install any other packages you want. I use:

    pacman -S less licenses man-db man-pages procps-ng psmisc sysfsutils \ base-devel openssh cpio elfutils rsync unzip vim wget zip

  4. Still inside the Arch chroot, assign a root password and create a non-root user:

    passwd useradd -m -g users -G wheel -s /usr/bin/bash myuser passwd myuser export VISUAL=/usr/bin/vim visudo

    Uncomment this line in /etc/sudoers, then save the file:

    ## Uncomment to allow members of group wheel to execute any command
    %wheel ALL=(ALL) ALL
    

Now you're done. You can switch to the non-root user with:

su - myuser

or hit Ctrl+D to exit the chroot.

If you'll want to install any packages from the Arch User Repository, you may want to install a richer package manager, such as Yaourt. Do this as the non-root user:

curl -O https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz tar -xzf package-query.tar.gz && cd package-query && makepkg -si cd .. curl -O https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz tar -xzf yaourt.tar.gz && cd yaourt && makepkg -si