Installing ArchLinux inside an Alpine chroot: Difference between revisions

From Alpine Linux
m (add missing dependencies)
(updated the page with wikitags and moved links to see also section)
Line 1: Line 1:
It's sometimes useful to have another Linux system installed inside a chroot on an Alpine system. This page explains how to install a recent version of [https://www.archlinux.org/ ArchLinux] (either x86 or x86_64) inside an existing Alpine system (assumed to have the same architecture).
It's sometimes useful to have another Linux system installed inside a chroot on an Alpine system. This page explains how to install a recent version of [https://www.archlinux.org/ ArchLinux] (either x86 or x86_64) inside an existing Alpine system (assumed to have the same architecture).
Some useful links:
* https://wiki.archlinux.org/title/Remote_Arch_Linux_Install
* https://wiki.archlinux.org/title/Install_from_Existing_Linux
* https://wiki.archlinux.org/title/Installation_Guide
* [https://superuser.com/questions/111152 What's the proper way to prepare chroot to recover a broken Linux installation?]




<OL>
# Inside your Alpine system: {{Cmd|<nowiki>sudo apk add bash zstd curl wget # BusyBox wget is inadequate
<LI><div>
Inside your Alpine system:
{{Cmd|<nowiki>sudo apk add bash zstd curl wget # BusyBox wget is inadequate
wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh
wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh
mkdir chroot64
mkdir chroot64
sudo bash arch-bootstrap.sh -a x86_64 chroot64
sudo bash arch-bootstrap.sh -a x86_64 chroot64
</nowiki>}}
</nowiki>}}
 
# Then chroot into the newly-created Arch system. I use the following script to do this: {{Cat|/usr/local/bin/start-chroot|<nowiki>
</div>
<LI><div>
Then chroot into the newly-created Arch system. I use the following script to do this:
 
{{Cat|/usr/local/bin/start-chroot|<nowiki>
#!/bin/sh -e
#!/bin/sh -e
user=`whoami`
user=`whoami`
Line 58: Line 44:
chroot . /bin/sh -l "$@"
chroot . /bin/sh -l "$@"
umount ./dev/pts
umount ./dev/pts
umount ./dev ./sys ./proc
umount ./dev ./sys ./proc</nowiki>}}
</nowiki>}}
# At least when setting the Arch system up, you'll want to disable Alpine's grsecurity prohibition against suid/sgid: {{Cmd|sysctl -w kernel.grsecurity.chroot_deny_chmod{{=}}0}}
 
# Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See [https://wiki.archlinux.org/title/Pacman-key#Initializing_the_keyring this link] for more info, and tips about how to speed the process up.){{Cmd|<nowiki>pacman-key --init
At least when setting the Arch system up, you'll want to disable Alpine's grsecurity prohibition against suid/sgid:
 
{{Cmd|sysctl -w kernel.grsecurity.chroot_deny_chmod{{=}}0}}
 
For more info, see:
 
* https://en.wikibooks.org/wiki/Grsecurity
* https://www.gentoo.org/proj/en/hardened/grsecurity.xml
 
</div>
<LI><div>
Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See [https://wiki.archlinux.org/title/Pacman-key#Initializing_the_keyring this link] for more info, and tips about how to speed the process up.)
 
{{Cmd|<nowiki>pacman-key --init
pacman-key --populate archlinux
pacman-key --populate archlinux
pacman -Syyu
pacman -Syyu
Line 80: Line 52:
pacman -S sudo
pacman -S sudo
</nowiki>}}
</nowiki>}}
 
# You can also install any other packages you want. I use: {{Cmd|pacman -S less licenses man-db man-pages procps-ng psmisc sysfsutils base-devel openssh cpio elfutils rsync unzip vim wget zip}}
You can also install any other packages you want. I use:
# Still inside the Arch chroot, assign a root password and create a non-root user: {{Cmd|<nowiki>passwd
 
{{Cmd|pacman -S less licenses man-db man-pages procps-ng psmisc sysfsutils \
  base-devel openssh cpio elfutils rsync unzip vim wget zip
}}
 
</div>
<LI><div>
Still inside the Arch chroot, assign a root password and create a non-root user:
 
{{Cmd|<nowiki>passwd
useradd -m -g users -G wheel -s /usr/bin/bash myuser
useradd -m -g users -G wheel -s /usr/bin/bash myuser
passwd myuser
passwd myuser
export VISUAL=/usr/bin/vim
export VISUAL=/usr/bin/vim
visudo
visudo</nowiki>}}
</nowiki>}}
# Uncomment this line in {{Path|/etc/sudoers}}, then save the file:{{Cat|/etc/sudoers|<nowiki>...
 
## Uncomment to allow members of group wheel to execute any command
Uncomment this line in {{Path|/etc/sudoers}}, then save the file:
%wheel ALL=(ALL) ALL
 
...</nowiki>}}
## Uncomment to allow members of group wheel to execute any command
# Now you're done. You can switch to the non-root user with: {{Cmd|su - myuser}}  
%wheel ALL=(ALL) ALL
# Alternately, to exit the chroot hit {{Key|Ctrl}}+{{Key|D}}.  
 
If you'll want to install any packages from the [https://aur.archlinux.org/ Arch User Repository], you may want to install a richer package manager, such as [https://wiki.archlinux.org/index.php/Yaourt Yaourt]. Do this as the non-root user: {{Cmd|<nowiki>curl -O https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz
</div>
</OL>
 
Now you're done. You can switch to the non-root user with:
 
{{Cmd|su - myuser}}
 
or hit {{Key|Ctrl}}+{{Key|D}} to exit the chroot.
 
If you'll want to install any packages from the [https://aur.archlinux.org/ Arch User Repository], you may want to install a richer package manager, such as [https://wiki.archlinux.org/index.php/Yaourt Yaourt]. Do this as the non-root user:
 
{{Cmd|<nowiki>curl -O https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz
tar -xzf package-query.tar.gz && cd package-query && makepkg -si
tar -xzf package-query.tar.gz && cd package-query && makepkg -si
cd ..
cd ..
curl -O https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz
curl -O https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz
tar -xzf yaourt.tar.gz && cd yaourt && makepkg -si
tar -xzf yaourt.tar.gz && cd yaourt && makepkg -si</nowiki>}}
</nowiki>}}
 
== See also ==


* https://wiki.archlinux.org/title/Remote_Arch_Linux_Install
* https://wiki.archlinux.org/title/Install_from_Existing_Linux
* https://wiki.archlinux.org/title/Installation_Guide
* [https://superuser.com/questions/111152 What's the proper way to prepare chroot to recover a broken Linux installation?]
* https://en.wikibooks.org/wiki/Grsecurity
* https://www.gentoo.org/proj/en/hardened/grsecurity.xml


[[Category:Development]]
[[Category:Development]]
[[Category:Installation]]
[[Category:Installation]]

Revision as of 09:01, 26 April 2025

It's sometimes useful to have another Linux system installed inside a chroot on an Alpine system. This page explains how to install a recent version of ArchLinux (either x86 or x86_64) inside an existing Alpine system (assumed to have the same architecture).


  1. Inside your Alpine system:

    sudo apk add bash zstd curl wget # BusyBox wget is inadequate wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh mkdir chroot64 sudo bash arch-bootstrap.sh -a x86_64 chroot64

  2. Then chroot into the newly-created Arch system. I use the following script to do this:

    Contents of /usr/local/bin/start-chroot

    #!/bin/sh -e user=`whoami` if [ "$user" != "root" ]; then echo "This script needs root access" >&2 exit 1 fi if ! [ -d "$1" ]; then echo "Usage: $0 <chroot directory>" >&2 exit 1 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chmod` ]; then echo "Warning: can't suid/sgid inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chroot` ]; then echo "Warning: can't chroot inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mknod` ]; then echo "Warning: can't mknod inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mount` ]; then echo "Warning: can't mount inside chroot" >&2 fi cd "$1" shift cp -L /etc/resolv.conf ./etc/ || true mount -t proc proc ./proc mount -t sysfs sys ./sys mount -o bind /dev ./dev # next line is said to be important for pacman's signature check mount -o bind /dev/pts ./dev/pts case $1 in -l) shift;; -l*) one=${1#-l}; shift; set -- -$one "$@";; esac chroot . /bin/sh -l "$@" umount ./dev/pts umount ./dev ./sys ./proc
  3. At least when setting the Arch system up, you'll want to disable Alpine's grsecurity prohibition against suid/sgid:

    sysctl -w kernel.grsecurity.chroot_deny_chmod=0

  4. Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See this link for more info, and tips about how to speed the process up.)

    pacman-key --init pacman-key --populate archlinux pacman -Syyu pacman -Rs systemd # inside a chroot, we don't need an init system (nor a kernel) pacman -S sudo

  5. You can also install any other packages you want. I use:

    pacman -S less licenses man-db man-pages procps-ng psmisc sysfsutils base-devel openssh cpio elfutils rsync unzip vim wget zip

  6. Still inside the Arch chroot, assign a root password and create a non-root user:

    passwd useradd -m -g users -G wheel -s /usr/bin/bash myuser passwd myuser export VISUAL=/usr/bin/vim visudo

  7. Uncomment this line in /etc/sudoers, then save the file:

    Contents of /etc/sudoers

    ... ## Uncomment to allow members of group wheel to execute any command %wheel ALL=(ALL) ALL ...
  8. Now you're done. You can switch to the non-root user with:

    su - myuser

  9. Alternately, to exit the chroot hit Ctrl+D.
  10. If you'll want to install any packages from the Arch User Repository, you may want to install a richer package manager, such as Yaourt. Do this as the non-root user:

    curl -O https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz tar -xzf package-query.tar.gz && cd package-query && makepkg -si cd .. curl -O https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz tar -xzf yaourt.tar.gz && cd yaourt && makepkg -si

See also

Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=Installing_ArchLinux_inside_an_Alpine_chroot&oldid=29713"