Chroot allows you to change the root directory of your current operating system to another directory. This creates an isolated environment where the rest of the system remains unaffected. It is commonly used for development, testing, and system recovery.
Creating a chroot environment in Ubuntu can be done using debootstrap. Debootstrap is a tool that sets up a minimal filesystem for a specified Ubuntu version. This method is effective for building an isolated environment for various use cases.
After setting up the base system, it is necessary to mount essential filesystems like proc, sys, and dev to make the environment functional. This setup simulates a complete Linux environment, suitable for testing, development, or system repairs.
Steps to build Ubuntu chroot environment:
- Launch terminal application.
- Update apt's package repository.
$ sudo apt update [sudo] password for user: Hit:1 http://jp.archive.ubuntu.com/ubuntu focal InRelease Hit:2 http://jp.archive.ubuntu.com/ubuntu focal-updates InRelease Hit:3 http://jp.archive.ubuntu.com/ubuntu focal-backports InRelease Hit:4 http://jp.archive.ubuntu.com/ubuntu focal-security InRelease Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date.
- Install debootstrap using apt.
$ sudo apt install --assume-yes debootstrap Reading package lists... Done Building dependency tree Reading state information... Done Suggested packages: arch-test squid-deb-proxy-client The following NEW packages will be installed: debootstrap 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 39.4 kB of archives. After this operation, 299 kB of additional disk space will be used. Get:1 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 debootstrap all 1.0.118ubuntu1.1 [39.4 kB] Fetched 39.4 kB in 1s (66.1 kB/s) Selecting previously unselected package debootstrap. (Reading database ... 107133 files and directories currently installed.) Preparing to unpack .../debootstrap_1.0.118ubuntu1.1_all.deb ... Unpacking debootstrap (1.0.118ubuntu1.1) ... Setting up debootstrap (1.0.118ubuntu1.1) ... Processing triggers for man-db (2.9.1-1) ...
- Create a chroot folder.
$ mkdir chroot-ubuntu
- Create a base Ubuntu system using debootstrap in the chroot folder.
$ sudo debootstrap --variant=buildd focal chroot-ubuntu I: Retrieving InRelease I: Checking Release signature I: Valid Release signature (key id F6ECB3762474EDA9D21B7022871920D1991BC93C) I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... I: Checking component main on http://archive.ubuntu.com/ubuntu... I: Retrieving adduser 3.118ubuntu2 I: Validating adduser 3.118ubuntu2 I: Retrieving apt 2.0.2 I: Validating apt 2.0.2 I: Retrieving base-files 11ubuntu5 I: Validating base-files 11ubuntu5 ##### snipped
Change focal to any Ubuntu release code name that's still supported.
Related: List of Ubuntu releasesMore options for debootstrap.
$ debootstrap --help Usage: debootstrap [OPTION]... <suite> <target> [<mirror> [<script>]] Bootstrap a Debian base system into a target directory. --help display this help and exit --version display version information and exit --verbose don't turn off the output of wget --download-only download packages, but don't perform installation --print-debs print the packages to be installed, and exit --arch=A set the architecture to install (use if no dpkg) [ --arch=powerpc ] --include=A,B,C adds specified names to the list of base packages --exclude=A,B,C removes specified packages from the list --extra-suites=A,B,C also use packages from the listed suites of the archive --components=A,B,C use packages from the listed components of the archive --variant=X use variant X of the bootstrap scripts (currently supported variants: buildd, fakechroot, minbase) --no-merged-usr do not make /{bin,sbin,lib}/ symlinks to /usr/ --keyring=K check Release files against keyring K --no-check-gpg avoid checking Release file signatures --force-check-gpg force checking Release file signatures (also disables automatic fallback to HTTPS in case of a missing keyring), aborting otherwise --no-resolve-deps don't try to resolve dependencies automatically --log-extra-deps record extra dependency info in debootstrap.log --cache-dir=DIR Use specified directory as package cache directory --unpack-tarball=T acquire .debs from a tarball instead of http --make-tarball=T download .debs and create a gzipped tarball --second-stage-target=DIR Run second stage in a subdirectory instead of root (can be used to create a foreign chroot) (requires --second-stage) --extractor=TYPE override automatic .deb extractor selection (supported: dpkg-deb ar) --debian-installer used for internal purposes by debian-installer --private-key=file read the private key from file --certificate=file use the client certificate stored in file (PEM) --no-check-certificate do not check certificate against certificate authorities
- Mount proc, sys and dev filesystems to the base system.
$ sudo mount -t proc /proc chroot-ubuntu/proc $ sudo mount --rbind /sys chroot-ubuntu/sys $ sudo mount --rbind /dev chroot-ubuntu/dev
- Enter the chroot environment using the chroot command.
$ sudo chroot chroot-ubuntu /bin/bash bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8) root@host:/#
- Use the chroot environment as required.
root@host:/# ls bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var root@host:/# uname -a Linux host 5.4.0-33-generic #37-Ubuntu SMP Thu May 21 12:53:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@host:/# df -h Filesystem Size Used Avail Use% Mounted on tmpfs 2.0G 0 2.0G 0% /sys/fs/cgroup udev 1.9G 0 1.9G 0% /dev tmpfs 2.0G 0 2.0G 0% /dev/shm
- Unmount the proc, sys, and dev filesystems once exiting the chroot environment.
$ sudo umount chroot-ubuntu/proc chroot-ubuntu/sys chroot-ubuntu/dev
- Remove the chroot folder if necessary.
$ sudo rm -rf chroot-folder
This guide is tested on Ubuntu:
Version | Code Name |
---|---|
22.04 LTS | Jammy Jellyfish |
23.10 | Mantic Minotaur |
24.04 LTS | Noble Numbat |
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Comment anonymously. Login not required.