dchroot-dsa - enter a chroot environment
dchroot-dsa [-h|--help | -V|--version | -l|--list | -i|--info |
--config | -p|--listpaths] [-d directory|--directory=directory]
[-q|--quiet | -v|--verbose] [-c chroot|--chroot=chroot | --all |
dchroot-dsa allows the user to run a command or a login shell in a
chroot environment. If no command is specified, a login shell will be
started in the user’s home directory inside the chroot.
The user’s environment will be preserved inside the chroot.
The command is a single argument which must be an absolute path to the
program. Additional options are not permitted.
The directory the command or login shell is run in depends upon the
context. See --directory option below for a complete description.
This version of dchroot-dsa is a compatibility wrapper around the
schroot(1) program. It is provided for backward compatibility with the
dchroot-dsa command-line options, but schroot is recommended for future
use. See the section “Migration” below for help migrating your
existing dchroot-dsa configuration to schroot. See the section
“Incompatibilities” below for known incompatibilities with older
versions of dchroot-dsa.
dchroot-dsa accepts the following options:
Show help summary.
Select all chroots. Note that earlier versions of dchroot-dsa
did not include this option.
Specify a chroot to use. This option may be used multiple times
to specify more than one chroot, in which case its effect is
similar to --all. If this option is not used, the first non-
option argument specified the chroot to use. Note that earlier
versions of dchroot-dsa did not include this option.
List all available chroots.
Print detailed information about the available chroots. Note
that earlier versions of dchroot-dsa did not include this
Print absolute locations (paths) of the available chroots.
Print configuration of the available chroots. This is useful
for testing that the configuration in use is the same as the
configuration file. Any comments in the original file will be
missing. Note that earlier versions of dchroot-dsa did not
include this option.
Change to directory inside the chroot before running the command
or login shell. If directory is not available, dchroot-dsa will
exit with an error status.
The default behaviour (all directory paths are inside the
chroot) is to run the login shell or command in the user’s home
directory, or / if the home directory is not available. If none
of the directories are available, dchroot-dsa will exit with an
Print only essential messages. Note that earlier versions of
dchroot-dsa did not include this option.
Print all messages. Note that earlier versions of dchroot-dsa
did not include this option.
Print version information.
The original dchroot-dsa configuration file, /etc/dchroot.conf, used by
earlier versions of dchroot-dsa, has the following format:
· ‘#’ starts a comment line.
· Blank lines are ignored.
· Chroot definitions are a single line containing an identifier,
path, and users, an optional user list separated by whitespace
(space and tab), or a colon (‘:’), semicolon (‘;’), or comma
An example file:
# Example comment
sid /srv/chroot/sid rleigh,fred
This file defines a chroot called ‘sarge’, located at
/srv/chroot/sarge, and a second chroot called ‘sid’, located at
/srv/chroot/sid. The second chroot specifies that it may only be used
by the users “rleigh” and “fred”.
· Log messages are worded and formatted differently.
· dchroot-dsa provides a restricted subset of the functionality
implemented by schroot, but is still schroot underneath. Thus
dchroot-dsa is still subject to schroot security checking,
including PAM authentication and authorisation, and session
management, for example, and hence may behave slightly
differently to earlier versions of dchroot-dsa in some
A dchroot package provides an alternative dchroot implementation.
· All the above incompatibilities apply.
· This version of dchroot has incompatible command-line options,
and while some of those options are supported or have equivalent
options by a different name, the -c option is required to
specify a chroot. It also allows a shell script to be used as
the option instead of a single absolute path, and allows
multiple command options instead of a single option.
· This version of dchroot has an incompatible format for
dchroot.conf. While the first two fields are the same, the
third field is a optional personality, instead of the users user
list permitted to access the chroot allowed by this version. If
personality support is needed, please use schroot.conf and add
the allowed users there, as shown in “Migration” below.
To migrate an existing dchroot-dsa configuration to schroot, perform
the following steps:
1 Dump the dchroot-dsa configuration in schroot keyfile format to
# dchroot-dsa --config >> /etc/schroot/schroot.conf
2 Edit /etc/schroot/schroot.conf to add access to the users and/or
groups which are to be allowed to access the chroots, and make
any other desired changes to the configuration. See
3 Remove /etc/dchroot.conf, so that dchroot-dsa will subsequently
use /etc/schroot/schroot.conf for its configuration.
$ dchroot-dsa -l
Available chroots: sarge, sid
$ dchroot-dsa --listpaths
$ dchroot-dsa -q sid -- /bin/uname
$ dchroot-dsa sid
I: [sid chroot] Running login shell: “/bin/bash”
Note that the top line was echoed to standard error, and the remaining
lines to standard output. This is intentional, so that program output
from commands run in the chroot may be piped and redirected as
required; the data will be the same as if the command was run directly
on the host system.
If something is not working, and it’s not clear from the error messages
what is wrong, try using the --debug=level option to turn on debugging
messages. This gives a great deal more information. Valid debug
levels are ‘none’, and ‘notice’, ‘info’, ‘warning’ and ‘critical’ in
order of increasing severity. The lower the severity level, the more
If you are still having trouble, the developers may be contacted on the
Debian buildd-tools Developers
None known at this time.
The system-wide dchroot-dsa chroot definition file. This file
must be owned by the root user, and not be writable by other.
If present, this file will be used in preference to
The system-wide schroot definition file. This file must be
owned by the root user, and not be writable by other. It is
recommended that this file be used in preference to
/etc/dchroot.conf, because the chroots can be used
interchangeably with schroot, and the user and group security
policies provided by schroot are also enforced.
This implementation of dchroot-dsa uses the same command-line options
as the dchroot found on machines run by the Debian System
Administrators for the Debian Project. These machines have a dchroot-
dsa source package which provides a dchroot-dsa package, written by Ben
Collins <email@example.com> and Martin Schulze <firstname.lastname@example.org>.
Copyright © 2005-2010 Roger Leigh <email@example.com>
dchroot-dsa is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.
schroot(1), sbuild(1), chroot(2), schroot-setup(5), schroot.conf(5).