141

I'm trying to create a Linux image with custom picked packages.
What I'm trying to do is to hand craft the packages I'm going to use on an XO laptop, because compiling packages takes really long time on the real XO hardware, if I can build all the packages I need and just flash the image to the XO, I can save time and space.

When I tried to install some packages, it failed to configure due to missing the proc, sys, dev directories. So, I learned from other places that I need to "mount" the host proc, ... directories to my chroot environment.

I saw two syntax and am not sure which one to use.

In host machine:

  mount --bind /proc <chroot dir>/proc

and another syntax (in chroot environment):

  mount -t proc none /proc

Which one should I use, and what are the difference?

Pro Backup
  • 559
Patrick
  • 2,039

8 Answers8

175

The Arch Linux Wiki suggests the following commands:

cd /mnt/arch # or where you are preparing the chroot dir
mount -t proc /proc proc/
mount --rbind /sys sys/
mount --rbind /dev dev/
lucidbrot
  • 567
gacrux
  • 2,181
68

For /proc and /sys, I suppose you could use either method. They are both special file systems so they can be recreated any number of times (the bind mount method uses the exact same mount as the host system, whereas the other method uses a new mount). I've always seen the bind mount recommended in guides, so I'd use that. As far as I know, there is no real important difference.

However, /dev is usually a tmpfs mount that is managed by udev, so it has to be the actual same file system as on the host machine. That means that you would need to use the bind mount method.

If this chroot is going to be around for awhile, you can put these entries in /etc/fstab on the host system to simplify things.

Zifre
  • 1,630
17

The Gentoo Handbook specifically calls out these two commands for re-mounting /proc and /dev. I've used them several times.

mount -t proc none /mnt/chroot/proc
mount -o bind /dev /mnt/chroot/dev

I suspect /sys is just a regular folder, so you should be able to make a hard link.

ln /sys /mnt/chroot/sys
robert
  • 2,142
  • 1
  • 12
  • 11
4

I was trying to reset the grub password on my laptop via a live USB, so I needed to use chroot as well.

The target system was Ubuntu 16.04 and I was working off an Elementary live USB. These commands worked for me to set up chroot:

mount /dev/nvme0n1p1 /mnt
mount -t proc proc /mnt/proc
mount -t sysfs /sys /mnt/sys
mount --bind /dev /mnt/dev
mount --bind /dev/pts /mnt/dev/pts

From here I was able to chroot in and update-grub /dev/nvme0n1 to fix the password.

Before adding the last two --bind mounts, update-grub threw many errors about not finding devices but picked up the Linux partitions, missing the last Windows one. I guess the Windows part is just a quirk of my system, though.

Remember to umount /mnt/dev/pts, then umount /mnt/dev and the rest before unmounting /mnt.

For more context, this chroot tip might help.

icedwater
  • 166
  • 10
3

There are other pseudo filesystems and tmpfs locations. This is on debian:

/dev/pts 
/run
/run/shm
/proc/sys/fs/binfmt_mist
/var/lib/nfs/rpc_pipefs
/proc/fs/nfsd
/proc/bus/usb

It should be okay to mount the usbfs, rpc_pipefs and devpts pseudo-filesystems from within the chroot. I reccomend not binding /proc to the chroot's /proc, since the kernel has the concept of namespaces, and can actually put different things in the chroot's proc.

Update: according to this mailing list thread, /sys should not be bind mounted, especially if the chrooted processes is using its own network namespace.

It's a bad idea to mount the system's /var or /run onto the chroot, if the chroot has its own pid namespace.

Brian Minton
  • 611
2

It may be worth noting in this popular question, that Arch Linux has made a script arch-chroot; download arch-install-scripts-15-1-any.pkg.tar.xz

This which takes care of various related problems both in Arch-Linux and Manjaro , where I used it successfully, too. Possibly more Arch-derivates like Parabola are compatible just as well.

While a simple standard chroot into a secondary Manjaro installation will not allow you to run

pacman --sync linux

(the silver bullet after a system crash), replacing the line with

arch-chroot /run/media/*YOURSELF*/manja-disk2

will enable you to fix your secondary Arch-derivate installation via

pacman --sync linux

like a charm. The bash script arch-chroot takes care of /dev /sys /proc and much more, which are left alone by the standard chroot.

see also: Using arch-chroot

DavidPostill
  • 162,382
y guy
  • 31
  • 3
0

Easiest way is to use a for loop:

cd /

for i in proc sys dev; do mount -o bind $i /folder/$i; done
oleberlin
  • 29
0

I reworked my chroot.sh and used findmnt to see what was going on. One thing of note is two mount commands make two mounts so don't do this:

mount --rbind /dev dev/
mount --make-rslave /dev dev/

Instead put both on one line as so:

mount --rbind --make-rslave /dev dev/

My setup is this:

mount --rbind --make-rslave /dev dev/
mount --rbind --make-rslave /sys sys/
mount --types proc /proc proc/
mount --bind /tmp tmp/
Engineer
  • 221