The Chroot command in Unix allows users to make a secure temporary milieu for programs by changing the root of the file systems. This isolation prevents any harm or damage to the primary system. In the previous episode, we consider two other functions of this utility.
How to use it?
Chroot creates a new shell environment, meaning that any modifications made within this environment will only affect files and directories within the Chroot environment, not the central system.
For instance, if you need to test a program on a different operating system version that requires specific libraries unavailable on your primary system, you can build a Chroot environment with the necessary libraries and run the program in this isolated environment. This ensures that the program works correctly without causing any issues on the main system.
However, it is crucial to note that Chroot should only be used by experienced users because improper usage may cause system instability. Moreover, Chroot can help recover systems following emergency failures or malicious attacks.
Installation and exploit
In that article, we consider one of the main functions of utility — system recovery. Chroot can be used for system recovery after a crash or malicious attack. They mean not a last role in that mechanism, the program isolates the file system from the impact that can appear after maintenance. Let’s have a look!
If you have VDS on Serverspace then you need to open the control panel and go to the recovery tab:
Then reboot your server and go ahead. Before usage, main utility update and upgrade your system :
sudo apt update -y && sudo apt upgrade -y
In the first step, we need to discover the label of the recovery disk with the command below:
fdisk -l
Mount device for point, therefore we will work with this. The command below creates a folder and that point:
mkdir mnt && mount dev/vda2 /mnt
Then create a folder and copy the configuration file:
mkdir /mnt/chroot/etc && cp -p /etc/(passwd,group,shadow,gshadow} /mnt/chroot/etc
Creating folders and mounting directories into the system:
mkdir /mnt/chroot/dev
mount --bind /dev /mnt/chroot/dev
mkdir /mnt/chroot/proc
mkdir /mnt/chroot/sys
mount --bind /proc /mnt/chroot/proc
mount --bind /sys /mmt/chroot/sys
Start the virtual environment and perform the necessary operations to restore the system, for example, updating packages or restoring the boot sector:
chroot /mnt
After the operations are completed, exit the chroot environment and mount the file systems:
umount /mnt/chroot/sys && umount /mnt/chroot/proc && umount /mnt/chroot/dev
And at the end of the process reboot your preparation system!
Conclusion
The Chroot command in Unix provides a secure temporary environment for running programs by isolating them from the main system. This isolation prevents any harm or damage to the primary system and can be used for testing programs on different operating system versions with specific libraries unavailable on the primary system. However, it is important to note that it should only be used by experienced users because improper usage may cause system instability. Additionally, Chroot can also be used for system recovery following emergency failures or malicious attacks.
In this article, we have seen how to use Chroot for system recovery after a crash or malicious attack on a VDS server on Serverspace. By following the steps outlined, users can update and upgrade their system, discover the label of the recovery disk, mount the device, create folders and copy configuration files, start the virtual environment and perform necessary operations like updating packages or restoring the boot sector. Finally, they can exit the chroot environment and mount file systems before rebooting their preparation system.
