1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
|
NEWS -*- outline -*-
----
Welcome to schroot 1.0.5. Please read these release notes carefully.
Full installation instructions are provided in the INSTALL file. The
README file also contains more specific notes regarding building and
configuration.
* Major changes in 1.0.5:
Bugfixes only.
* Major changes in 1.0.4:
1) Using symbolic links in the mount path (SCHROOT_MOUNT_DIR) will
no longer result in severe dataloss.
2) LSB init script functions are now used.
* Major changes in 1.0.3:
1) For dchroot and dchroot-dsa, the syslog logging of the command or
shell being run in the chroot now only occurs when running as
root or switching to another user. If the user is the same
inside and outside the chroot, and not root, the command or shell
being run will not be logged.
* Major changes in 1.0.2:
1) The syslog logging of the command or shell being run in the
chroot now only occurs when running as root or switching to
another user. If the user is the same inside and outside the
chroot, and not root, the command or shell being run will not be
logged.
2) A --directory option has been added to schroot, dchroot and
dchroot-dsa. This option allows the user to explictly specify
the working directory inside the chroot.
* Major changes in 1.0.1:
Bugfixes and translation updates only.
* Major changes in 1.0.0:
Bugfixes and translation updates only.
* Major changes in 0.99.4:
1) All errors in the configuration file now show the full details of
the problem, including the exact line number, group and key.
2) Duplicate groups and keys with groups are now treated as errors.
3) The terminal state is only saved and restored when running a
login shell. It is no longer saved and restored when running
commands. This is to correct the problem of schroot being
stopped when running in the background while restoring the
terminal settings.
4) Child processes are now terminated when SIGTERM is received, in
addition to SIGHUP.
* Major changes in 0.99.3:
1) A new chroot type, "directory", has been added. This is the same
as the "plain" type, but additionally allows filesystem mounting
when setup scripts are enabled.
2) A further dchroot compatibility issue has been corrected.
Multiple command options specified on the command line are
concatenated into a single command, separated by spaces.
* Major changes in 0.99.2:
1) A --debug option has been added to all programs. Its use is
documented in the manual pages.
2) When errors are found in the chroot configuration, the line
number in the configuration file is now reported.
3) The use of run-parts(8) is no longer needed. This should make
the package portable to non-Debian systems.
* Major changes in 0.99.1:
1) A dchroot-dsa compatibility mode has been implemented. This
behaves in the same manner as the DSA dchroot program, and is
useful for backward compatibility with DSA dchroot, as well as
migrating from DSA dchroot.
2) The dchroot program is now compatible with the command-line
syntax of older versions, and also matches the older behaviour of
which directory is used inside the chroot. The behaviour is
documented in the manual page.
3) In addition to "groups" and "root-groups" options for controlling
chroot access, "users" and "root-users" have been added for finer
control over access. Corresponding "source-users" and
"source-root-users" options have been added for source chroots.
4) Files, Devices and Locations in schroot.conf must be absolute
pathnames. Relative names are a security risk, because the
behaviour may vary depending on the current working directory.
It was previously the sysadmin's responsibility to set these
correctly, but this rule is now strictly enforced.
* Major changes in 0.99.0:
1) In order to support running 32-bit chroots on 64-bit systems, a
"personality" option has been added. This may be set to
"linux32" to run a 32-bit Linux chroot on an amd64 system, for
example.
2) dchroot has an additional personality field in dchroot.conf.
This may also be set to linux32 to achieve the same effect as the
personality setting in schroot.conf.
3) The root user can access all chroots, even when the root group is
omitted from the groups or root_groups lists. Authentication is
still required, but by default is skipped due to using
pam_rootok.so in the PAM configuration.
4) Session recovery is only performed at system startup, not on
upgrades. This prevents upgrades interfering with active
sessions.
* Major changes in 0.2.11:
1) The 10mount script, used to unmount filesystem in a chroot, will
exit with an error if unmounting fails (for safety). It also
uses /proc/mounts (via a new program, schroot-listmounts) to
ensure all filesystems in the chroot are unmounted.
2) The 05file script, used to unpack and repack chroot archives,
will use schroot-listmounts to check if any filesystems are
mounted before purging the chroot. This is in order to avoid
dataloss.
3) Setup scripts can now abort on failure during cleanup (exec-stop
and setup-stop phases). Previously the scripts continued in the
face of failure, and broken sessions were removed. Broken
sessions which failed to clean up must now be removed by the
system administrator (which was required previously; it just
wasn't apparent), or the session can be ended again once the
problem has been rectified.
* Major changes in 0.2.10:
Bugfixes only.
* Major changes in 0.2.9:
1) The package now compiles with older compilers, such as GCC 3.3
and 3.4.
2) If the current working directory does not exist inside the
chroot, the user's home directory ($HOME, home directory in
passwd, or /) will be used when running a login shell. If
running a command and the directory does not exist, schroot will
exit with an error.
* Major changes in 0.2.8:
Bugfixes only.
* Major changes in 0.2.7:
Bugfixes only.
* Major changes in 0.2.6:
1) For all chroot types, a "command-prefix" option has been added.
This is a command to prefix to all commands run inside the
chroot.
2) The scripts run before and after executing a command or shell in
the chroot have been moved from /etc/schroot/run.d to
/etc/schroot/exec.d. The corresponding configuration option in
schroot.conf has been renamed from "run-session-scripts" to
"run-exec-scripts". This change was to reduce ambiguity in the
naming, to make it easier to understand and configure.
3) The session operations "--recover-session", "--run-session", and
"--end-session" now allow multiple chroots to be specified with
"--chroot", rather than just one.
4) The "file" and "lvm-snapshot" chroot types both implement "source
chroots", to provide access to the source block device and
archive file, respectively. The "source-groups" and
"source-root-groups" options have been added to set the "groups"
and "root-groups" options for the source chroot.
5) The "file" chroot, when accessed as a source chroot using the
"-source" suffix, will now automatically repack itself into a new
archive file on ending a session.
* Major changes in 0.2.5:
1) The output of "--info" now displays a "Path" line if available.
This is the location of the chroot in the filesystem.
* Major changes in 0.2.4:
1) For "block-device" and "lvm-snapshot" type chroots, it is now
possible to add a "location" configuration option to specify the
location of the chroot within the device filesystem, rather than
assuming the location is always the root. This allows multiple
chroots to be stored on a single LVM LV, for example.
2) For "plain" chroots, if setup scripts (run-setup-scripts) is
enabled, session management is also enabled. This is not true
session management, because it uses bind mounts rather than a
copy of the chroot, so should be used with caution, but will make
concurrent access to the chroot with session scripts enabled
rather more useful.
* Major changes in 0.2.3:
1) A dchroot compatibility mode has been implemented. This behaves
in the same manner as the dchroot program, and is useful for
backward compatibility with dchroot, as well as migrating from
dchroot.
2) Access to the source device of an "lvm-snapshot" type chroot is
simplified. For a chroot named "snap", a "block-device" type
chroot named "snap-source" is created for easy access to the
source device.
3) The output of "--info" now includes a "Session Managed" line,
which is true if full session management is available, or false
otherwise.
* Major changes in 0.2.2:
1) Session metadata is now correctly saved and restored.
2) New option "--config" to dump chroot configuration, in the same
manner as "--info". This is useful to test if the configuration
you put in schroot.conf is what schroot is actually parsing.
3) Session-managed chroot types ("file" and "lvm-snapshot") now run
setup and session scripts by default. It was previously disabled
for all chroot types for safety reasons. It's considered safe
for these types due to their ephemeral nature.
* Major changes in 0.2.1:
1) Creating a session now returns a zero exit status on success.
* Major changes in 0.2.0:
1) A new chroot type, "file", has been added, to allow chroots to be
created by unpacking a file archive, such as a tar or zip file.
2) The source has been rewritten in C++, and documented with
Doxygen.
3) A testsuite has been added to unit test as much functionality as
is reasonably possible.
* Major changes in 0.1.7:
1) The chroots now implement locking to restrict access to chroots
which are already in use.
2) The "current-users" and "max-users" configuration options have
been removed. These have been obsoleted by chroot locking.
3) The command-line options "--all-chroots" and "--all-sessions"
have been added, which have similar behaviour to "--all", but
selects all chroots and all active sessions, respectively.
4) Session creation, use and removal is now available for LVM
snapshot chroots, using the options documented in schroot(1).
5) The session commands also work with non-session-based chroot
types (plain and block-device), but is equivalent to using the
chroot normally.
6) An init script is used to recover (restore) session chroots at
system startup.
7) If no chroot is specified, schroot will fall back to using the
"default" chroot. Adding a "default" alias to an existing chroot
will make this chroot the default.
* Major changes in 0.1.6:
1) Setup scripts may be run on startup and shutdown and before and
after a command in order to perform setup tasks such as
configuring the chroot and mounting filesystems. These are
stored in /etc/schroot/setup.d and /etc/schroot/run.d, and run
using run-parts(8). New scripts may easily be added by the
system administrator. See schroot-setup(5).
2) Different types of chroots are now supported. The current types
are "plain" (the default, which is the type supported by previous
releases), "block-device" (a block device mounted on the fly) and
"lvm-snapshot" (and LVM snapshot of an LV made on the fly).
* Major changes in 0.1.5:
1) The authentication system has been extended to remove the
dependency upon libpam_misc. There are no user-visible changes.
2) The root user (uid 0) no longer has special priveleges during
authentication. If the root user should have special priveleges
(such as not requiring authentication to change to any other
user), do the following:
- uncomment the pam_rootok.so line in pam.d/schroot. This will
disable the requirement for root authentication.
- add root to groups (root_groups membership is redundant), so
that root is allowed access.
3) The configuration file, /etc/schroot.conf has been moved to
/etc/schroot/schroot.conf. This should be moved automatically
when upgrading the Debian package.
4) A new directory, /etc/schroot/setup.d has been added. This
contains scripts to perform setup and cleanup tasks in the
chroot, which are run with run-parts(8). This provides an
easy was to configure and customise chroots.
* Major changes in 0.1.4:
1) A new chroot configuration option, "priority", has been added.
This is intended for use with sbuild, to indicate whether the
distribution in a chroot is older than the distribution in
another chroot.
2) The printed messages displaying the command or shell being run
now correctly inform the user if the shell is a login shell or
not.
* Major changes in 0.1.3:
1) HOME, LOGNAME and USER are set in the environment if the old
environment is not being preserved.
2) schroot now aborts earlier if no chroots are defined in
schroot.conf, rather than failing with a confusing failed
assertion error.
3) An option parsing bug which could sometimes cause a crash has
been fixed.
* Major changes in 0.1.2:
1) Support for gettext has been added, to allow localisation into
any language.
2) If a command is specified, it will be searched for in $PATH.
Previously, an absolute path was always required.
* Major changes in 0.1.1:
1) Add a large number of pointer checks.
* Major changes in 0.1.0:
1) Initial release.
2) Debian packaging created.
|