Clubber is a Perl script to make forming
chroot environments less of a task
that makes you want to cry and kill yourself. It requires
ldd. It should be
run interactively as
root, never as an automated or unattended task.
It includes all the
libnss* libraries for you, since even static binaries
require these libraries for
libc functions. It doesn't include files like
/etc/resolv.conf, though; those are up to you to craft.
If you're going to use Clubber to import your libraries for your
environment, make sure you run it with
--dry first, and that you're sure
you understand what it's going to do.
A list of the Perl modules required is at the top of the script; they're all reasonably standard, and are probably on your system already.
Run with one or more binaries as parameters and no other options,
ldd over each, converge the list of libraries used by all of them,
and print them to
# clubber /usr/bin/php
Run with the
--chroot=PATH option, pointing to an existing directory intended
as the root of a
clubber will instead create required library
paths if they do not exist and copy the libraries into that environment if they
do not yet exist, or if they differ from the host system libraries.
# clubber --chroot=/chroot/apache /usr/bin/php
Run with both the
clubber will perform a
"dry run" of the
chroot library import, writing a summary of what it would do
# clubber --chroot=/chroot/apache --dry /usr/bin/php
This only works for compile-time dynamic linking that
ldd understands. Any
files a program might require to run that
ldd wouldn't tell you about won't
get imported. A good example might be
It's also up to you to make sure that the library paths that your program uses
chroot will enable it to actually find all these libraries you're
importing from the host system directories.