A chroot environment doesn't make you anonymous -- it just helps sandbox your applications. To protect your anonymity you'll want to prevent your browser from setting cookies, and use a proxy via an ssh tunnel to encrypt your traffic and hide your true IP address. There's no silver bullet for these things.
I've chroot:d things in the past when compiling 32 bit applications on 64 bit machines, but for this guide I'm leaning heavily on this post: https://help.ubuntu.com/community/BasicChroot
sudo apt-get install coreutils debootstrap
Time to get rocking. Be aware that you should have a bit of free space on your target drive.
sudo debootstrap --variant=buildd --arch amd64 wheezy /media/chroot/ http://ftp.au.debian.org/debian/
which gets stuff underway:
I: Retrieving InReleaseI: Checking Release signatureI: Valid Release signature (key id 9FED2BCBDCD29CDF762678CBAED4B06F473041FA)I: Retrieving PackagesI: Validating PackagesI: Resolving dependencies of required packages...I: Resolving dependencies of base packages...I: Found additional required dependencies: insserv libbz2-1.0 libdb5.1 libsemanage-common libsemanage1 libslang2 libustr-1.0-1 multiarch-support I: Found additional base dependencies: binutils bzip2 cpp cpp-4.7 debian-archive-keyring dpkg-dev g++ g++-4.7 gcc gcc-4.7 gnupg gpgv libapt-pkg4.12 libc-dev-bin libc6-dev libclass-isa-perl libdpkg-perl libgdbm3 libgmp10 libgomp1 libitm1 libmpc2 libmpfr4 libquadmath0 libreadline6 libstdc++6 libstdc++6-4.7-dev libswitch-perl libtimedate-perl libusb-0.1-4 linux-libc-dev make patch perl perl-modules readline-common I: Checking component main on http://ftp.au.debian.org/debian...I: Retrieving libacl1I: Validating libacl1I: Retrieving apt[..]I: Configuring dpkg-dev...I: Configuring build-essential...I: Base system installed successfully.
So far, so good.
Create a shell script, e.g. chroot.sh, with the following in it:
xhost +
sudo mount -o bind /proc /media/chroot/procsudo cp /etc/resolv.conf /media/chroot/etc/resolv.confsudo chroot /media/chroot
Run it everytime you want to enter you chroot environment:
sh chroot.sh
In the chroot shell, install e.g. vim (apt-get install vim) and then edit /etc/bash.bashrc and put the following at the end:
export DISPLAY=:0.0Next, install iceweasel:
root@beryllium:/# apt-get install iceweaselReading package lists... DoneBuilding dependency tree... DoneThe following extra packages will be installed:[..]Need to get 65.2 MB of archives.After this operation, 219 MB of additional disk space will be used.Do you want to continue [Y/n]? Y[..]Install these packages without verification [y/N]?Y
After the installation has completed, create a normal user
root@beryllium:/# adduser sandboxperl: warning: Setting locale failed.perl: warning: Please check that your locale settings: LANGUAGE = (unset), LC_ALL = (unset), LANG = "en_GB" are supported and installed on your system.perl: warning: Falling back to the standard locale ("C").Adding user `sandbox' ...Adding new group `sandbox' (1000) ...Adding new user `sandbox' (1000) with group `sandbox' ...Creating home directory `/home/sandbox' ...Copying files from `/etc/skel' ...Enter new UNIX password: Retype new UNIX password: passwd: password updated successfullyChanging the user information for sandboxEnter the new value, or press ENTER for the default Full Name []: sandboxee Room Number []: Work Phone []: Home Phone []: Other []: Is the information correct? [Y/n] Yroot@beryllium:/# su sandboxLaunch iceweasel/firefox:
sandbox@beryllium:/$ firefox
And you're pretty much done.You can sort out the locale warning:
root@beryllium:/# apt-get install localesroot@beryllium:/# dpkg-reconfigure locales
Next time you want to launch a sandboxed version of firefox just do:
me@beryllium:~$ sh chroot.sh access control disabled, clients can connect from any hostroot@beryllium:/# su sandboxsandbox@beryllium:/$ firefox
Hiç yorum yok:
Yorum Gönder