我設定chroot為我的專案資料夾~/workspace/apollo.0建立一個安全 JAIL。
運行chroot命令後,會在我的專案資料夾中建立假根檔案系統,使其成為安全 JAIL。
要分析我的專案資料夾中的每個子資料夾,
情況1: 透過退出從chroot運行下面的命令,
overexchange@ab111@~/workspace/apollo.0>mountpoint /proc; printf "$?\n"
/proc is a mountpoint
0
overexchange@ab111@~/workspace/apollo.0>mountpoint proc/; printf "$?\n"
proc/ is not a mountpoint
1
overexchange@ab111@~/workspace/apollo.0>
當我退出時chroot,/proc位於proc實際的根檔案系統中。proc/位於proc我的專案資料夾中(假根檔案系統~/workspace/apollo.0)。ls /proc被理解了。
案例2: 透過不退出從chroot,運行以下命令,
overexchange@ab111@~/workspace/apollo.0>mountpoint /proc; printf "$?\n"
/proc is a mountpoint
0
overexchange@ab111@~/workspace/apollo.0>mountpoint proc/; printf "$?\n"
proc/ is not a mountpoint
1
overexchange@ab111@~/workspace/apollo.0>
在 中chroot,不要被顯示我的資料夾路徑而不是 的提示所迷惑%,因為這部分是自訂的。
在chroot,以下是訊息
overexchange@ab111@~/workspace/apollo.0>mount
/dev/md125 on / type ext4 (rw,relatime,data=writeback)
none on /dev type tmpfs (rw,relatime)
tmpfs on /var/run/netns type tmpfs (rw,relatime)
devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620,ptmxmode=000)
/dev/md125 on /home/abcdef type ext4 (rw,relatime,data=writeback)
/dev/md125 on /home/overexchange type ext4 (rw,relatime,data=writeback)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
/dev/md125 on /tmp/.X11-unix type ext4 (rw,relatime,data=writeback)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
overexchange@ab111@~/workspace/apollo.0>cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/md125 / ext4 rw,relatime,data=writeback 0 0
none /dev tmpfs rw,relatime 0 0
tmpfs /var/run/netns tmpfs rw,relatime 0 0
devpts /dev/pts devpts rw,relatime,gid=5,mode=620,ptmxmode=000 0 0
/dev/md125 /home/abcdef ext4 rw,relatime,data=writeback 0 0
/dev/md125 /home/overexchange ext4 rw,relatime,data=writeback 0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
/dev/md125 /tmp/.X11-unix ext4 rw,relatime,data=writeback 0 0
tmpfs /sys/fs/cgroup tmpfs rw,nosuid,nodev,noexec,mode=755 0 0
cgroup /sys/fs/cgroup/cpuset cgroup rw,nosuid,nodev,noexec,relatime,cpuset 0 0
cgroup /sys/fs/cgroup/cpu,cpuacct cgroup rw,nosuid,nodev,noexec,relatime,cpu,cpuacct 0 0
cgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 0 0
cgroup /sys/fs/cgroup/devices cgroup rw,nosuid,nodev,noexec,relatime,devices 0 0
cgroup /sys/fs/cgroup/freezer cgroup rw,nosuid,nodev,noexec,relatime,freezer 0 0
cgroup /sys/fs/cgroup/blkio cgroup rw,nosuid,nodev,noexec,relatime,blkio 0 0
overexchange@ab111@~/workspace/apollo.0>
就第二種情況,我不明白兩點,
1)/proc兩者proc/都是~/workspace/apollo.0,但/proc與 不同的是顯示為掛載點proc/。
2)ls /proc顯示進程詳細信息,但ls proc不顯示進程詳細資訊。
我怎麼理解這一點?