Difference between revisions of "Chroot32Luxtrust"

From LiluxWiki
Jump to navigationJump to search
(New page: This wiki page describes how to set up a 32 bit chroot'ed environment for running Luxtrust on a 64 bit system. == Setting up the host system == Install the needed packages: <code> apt-...)
 
Line 7: Line 7:
 
<code>
 
<code>
 
  apt-get install pcscd
 
  apt-get install pcscd
  apt-get install chroot
+
  apt-get install schroot
 
  useradd -m user32
 
  useradd -m user32
 
</code>
 
</code>

Revision as of 17:15, 27 March 2010

This wiki page describes how to set up a 32 bit chroot'ed environment for running Luxtrust on a 64 bit system.

Setting up the host system

Install the needed packages:

apt-get install pcscd
apt-get install schroot
useradd -m user32

Edit /etc/schroot/schroot.conf , adding the following paragraph:

[lucid32]
description=32 bit Lucid
location=/chroot32/
priority=3
users=user32
aliases=32
persona=linux32

== Setting up fstab

Add the following to your /etc/fstab:

/home   /chroot32/home      none    bind    0       0
/tmp    /chroot32/tmp       none    bind    0       0
/proc   /chroot32/proc      none    bind    0       0
/var/run/pcscd  /chroot32/var/run/pcscd     none    user,noauto,bind       0       0

Execute mount -a

Setting up the 32 bit environment

mkdir /chroot32
debootstrap --arch i386 lucid /chroot32/ http://archive.ubuntu.com/ubuntu
egrep '^(root|user32):' /etc/passwd >>/chroot32/etc/passwd
egrep '^(root|user32):' /etc/shadow >>/chroot32/etc/shadow
mount -o bind /proc /chroot32/proc
schroot -pc 32
apt-get install firefox
apt-get install sun-java6-plugin
dpkg -i libgemsafe0_5.1.0-02_i386_v2.deb

Script to clean up Gemalto's IPC resources

Often, when there is some problem (signing stick not found, pcscd not running, ...), the Gemalto software does not properly clean up its IPC (InterProcess communication) resources, and these then get into the way of a further attempt.

The following script may help here. Theoretically this could even be useful on a 32 bit system. Just put it into /usr/local/bin/resetLuxtrust.sh and make it executable.

#!/bin/sh

for i in 0x114d7529 0x35333724 \
   0x51207419 0x47383622 0x62354216 0x5f54286b ; do
   ipcrm -S $i
done >/dev/null 2>/dev/null

for i in 0x686a5061 0x0b2a4900 0x09174017  ; do ipcrm -M $i ; done  >/dev/null 2>/dev/null
for i in 0x7b6c2d35 0x1447313d 0x0b242706  ; do ipcrm -M $i ; done  >/dev/null 2>/dev/null

Running firefox in 32 bits

  • Log in a user32 (using ssh -X user32@localhost)
  • mount /chroot32/var/run/pcscd (Mounting this cannot be done automatically at boot, because the /var/run/pcscd directory is not yet available when boot-time fstab processing happens)
  • /usr/local/bin/resetLuxtrust.sh
  • Start firefox in the chroot: schroot -pc 32 firefox