Difference between revisions of "Chroot32Luxtrust"

From LiluxWiki
Jump to navigationJump to search
(→‎Setting up the 32 bit environment: Create pcscd directory)
(→‎Setting up the host system: More user-friendly shell)
Line 8: Line 8:
 
  apt-get install pcscd
 
  apt-get install pcscd
 
  apt-get install schroot
 
  apt-get install schroot
  useradd -m user32
+
  useradd -s /bin/bash -m user32
 
</code>
 
</code>
  

Revision as of 17:44, 27 March 2010

This wiki page describes how to set up a 32 bit chroot'ed environment for running Luxtrust on a 64 bit system.

Setting up the host system

Install the needed packages:

apt-get install pcscd
apt-get install schroot
useradd -s /bin/bash -m user32

Edit /etc/schroot/schroot.conf , adding the following paragraph:

[lucid32]
description=32 bit Lucid
location=/chroot32/
priority=3
users=user32
aliases=32
persona=linux32

Setting up fstab

Add the following to your /etc/fstab:

/home   /chroot32/home      none    bind    0       0
/tmp    /chroot32/tmp       none    bind    0       0
/proc   /chroot32/proc      none    bind    0       0
/var/run/pcscd  /chroot32/var/run/pcscd     none    user,noauto,bind       0       0

Execute mount -a

Setting up the 32 bit environment

mkdir /chroot32
debootstrap --arch i386 lucid /chroot32/ http://archive.ubuntu.com/ubuntu
egrep '^user32:' /etc/passwd >>/chroot32/etc/passwd
egrep '^user32:' /etc/shadow >>/chroot32/etc/shadow
mount -a
schroot -pc 32
for i in universe multiverse ; do
  echo deb http://archive.ubuntu.com/ubuntu lucid $i >>/etc/apt/sources.list
done
apt-get update
apt-get install firefox openjdk-6-jdk icedtea6-plugin libpcsclite1 wget
wget https://www.luxtrust.lu/cmsContent/File/middleware/libgemsafe0_5.1.0-02_i386_v2.deb
dpkg -i libgemsafe0_5.1.0-02_i386_v2.deb
mkdir /var/run/pcscd

Script to clean up Gemalto's IPC resources

Often, when there is some problem (signing stick not found, pcscd not running, ...), the Gemalto software does not properly clean up its IPC (InterProcess communication) resources, and these then get into the way of a further attempt.

The following script may help here. Theoretically this could even be useful on a 32 bit system. Just put it into /usr/local/bin/resetLuxtrust.sh and make it executable.

#!/bin/sh

for i in 0x114d7529 0x35333724 \
   0x51207419 0x47383622 0x62354216 0x5f54286b ; do
   ipcrm -S $i
done >/dev/null 2>/dev/null

for i in 0x686a5061 0x0b2a4900 0x09174017  ; do ipcrm -M $i ; done  >/dev/null 2>/dev/null
for i in 0x7b6c2d35 0x1447313d 0x0b242706  ; do ipcrm -M $i ; done  >/dev/null 2>/dev/null

Running firefox in 32 bits

  • Log in a user32 (using ssh -X user32@localhost)
  • mount /chroot32/var/run/pcscd (Mounting this cannot be done automatically at boot, because the /var/run/pcscd directory is not yet available when boot-time fstab processing happens)
  • /usr/local/bin/resetLuxtrust.sh
  • Start firefox in the chroot: schroot -pc 32 firefox