Check out a free preview of the full Complete Intro to Containers (feat. Docker) course:
The "chroot Solution" Lesson is part of the full, Complete Intro to Containers (feat. Docker) course featured in this preview video. Here's what you'd learn in this lesson:

Brian live codes the solution to the chroot exercise.

Get Unlimited Access Now

Transcript from the "chroot Solution" Lesson

>> So I'm gonna type exit to get out of this. So now I'm back in my normal environment, and then the first thing I'm gonna do is I'm gonna say ldd/bin/cat. You can ignore this one. It has this one and this one. And I'm actually pretty sure that we already copied both of these.

[00:00:22] So if I go into my new root ls lib, it's asking for which is here. And if I do lib64, it has for so.2, it does. So we actually don't have to copy anything. They're already there. So the only thing I have to do now is I have to copy from /bin/cat into bin.

[00:00:50] And so now if I look inside of bin, you can see here I have cat as well. So now if I do change root bin per size, bash like that, to go back into my jailed process. I can see, I type ls, that works and now if I type cat secret.txt, it tells you my secret soda recipe.

>> So then, it has the binaries that you need to each copy over, got it. And then it will use the libraries that you copied.
>> Exactly, because it cannot reach outside of the jailed process to be able to reach the other binaries. It's totally locked off. So anything that you don't put in here doesn't get put in there at all.

>> So when you run LDD and it kind of lists the different requirements, why were we able to ignore the first one again?
>> I will tell you, so if I do l bin cat, so you can see this one right here?
>> Mm-hm.
>> If you're asking for the actual reason of why we can't ignore it, I don't actually know, to be honest with you.

[00:01:54] I just know that if it doesn't give you a fully qualified path like it does like this, then you're free to ignore it.
>> Cool.