Devs on Acid

How to create a minimal debian rootfs

20 Nov 2021 05:09 UTC

Because Ubuntu has removed support for the i386 arch, I was exploring to use a Debian rootfs in order to install wine for temporary usage (wine doesn't work well with musl libc because it depends on non-portable glibc dlclose() semantics) and last time I tried to compile it it was a huge shitfest. If I was to use a 64-bit Ubuntu rootfs for this, I'd have to install many libs that are already installed for 64bit in a 32bit version, i.e. double- bloat.

Debian, unlike Ubuntu, doesn't ship a minimal base rootfs. However, one can quite easily create his own using the debootstrap tool, which consists of a single portable shell script and a directory with some shared data.

1) acquire debootstrap.

2) run the following command as root in your host distro:

DEBOOTSTRAP_DIR=XXX/usr/share/debootstrap/ XXX/usr/sbin/debootstrap --arch=i386 --variant=minbase sid DIRECTORY

where XXX is the prefix you installed deboot and DIRECTORY where stuff is being installed to. The resulting rootfs will be around 220MB in size. Output from the above command

3) trim the fat part1, installation leftovers:

rm DIRECTORY/var/cache/apt/archives/*.deb
rm DIRECTORY/var/cache/apt/*cache.bin
rm DIRECTORY/var/cache/debconf/*.dat-old
rm -rf DIRECTORY/var/lib/apt/lists/*

4) trim the fat part2, unneeded documentation and translation:

rm -rf DIRECTORY/usr/share/doc/*
rm -rf DIRECTORY/usr/share/locale/*
rm -rf DIRECTORY/usr/share/man/*

Now your rootfs is tidied up and should be around 90MB.

6) edit DIRECTORY/etc/dpkg/dpkg.cfg and add the following 3 lines:


this will prevent future package installs to install unneeded things.

I have manually diffed the contents of ubuntu-base rootfs and the one created using these instructions (by looking at /var/lib/dpkg/status), and the following packages are only in the debian rootfs:

gcc-11-base gcc-9-base libcap2 libext2fs2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libnsl2 libssl1.1 libtirpc-common libtirpc3 libxxhash0 tzdata.

(full comparison)

These might not actually be needed and you may want to try to remove these on first usage of the rootfs and see whether something breaks. At least removing tzdata seems to be safe.

Prepping the rootfs for chroot use

In order to use the rootfs with a tool like bubblewrap, the following additional steps are necessary:

process is documented here. In case of a i386 rootfs at the time of this writing, you gotta replace e81decfeff8d93782400008dbb7424000085c00f94c0 with e81decfeff8d93782400008dbb7424000031c0909090 in the /usr/bin/tar binary using a hexeditor (recommended: hexedit).

If you have chown-related problems installing a specific program with apt, use my tool idfake (link in the above article).