NAME¶
linux-user-chroot - safely allow normal users to chroot
SYNOPSIS¶
linux-user-chroot [
--unshare-ipc] [
--unshare-pid]
[
--unshare-net] [
--mount-proc DIR]
[
--mount-readonly DIR] [
--mount-bind SOURCE
DEST] [
--chdir DIR] ROOTDIR
PROGRAM ARGS...
DESCRIPTION¶
linux-user-chroot is a tool meant for building software in a clean
environment. The user needs to create a directory tree with the build
dependencies needed, and only those, and then
linux-user-chroot runs
the actual build commands such that the commands only see the directory tree.
This is useful for ensuring the build gets the right version of its build
dependencies, for example.
linux-user-chroot works similary to
chroot(8), but does not
require the caller to have root privileges. It uses Linux containers to
restrict the chroot to make this safe. The command run inside the chroot is
run as the calling user, not as root.
linux-user-chroot executes a command, and sets the root directory for the
command to the directory specified by the user (
ROOTDIR). Additionally,
it creates a "nosuid" bind mount over the root filesystem, to
prevent the build from gaining privileges using setuid binaries. The command
can further be restricted from accessing the network, and it can be set up
with new process ID and SysV IPC namespaces.
OPTIONS¶
- --unshare-ipc
- Create a new SysV IPC namespace for the command.
- --unshare-pid
- Create a new process ID (PID) namespace for the command. This prevents the
command from seeing any other processes in the system, except itself and
the processes it itself creates.
- --unshare-net
- Create a new, empty networking stack. This prevents the command from using
any networking, including loopback.
- --mount-proc DIR
- Mount the proc filesystem at DIR.
- --mount-readonly DIR
- Make DIR be read-only for the command.
- --mount-bind SOURCE DEST
- Add a bind mount while the command is executing.
- --chdir DIR
- After setting the new root directory for the command, change the current
working directory to be DIR.
EXIT STATUS¶
The exit status is the exit status of the executed command, or 1 if
linux-user-chroot failed to execute the command.
EXAMPLE¶
To build software in the real system, but without networking:
-
linux-user-chroot --unshare-net --chdir "$(pwd)"
make clean all check
SEE ALSO¶
chroot(8).