I would like to install some programs on my work development server because it is missing some programs I need for my day to day job. I don't have root access. What I did up to now is compiling the software I needs with option --prefix=/path/to/local/root. I then created a script that looks like that: #!/bin/sh export LOCAL_PATH="/path/to/local/root" export LD_LIBRARY_PATH="$LOCAL_PATH/lib:$LOCAL_PATH/lib64:$LOCAL_PATH/lib64:$LD_LIBRARY_PATH" binary=$(basename $0) $LOCAL_PATH/bin/$binary "$@" Then, if I create symlink to this program with the right name, it will run the local version. However, I have some issues: - The install folder might move from time to time. It happened recently and I had to reinstall everything - Some programs use libtool, which ignores the LD_LIBRARY_PATH when it finds a library in /usr/lib (which in my case was outdated) - The programs are hard to maintain or update For the first two problems, it seems that creating a chroot would solve the problem. Would fakechroot help in that case ? Will my script still work ? Also, the last issue makes me think about switching to a package manager. I was thinking about portage (from Gentoo, which I use at home), but maybe there are some more suited for my needs. Any suggestion? Maybe a lightweight Linux distribution ? Finally, do I need to symlink /local/lib and /local/lib64 together ?

I am trying to set up a foreign chroot in a docker container. Excerpt from the script: apt-get -y install debootstrap fakechroot fakeroot qemu-user-static binfmt-support mkdir -p $CROSS_ROOT fakechroot fakeroot -s .fakeroot.state debootstrap --variant=fakechroot --include=fakeroot,build-essential,ca-certificates,debian-archive-keyring,git,sudo --arch=${CROSS_ARCH} --foreign ${CROSS_RELEASE} $CROSS_ROOT $CROSS_MIRROR mkdir -p $CROSS_ROOT/usr/bin ln /usr/bin/qemu-*-static $CROSS_ROOT/usr/bin/ fakechroot fakeroot -i .fakeroot.state -s .fakeroot.state chroot $CROSS_ROOT /debootstrap/debootstrap --second-stage For Debian buster/armhf, the last line fails with the following error message: /lib/ld-linux-armhf.so.3: No such file or directory However, when I insert ls -la $CROSS_ROOT/lib/ld-linux-* before the last line, the library file is found: lrwxrwxrwx 1 root root 30 Mar 15 2022 /opt/chroot/armhf/lib/ld-linux-armhf.so.3 -> arm-linux-gnueabihf/ld-2.28.so The link target also exists: -rwxr-xr-x 1 root root 105840 Mar 15 2022 /opt/chroot/armhf/lib/arm-linux-gnueabihf/ld-2.28.so So the library is definitely where it should be. What is wrong here, and what can I do about it?

I have created a root jail containing rpm and yum (centos 7.5) to install some software on the original system. Workflow - * Mount sys, proc, dev to the root jail * Mount root of the original system "/" to the jail. This is important since I use the root jail to actually install software on the base system * Mount sys, proc, dev of the original system inside the root of the original system in the rootJail e.g. mount /proc /rootJail/originalRoot/proc which is needed for some software being installed * enter root jail, install software, exit root jail * unmount sys, proc, dev from the root jail * umount sys, proc, dev from the original system inside the root jail * unmount the original systems root from the root jail (this is where it fails) > umount: /rootJail/originalRoot: target is busy. (In some cases useful info about processes that use the device is found by lsof(8) or fuser(1)) So I can basically unmount everything except the root of the original system itself. I need to to that in order to remove the root jail which is mandatory. The Problem is, that lots of processes being started after installation of the software inside the root jail. That's why it tells me that the target is busy. Killing all these is processes is not possible since this also kills the system. It seems like these processes are bound to the rootJail instead of the real System even when the installation path is correct. Also, after a reboot everything is working perfectly (Worst case: remove the folder here) I already tried to do a lazy unmount which basically works. I can remove the rootJail and it does not seem to harm the original system which was mounted inside My question is: is this safe to do? or are there any other solutions of how to unmount that folder?

I would like to know how I can constraint a user to only be able to access and have RWX permissions to directories like /etc/httpd, /etc/php and /var/www/html as well as its own home directory. Also I would like to be able to constraint this user to be able to only star/stop/restart apache service. All I could think of is chroot, but I have just done that with one directory. Any ideas?

I want to use a chroot approach when building executables in MacOS, for having great control of the files and libraries they use. Ideally maybe chroot would be enough (and it is available in MacOS), but, first of all I think it requires the user to be root when running it, and second, I looked at the functionality offered by fakechroot and it looks more interesting than chroot for my purposes (however, fakechroot is not ported to MacOS). In particular, fakechroot looks like the way I want to follow, because it replaces functions such as open() and by replacing open() I could have a great degree of control on the "virtual environment" that I create for the executables. For example, instead of copying required system libs in the chroot tree, my patched open() could provide access to only the libraries I wish the executable to use. Is there something like this already available for MacOS? Or do I need to write it myself?

I want to do primitive 'virtualization' of my RHEL environment. This comes out of the fact that I have to run a couple of binaries with hardcored paths pointing to eg. /etc/conf directory. There is a couple of different binaries that actually need different, conflicting configuration placed in the same dir. So I want to run application A that reads conf from /etc/conf and I want to run application B that reads conf from /mnt/etc/conf but actually "believes" that it is reading from /etc/conf by providing a script that "changes" the current / dir location to /mnt. I've head that for this kind of ops you can do with fakechroot, but it is not available any more. Is that correct? Is there any better way to provide this functionality?

So I am trying to bootstrap a Ubuntu as unprivileged user on Ubuntu. The little script I am using is: #!/usr/bin/env bash DEBARCHIVE_URL="http://localhost:3142/de.archive.ubuntu.com/ubuntu/" LANG=en_US.UTF-8 \ fakeroot-ng -f -l"$(pwd)/fakeroot-ng.log" -p"$(pwd)/fakeroot-ng.state" \ fakechroot \ debootstrap \ --keep-debootstrap-dir \ --exclude=dhcp3-common,dhcp3-client,laptop-detect,tasksel,tasksel-data \ --variant=fakechroot \ --arch=amd64 \ $(lsb_release -sc) "${1:-$(pwd)/build_chroot}" ${DEBARCHIVE_URL} The gist is, that debootstrap hangs at the following operation: I: Configuring makedev... In htop (but not in pstree) I can see that the blocking command is: mknod mem- c 1 1 invoked by: /bin/sh - /sbin/MAKEDEV std consoleonly fd invoked by: /bin/sh -e /var/lib/dpkg/info/makedev.postinst configure which itself is invoked by dpkg. Summary (in order of invocation): /bin/sh -e /var/lib/dpkg/info/makedev.postinst configure /bin/sh - /sbin/MAKEDEV std consoleonly fd mknod mem- c 1 1 This is flabbergasting, since I am giving --variant=fakechroot and therefore should expect to have no trouble with potentially privileged commands. What am I doing wrong or how else would I go about bootstrapping a chroot environment for later use with fakeroot fakechroot chroot ...? ---------- Here's the relevant tail of the fakeroot log file: 4937: Called mknod(NONE) mknod: 4937 tried to create character device, turn to regular file mknod: 4937 mode 401 4502: Calling syscall 5 redirected from open 4937: Called mknod(RETURN) mknod: 4937 call failed with error Permission denied 4502: Called syscall 5, redirected from open open: 4502 map for dev 5 inode 1029 already exists - doing nothing process 4937 orig_sc=133 actual sc=79 state=RETURN