xbps-uchroot —
XBPS utility to chroot and bind mount with Linux
namespaces
xbps-uchroot |
[ OPTIONS ]
CHROOTDIR
COMMAND [ARGS ] |
The
xbps-uchroot utility allows users to
chroot and bind mount required pseudo-filesystems (/dev, /proc and /sys) in
the target
CHROOTDIR to execute
COMMAND. The
xbps-uchroot utility uses by default Linux
namespaces to isolate IPC, PIDs and mounts to the calling process. If running
in a OpenVZ container, these namespace features are simply disabled.
-
-
-b
src:dest- Bind mounts src into
CHROOTDIR/dest. This option may be
specified multiple times. Please note that both
src and
dest must be absolute paths and must
exist.
-
-
-O- Setups a temporary directory and then creates an overlay layer (via
overlayfs) with the lowerdir set to CHROOTDIR. Useful to create a
temporary tree that does not preserve changes in CHROOTDIR.
-
-
-o
opts- Arguments passed to the tmpfs mount, if the
-O and
-t options are specified. This expects
the same arguments that are accepted as options in tmpfs, as explained in
mount(1).
-
-
-t- This makes the temporary directory to be mounted in tmpfs, so that
everything is stored in RAM. Note that this is only useful if used with
the
-O option (overlayfs).
The
xbps-uchroot executable must be setgid to
function properly and shall only be executable by a specific group to avoid
security issues (4750).
The
xbps-uchroot utility uses Linux specific
features (namespaces) and it's not meant to be portable to other Operating
Systems. The following kernel options must be enabled:
- CONFIG_NAMESPACES
-
- CONFIG_IPC_NS
-
- CONFIG_PID_NS
-
- CONFIG_UTS_NS
-
- CONFIG_OVERLAY_FS
-
xbps-checkvers(1),
xbps-create(1),
xbps-dgraph(1),
xbps-fbulk(1),
xbps-install(1),
xbps-pkgdb(1),
xbps-query(1),
xbps-reconfigure(1),
xbps-rindex(1),
xbps-uunshare(1),
xbps.d(5)
Juan Romero Pardines
<xtraeme@gmail.com>
Probably, but I try to make this not happen. Use it under your own
responsibility and enjoy your life.
Report bugs at https://github.com/voidlinux/xbps/issues