From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 6736062139219312640
X-Received: by 2002:a7b:c412:: with SMTP id k18mr2656784wmi.149.1568711695997;
        Tue, 17 Sep 2019 02:14:55 -0700 (PDT)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a5d:526c:: with SMTP id l12ls738749wrc.12.gmail; Tue, 17 Sep
 2019 02:14:55 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxnPbuk0tn0ESOdqd9j9+KvW4mC0/vN6JDPHRiCpJMZnYKvYY+frWCPx1dvy/IBzMobf6P/
X-Received: by 2002:adf:ef49:: with SMTP id c9mr2122759wrp.122.1568711695460;
        Tue, 17 Sep 2019 02:14:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1568711695; cv=none;
        d=google.com; s=arc-20160816;
        b=I5Lc+Bsju+mQYnuGTJ4/XmfYOtngdG9bAahSmgQkncHq0Iy4egFZKbvCnriO2J1F3i
         E2vN/+CZ2V2DhPmRSd0jVkenFk4WRFYG2x7d+3TRKXCMGfsyo89Ol1g71fqlESWyY1sF
         wV99136re1oyf6Jt2nFJMMjm686xuUN0OjNDY9XUlc/DbKcfCCIlE5x08qWst460aWhD
         QtT2HTeu13KJSqGlzkZbgYEOHKOwy3iOOL/PqGNg9PS9+dMOhPqWyT75LlgaMqeZi/FH
         D7+ydQTaQiaCZCcFGpuzD/QVAMkorl8eY5VpkANE7peQYKIGOYRStgcrtzcAW1E/7Bm9
         +N3A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:subject:cc:to:from:date;
        bh=fyRx2Tdi8y8jfJfDngjw83H/G7rH5E0O7utGwpnFysA=;
        b=xDr8qq2M2ic/7r99S+MfFGNjBLj/jOMk9FpcoBDlRfSajcueOKg6vwugLamKy7DiDK
         dzShQqoLzW0+6RgAfJIuQ77GTHL6mwO3SPX15xLgngVlDpsqXotWynj8zi7cFdWz73+p
         nKdZpfNRJyA5O9Svpq47ujaJj9X+7IJyO42pWw4Txtyi86AsObnXRJcj0bddqw5r+Hum
         N/B7LFl3t8kiqfYcyPo6lGrjt2pSSNysQZ/9j44w8C99Xm6Y9ZWqCXcef8lP8fiB9+nZ
         QllianlntcKxI5VEXtrFkFXaoSZLA77vKLRqh2bQZkLLwJkTYVvqdT59PeNmSYVYrx78
         wZBg==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Return-Path: <henning.schild@siemens.com>
Received: from thoth.sbs.de (thoth.sbs.de. [192.35.17.2])
        by gmr-mx.google.com with ESMTPS id n22si88441wmh.3.2019.09.17.02.14.55
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Tue, 17 Sep 2019 02:14:55 -0700 (PDT)
Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) client-ip=192.35.17.2;
Authentication-Results: gmr-mx.google.com;
       spf=pass (google.com: domain of henning.schild@siemens.com designates 192.35.17.2 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Received: from mail2.sbs.de (mail2.sbs.de [192.129.41.66])
	by thoth.sbs.de (8.15.2/8.15.2) with ESMTPS id x8H9EtUD029560
	(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK)
	for <isar-users@googlegroups.com>; Tue, 17 Sep 2019 11:14:55 +0200
Received: from md1za8fc.ad001.siemens.net ([139.25.68.240])
	by mail2.sbs.de (8.15.2/8.15.2) with ESMTP id x8H9Et1l020309;
	Tue, 17 Sep 2019 11:14:55 +0200
Date: Tue, 17 Sep 2019 11:14:54 +0200
From: Henning Schild <henning.schild@siemens.com>
To: "[ext] Jan Kiszka" <jan.kiszka@siemens.com>
Cc: <isar-users@googlegroups.com>
Subject: Re: fakechroot
Message-ID: <20190917111454.0698c4c2@md1za8fc.ad001.siemens.net>
In-Reply-To: <9f5a0a84-fb22-5371-a7a8-d42c28b26da5@siemens.com>
References: <87486b31-2560-1b78-6d7e-86bf10fc306f@siemens.com>
	<20190913081406.GJ6062@yssyq.m.ilbers.de>
	<8db6f5f1-8a36-768c-1b5d-0a0a3df866fb@siemens.com>
	<20190913093317.GL6062@yssyq.m.ilbers.de>
	<9f5a0a84-fb22-5371-a7a8-d42c28b26da5@siemens.com>
X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-TUID: rHf5ufVG6UBg

Am Fri, 13 Sep 2019 11:41:52 +0200
schrieb "[ext] Jan Kiszka" <jan.kiszka@siemens.com>:

> On 13.09.19 11:33, Baurzhan Ismagulov wrote:
> > On Fri, Sep 13, 2019 at 11:08:21AM +0200, Quirin Gylstorff wrote:  
> >> This was only an initial test but with fakechroot and fakeroot it
> >> should be possible to have a non-priviledged debootstrap and
> >> chroot process.
> >>
> >> - Initial Creating with debootstrap did work. e.g.:
> >>    fakechroot fakeroot debootstrap buster amd64
> >> - what also work was using chroot to enter the create rootfs.
> >>    fakechroot chroot amd64  
> > 
> > Thanks for sharing. That could be a welcome change.
> > 
> > 1. How does fakechroot fakeroot perform privileged operations like
> > chown, mknod, accessing other's files, mounting, etc.?
> > 
> >     We need that information to be consistent across multiple
> > commands in multiple recipes (bootstrap, customize, install stuff,
> > deploy, etc.). Wrapping one command is probably possible with any
> > tool -- but currently I don't see how they could do what we need.
> > 
> >     Regarding keeping the information across multiple commands,
> > Yocto's pseudo should allegedly be able to do that (not sure
> > whether it keeps the state in a daemon or a file). Evaluating that
> > was our next step (very low prio ATM) -- maybe that could be
> > interesting for you as well.
> > 
> > 2. fakechroot fakeroot is reported to work with foreign-arch
> > chroots. Have you tried that?
> >   
> 
> Note that we can't use fakeroot for most package builds because
> Debian use it as well, and nesting is not supported.

Are you sure that is an issue, did you try? Most fakeroot aware tools
will detect that they are already running in fakeroot and will not try
to nest.

Henning

> Jan
>