On 6/12/19 1:07 PM, Miroslav Suchý wrote:
Dne 10. 06. 19 v 13:39 Panu Matilainen napsal(a):
More info and details available in the preliminary release notes at https://rpm.org/wiki/Releases/4.15.0 and the change
page linked at the start of this message.
Where can I read more about this:
> Add support for rootless chroot-operations on Linux (experimental)
?
There's not a whole lot to write about, it just means that operations
which require chroot() now more or less work for regular users by the
way of user namespaces.
That more-or-less is part of the reason for the experimental status, as
due to the way the user namespace switch is hidden inside rpm's chroot()
helpers, it can't fork which would be required (AIUI) to properly set up
the uid/gid mappings inside the namespace. So while you can now install
into a chroot as a regular user, any files not owned by root (or
yourself) will fail, so its not as useful as it seems initially:
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[pmatilai🎩︎sopuli ~]$ rpm -Uvh --root ~/testroot mft/f28-bash.mft
warning: /mnt/Packages/b/bash-4.4.19-2.fc28.x86_64.rpm: Header V3
RSA/SHA256 Signature, key ID 9db62fb1: NOKEY
Verifying... #################################
[100%]
Preparing... #################################
[100%]
Updating / installing...
1:fedora-gpg-keys-28-1 #################################
[ 6%]
2:fedora-repos-28-1 #################################
[ 13%]
3:fedora-release-28-1 #################################
[ 19%]
4:setup-2.11.3-1.fc28 #################################
[ 25%]
5:filesystem-3.8-2.fc28 #################################
[ 31%]
error: unpacking of archive failed on file /var/spool/mail: cpio: chown
failed - No such file or directory
error: filesystem-3.8-2.fc28.x86_64: install failed
6:basesystem-11-5.fc28 #################################
[ 38%]
7:tzdata-2018d-1.fc28 #################################
[ 44%]
8:ncurses-base-6.1-4.20180224.fc28 #################################
[ 50%]
9:pcre2-10.31-4.fc28 #################################
[ 56%]
10:libselinux-2.7-13.fc28 #################################
[ 63%]
11:ncurses-libs-6.1-4.20180224.fc28 #################################
[ 69%]
12:glibc-langpack-en-2.27-8.fc28 #################################
[ 75%]
13:glibc-common-2.27-8.fc28 #################################
[ 81%]
14:glibc-2.27-8.fc28 #################################
[ 88%]
15:bash-4.4.19-2.fc28 #################################
[ 94%]
16:libsepol-2.7-6.fc28 #################################
[100%]
[pmatilai🎩︎sopuli ~]$ rpm -Va --root ~/testroot
Unsatisfied dependencies for bash-4.4.19-2.fc28.x86_64:
filesystem >= 3 is needed by (installed) bash-4.4.19-2.fc28.x86_64
missing /usr/lib/systemd/system-preset/85-display-manager.preset
.M....... g /usr/lib/variant
[pmatilai🎩︎sopuli ~]$
It remains to be seen if there's something that we can do to make this
work, or whether it's just too much of a hack to live.
- Panu -
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
