Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts

To: Philip Hands <phil@hands.com>
Cc: 850967@bugs.debian.org
Subject: Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
From: Ansgar Burchardt <ansgar@debian.org>
Date: Sat, 14 Jan 2017 15:08:33 +0100
Message-id: <[🔎] 87bmv9g2e6.fsf@deep-thought.43-1.org>
Reply-to: Ansgar Burchardt <ansgar@debian.org>, 850967@bugs.debian.org
In-reply-to: <[🔎] 87lguehjgd.fsf@whist.hands.com> (Philip Hands's message of "Fri, 13 Jan 2017 20:02:26 +0100")
References: <[🔎] 22646.26568.292077.676937@chiark.greenend.org.uk> <[🔎] 87inpltopc.fsf@alice.fifthhorseman.net> <[🔎] 20170112084954.5sktyoxykhrgez5z@x> <[🔎] tsl37gnrofx.fsf@suchdamage.org> <[🔎] 87lguehjgd.fsf@whist.hands.com>

Philip Hands writes:
> I stumbled across 'proot' while looking into the background for this,
> which seems to be able to provide the effect of a bind mount without
> needing root privilege, and would presumably deal with Ian's original
> problem quite nicely.

If you enable unprivileged user namespaces (the upstream kernel default;
disabled by a Debian patch if I remember correctly), you can just use
`unshare` and `mount --bind` on Linux:

  # echo 1 > /proc/sys/kernel/unprivileged_userns_clone

  $ unshare -r -m /bin/sh -c 'mount --bind /usr/bin/gpg /usr/bin/true; /usr/bin/true --version'
  gpg (GnuPG) 2.1.17
  [...]

Ansgar

Reply to:

References:
- Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
  - From: Daniel Kahn Gillmor <dkg@debian.org>
- Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
  - From: Josh Triplett <josh@joshtriplett.org>
- Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
  - From: Sam Hartman <hartmans@debian.org>
- Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
  - From: Philip Hands <phil@hands.com>

Prev by Date: Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
Next by Date: Bug#846002: Debian Installer Stretch RC 1 release
Previous by thread: Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
Next by thread: Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
Index(es):
- Date
- Thread