Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
Philip Hands writes:
> I stumbled across 'proot' while looking into the background for this,
> which seems to be able to provide the effect of a bind mount without
> needing root privilege, and would presumably deal with Ian's original
> problem quite nicely.
If you enable unprivileged user namespaces (the upstream kernel default;
disabled by a Debian patch if I remember correctly), you can just use
`unshare` and `mount --bind` on Linux:
# echo 1 > /proc/sys/kernel/unprivileged_userns_clone
$ unshare -r -m /bin/sh -c 'mount --bind /usr/bin/gpg /usr/bin/true; /usr/bin/true --version'
gpg (GnuPG) 2.1.17