Re: Different Debian for different users
On Fri, Apr 25, 2025 at 21:51:47 -0400, Stefan Monnier wrote:
> Is there some way to setup a machine such that one user can login into it
> and see a Debian stable system, while another user can log into it (in
> another vty) and get, say, a Debian sid system?
>
> I don't really want different VMs. I'm thinking more of a setup based
> on containers or even just chroot.
The first way that I can think of is extremely hack-ish.
Install stable normally, then install sid in a chroot using debootstrap.
Add the desired user accounts to the sid system.
Next, write a little C program that executes a command like
chroot /sid /bin/su - getenv("LOGNAME")
Compile it, and then install it somewhere with root ownership and the
setuid bit enabled. **THIS WILL RENDER YOUR SYSTEM COMPLETELY INSECURE**.
So don't put anything important on either part of this system.
Finally, set the target user's shell (in the stable system) to the setuid
program. Then, when they login, the setuid program will perform the
chroot, dropping privileges and launching a PAM session as the target
user inside the chroot.
If there's some way to do a chroot equivalent as a regular user, without
needing the setuid bit, then do that instead.
Reply to: