Johannes Schauer Marin Rodrigues, le sam. 06 sept. 2025 13:38:17 +0200, a ecrit: > Quoting Samuel Thibault (2025-09-06 07:52:42) > > Johannes Schauer Marin Rodrigues, le sam. 06 sept. 2025 03:08:50 +0200, a > > ecrit: > > > > > Also, can we tell mmdebstrap to use the normal chroot instead of > > > > > fakechroot? chroot() is not a privileged operation in the Hurd. > > > > Oh, I wasn't aware of that! > > > > > > Yes. If you have privileges to chroot(), you can just use --mode=root. > > > > But currently none of the expected ways work as non-root: > > > > $ mmdebstrap --mode=root --variant=required > > --keyring=/usr/share/keyrings/debian-ports-archive-keyring.gpg '' > > foo.tar.gz 'deb http://deb.debian.org/debian-ports unreleased main' 'deb > > http://deb.debian.org/debian-ports/ unstable main' > > E: need to be root > > Would/should the above work as the non-root user on hurd?
Well, I don't know the exact intention of --mode=root :) What I was understanding is that it is a mode that uses an actual root uid, not faking root. But I also read that it uses chroot, which is what we'd want to use on the Hurd, but along with an additionnal fakeroot-hurd, which would rather be the fakeroot mode. > > with additionnal fakeroot-hurd: > > $ fakeroot-hurd mmdebstrap --mode=root --variant=required > > --keyring=/usr/share/keyrings/debian-ports-archive-keyring.gpg '' > > foo.tar.gz 'deb http://deb.debian.org/debian-ports unreleased main' 'deb > > http://deb.debian.org/debian-ports/ unstable main' > > Undefined subroutine &main::SYS_capget called at /usr/bin/mmdebstrap line > > 6081. > > /bin/fakeauth: Error 255 for child 23498 > > /bin/settrans: Error 255 for child 23497 > > This is because in Linux it is possible to be uid 0 but still not be able to > mount anything. The above uses the capget and later the prctl syscalls to > figure out whether mounting is possible or not. > > We can do multiple things here: > > * it seems there is no capget on hurd, so mmdebstrap should not even attempt > this codepath on hurd Yes. > * instead, maybe a different check can/should be performed on hurd but i > don't know enough hurd to implement this I don't think there is any check need: you can always mount something the hurd. The translator will run under the user identity, simply. > > $ mmdebstrap --mode=fakeroot --variant=required > > --keyring=/usr/share/keyrings/debian-ports-archive-keyring.gpg '' > > foo.tar.gz 'deb http://deb.debian.org/debian-ports unreleased main' 'deb > > http://deb.debian.org/debian-ports/ unstable main' > > E: need working fakechroot binary > > > > on GNU/Hurd it should be using chroot instead of using the fragile > > fakechroot. I had tried to create a hurdish fakechroot that just calls > > chroot(), but apparently mmdebstrap is expecting various fakechroot > > environment variables, I didn't easily manage to find out what. > > Instead of you creating a fakechroot for hurd which is close enough to the > fakechroot on linux, lets instead fix mmdebstrap to do the right thing on > hurd out-of-the-box. I'll gladly accept patches! I don't really know where one would tell mmdebstrap to just use chroot. > I can easily implement the --skip=... options mentioned above but I'll need > help with adding hurd-specific things. I don't think there is really much hurd-specific. Really I believe it's just about calling fakeroot-hurd and chroot, just like you would use fakeroot + chroot on linux. Samuel
