Linux-Fan writes:
Jonas Smedegaard writes:
[...]
Being such a simple invocation, I thought I must have made some rather obvious mistake, because my command very much follows the manpage. I had thought that the complex part would only come afterwards :)I recommend to read section "MODES" in man page for mmdebstrap, which nicely lays out how different approaches complicates matters in different ways.I saw it. For now, the "root" mode works. Before I think it automatically went with "fakechroot" and failed... maybe I should investigate this "unshare" mode?
[...]
Another is to generate not a filesystem but a tarball (and then use different approach to turn that into a bootable image).Yes. Tarball sounds good. I understand that when going for a filesystem rather than tarball I would need to be root just to get the permissions right. And of course, in the end I will do (as root) a tar -C /mnt -xf ... to put everyting on the SD card.
[...]
Just a little update. I tried out the "unshare" mode and it does not produce
errors anymore i.e. it works (even with the ARM stuff although the result
image was not tested on the hardware yet -- now comes the (in?)famous
"embedded factor" :) )
Now I am a little unsure about the security implications of the required
# sysctl -w kernel.unprivileged_userns_clone=1
However, it seems a great advantage over having to do the whole process as
root :)
I do not think, it is all solved yet, but it is a major progress which one
can build on. So checking out the other modes is the key thing, thanks again!
Linux-Fan
pgpHSoTTXnj_p.pgp
Description: PGP signature
