README.md: put chroot style information together, extend
This commit is contained in:
parent
980ce1777d
commit
772b15704c
1 changed files with 22 additions and 13 deletions
35
README.md
35
README.md
|
@ -46,17 +46,12 @@ For bootstrapping additionally:
|
||||||
- install(1) - GNU coreutils
|
- install(1) - GNU coreutils
|
||||||
- objcopy(1), objdump(1), strip(1): binutils
|
- objcopy(1), objdump(1), strip(1): binutils
|
||||||
|
|
||||||
`xbps-src` requires a utility to chroot and bind mount existing directories
|
`xbps-src` requires [a utility to chroot](#chroot-methods) and bind mount existing directories
|
||||||
into a `masterdir` that is used as its main `chroot` directory. `xbps-src` supports
|
into a `masterdir` that is used as its main `chroot` directory. `xbps-src` supports
|
||||||
multiple utilities to accomplish this task:
|
multiple utilities to accomplish this task.
|
||||||
|
|
||||||
- `bwrap` - bubblewrap, see https://github.com/projectatomic/bubblewrap.
|
|
||||||
- `ethereal` - only useful for one-shot containers, i.e docker (used with CI).
|
|
||||||
- `xbps-uunshare(1)` - XBPS utility that uses `user_namespaces(7)` (part of xbps, default).
|
|
||||||
- `xbps-uchroot(1)` - XBPS utility that uses `namespaces` and must be `setgid` (part of xbps).
|
|
||||||
|
|
||||||
> NOTE: `xbps-src` does not allow building as root anymore. Use one of the chroot
|
> NOTE: `xbps-src` does not allow building as root anymore. Use one of the chroot
|
||||||
methods shown above.
|
methods.
|
||||||
|
|
||||||
<a name="quick-start"></a>
|
<a name="quick-start"></a>
|
||||||
### Quick start
|
### Quick start
|
||||||
|
@ -100,6 +95,8 @@ Alternatively, packages can be installed with the `xi` utility, from the `xtools
|
||||||
|
|
||||||
#### xbps-uunshare(1) (default)
|
#### xbps-uunshare(1) (default)
|
||||||
|
|
||||||
|
XBPS utility that uses `user_namespaces(7)` (part of xbps, default without `-t` flag).
|
||||||
|
|
||||||
This utility requires these Linux kernel options:
|
This utility requires these Linux kernel options:
|
||||||
|
|
||||||
- CONFIG\_NAMESPACES
|
- CONFIG\_NAMESPACES
|
||||||
|
@ -112,6 +109,11 @@ options it will fail with `EINVAL (Invalid argument)`.
|
||||||
|
|
||||||
#### xbps-uchroot(1)
|
#### xbps-uchroot(1)
|
||||||
|
|
||||||
|
XBPS utility that uses `namespaces` and must be `setgid` (part of xbps).
|
||||||
|
|
||||||
|
> NOTE: This is the only method that implements functionality of `xbps-src -t`, therefore the
|
||||||
|
flag ignores the choice made in configuration files and enables `xbps-uchroot`.
|
||||||
|
|
||||||
This utility requires these Linux kernel options:
|
This utility requires these Linux kernel options:
|
||||||
|
|
||||||
- CONFIG\_NAMESPACES
|
- CONFIG\_NAMESPACES
|
||||||
|
@ -138,6 +140,16 @@ If for some reason it's erroring out as `ERROR clone (Operation not permitted)`,
|
||||||
your user is a member of the required `group` and that `xbps-uchroot(1)` utility has the
|
your user is a member of the required `group` and that `xbps-uchroot(1)` utility has the
|
||||||
proper permissions and owner/group as explained above.
|
proper permissions and owner/group as explained above.
|
||||||
|
|
||||||
|
#### bwrap(1)
|
||||||
|
|
||||||
|
bubblewrap, sandboxing tool for unprivileged users that uses
|
||||||
|
user namespaces or setuid.
|
||||||
|
See <https://github.com/containers/bubblewrap>.
|
||||||
|
|
||||||
|
#### ethereal
|
||||||
|
|
||||||
|
Destroys host system it runs on. Only useful for one-shot containers, i.e docker (used with CI).
|
||||||
|
|
||||||
<a name="install-bootstrap"></a>
|
<a name="install-bootstrap"></a>
|
||||||
### Install the bootstrap packages
|
### Install the bootstrap packages
|
||||||
|
|
||||||
|
@ -424,11 +436,8 @@ To use xbps-src in your Linux distribution use the following instructions. Let's
|
||||||
$ tar xvf xbps-static-latest.<arch>-musl.tar.xz -C ~/XBPS
|
$ tar xvf xbps-static-latest.<arch>-musl.tar.xz -C ~/XBPS
|
||||||
$ export PATH=~/XBPS/usr/bin:$PATH
|
$ export PATH=~/XBPS/usr/bin:$PATH
|
||||||
|
|
||||||
If your system does not support `user namespaces`, a privileged group is required to be able to use
|
If `xbps-uunshare` does not work because of lack of `user_namespaces(7)` support,
|
||||||
`xbps-uchroot(1)` with xbps-src, by default it's set to the `xbuilder` group, change this to your desired group:
|
try other [chroot methods](#chroot-methods).
|
||||||
|
|
||||||
# chown root:<group> ~/XBPS/usr/bin/xbps-uchroot.static
|
|
||||||
# chmod 4750 ~/XBPS/usr/bin/xbps-uchroot.static
|
|
||||||
|
|
||||||
Clone the `void-packages` git repository:
|
Clone the `void-packages` git repository:
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue