From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=LQ3sTB0av7b2SK0xuFALz4fZyXfUclXUNvvPDePNHPo=; b=u3M9fQu059/7NAwTaI8R1QPu13U7OTa8vDWr7JSS8i99twMNy/zCxEse7oRLHOgVsA NFf+MsTSj426kaCigk/HJJn3jX6UV7QuJlR8wjvuU9/2rSaPOSIEoopDCNqhogEM3nYB 1RGkWeB8AJxpqcO95f6+Qn6R2mLdalfanIUaR6g7gvvwkCF8RsYnADFaxLgGHS+TjD3c ChDBe6TV8XF296qogoRyneh6lSDhohpPrqRiiPw8GNxOFnCbOKjq06n29DSYvQc2gXP4 CVBrZ1/p7xJiJ9NkPNJbR5H8ZDcIGmWEFxsV3Rbrsvg2ePRjyUBvKN7bSg6bot9tzlFB us6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=LQ3sTB0av7b2SK0xuFALz4fZyXfUclXUNvvPDePNHPo=; b=toYYtpYi3iMqr7lV5uaJ4/PMvU2nntTBYjb10/CUEdN7TmXxXT0pXH6I5FOJYUGtc0 8HmCz2sxuwydOZdfapJ6OftHYuYXUITbOfyVzThmW950Mz6jzd73QcGb3oYpC2wUs69a ZgjMkLS2PP9hl6+J458E1CaAfFuWpV0AA5jTuK/FwzqsNfWRrGGxHw0TNixBeHoQnDxg +DV1NIG3USO2/qySCLWPzKJkkC3Ga3NezPa6cn06fK66X0nLiMru2DzvQewICy3mFxuV blqe1AeKD609vQRgL8fZlQqNdE1vaOrbhQL3xrHDLVQIV3m4AFnnOoqg4G4ChG3ifE8Q n5gg== X-Gm-Message-State: AOAM530muIsgaQgYxYQ8kbvwxULbps03gQfGirBVDyTCNymUdl1HG7cv Te3yY3qcq9cQ3M6Ogv8y+GuRSiAOJvM= X-Google-Smtp-Source: ABdhPJypDouNiExgEq3IBhvAS79z2W4rPoYKqo0XYfGH1CxRLdx4CBylcMnjPDs4u6DoSxMGhTErjQ== X-Received: by 2002:a2e:b174:: with SMTP id a20mr5078227ljm.200.1597709616375; Mon, 17 Aug 2020 17:13:36 -0700 (PDT) To: devel@lists.altlinux.org References: <20200817225902.GF19101@altlinux.org> <20200817235735.GE5522@altlinux.org> From: Leonid Krivoshein Message-ID: Date: Tue, 18 Aug 2020 03:13:34 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <20200817235735.GE5522@altlinux.org> Content-Type: text/plain; charset=koi8-r; format=flowed Content-Transfer-Encoding: 8bit Content-Language: ru Subject: Re: [devel] =?utf-8?b?0JrQsNC6INC/0YDQsNCy0LjQu9GM0L3QviDQvtC/0YA=?= =?utf-8?b?0LXQtNC10LvQuNGC0YwsINGH0YLQviDQvNGLINCy0L3Rg9GC0YDQuCBIYXNo?= =?utf-8?b?ZXI/?= X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Aug 2020 00:13:40 -0000 Archived-At: List-Archive: List-Post: 18.08.2020 2:57, Dmitry V. Levin пишет: > On Tue, Aug 18, 2020 at 02:19:12AM +0300, Leonid Krivoshein wrote: > [...] >> Нашёл ещё такой вариант: >> >> # chroot / /bin/sh -c exit; echo $? >> 0 >> >> $ hsh-run --rooter -- chroot / /bin/sh -c exit; echo $? >> chroot: cannot change root directory to '/': Operation not permitted >> 125 > Так проще: > $ hsh-run --root -- chroot / /bin/true Да, спасибо! Беру на вооружение. >> Но вообще интересно, как правильно... > Для того, чтобы выяснить, достаточно ли настоящий root, протестируйте > выполнение той привилегированной операции, которая вам нужна. По условиям задачи нужен либо fakeroot, либо rooter в хэшере. А в случае настоящего root'а лучше сразу выходить или хотя бы ругаться.)) Так что если "chroot" в минимальном хэшере есть, это вполне годится. -- Best regards, Leonid Krivoshein.