further document prerequisites and limitations of different modes

This commit is contained in:
Johannes 'josch' Schauer 2020-01-04 01:10:46 +01:00
parent ecd5c7a662
commit 327c0e83ca
Signed by: josch
GPG key ID: F2CBA5C78FBD83E1

View file

@ -3734,20 +3734,25 @@ by the _apt user, then apt sandboxing will be automatically disabled.
This mode uses Linux user namespaces to allow unprivileged use of chroot and This mode uses Linux user namespaces to allow unprivileged use of chroot and
creation of files that appear to be owned by the superuser inside the unshared creation of files that appear to be owned by the superuser inside the unshared
namespace. A directory chroot created with this mode will end up with wrong namespace. A directory chroot created with this mode will end up with wrong
permissions. Choose to create a tarball instead. permissions. Choose to create a tarball instead. This mode requires the sysctl
C<kernel.unprivileged_userns_clone> being set to C<1>.
=item B<fakeroot>, B<fakechroot> =item B<fakeroot>, B<fakechroot>
This mode will exec B<mmdebstrap> again under C<fakechroot fakeroot>. A This mode will exec B<mmdebstrap> again under C<fakechroot fakeroot>. A
directory chroot created with this mode will end up with wrong permissions. directory chroot created with this mode will end up with wrong permissions.
Choose to create a tarball instead. Choose to create a tarball instead. This mode will not work if maintainer
scripts are unable to handle C<LD_PRELOAD> correctly like the package
B<initramfs-tools> until version 0.132.
=item B<proot> =item B<proot>
This mode will carry out all calls to chroot with proot instead. Since This mode will carry out all calls to chroot with proot instead. Since
permissions are only retained while proot is still running, this will lead to ownership information is only retained while proot is still running, this will
wrong permissions in the final directory and tarball. This mode is useful if lead to wrong ownership information in the final directory (everything will be
you plan to use the chroot with proot. owned by the user that executed B<mmdebstrap>) and tarball (everything will be
owned by the root user). Extended attributes are not retained. This mode is
useful if you plan to use the chroot with proot.
=item B<chrootless> =item B<chrootless>