FAQ:Substitute User (su) in a rMake chroot

From rPath Wiki

Jump to: navigation, search

FAQ
Question: Why can't I be a substitute user (su) in the chroot?

Answer: rMake's chroot is not owned by root; none of the files in it are owned by root because the rMake server does not run as root. Instead, all the files in the chroot are owned by the rmake user, and the build itself inside the chroot is done by the rmake-chroot user. rMake uses a setuid program to chroot into the root and su to the rmake-chroot user, but it otherwise avoids using root at all for safety.

This characteristic confuses pam and other security-minded tools. Pam will not let you su, even as root, if the required binaries are not owned by root.

Retrieved from "http://wiki.rpath.com/wiki/FAQ:Substitute_User_%28su%29_in_a_rMake_chroot"

Category: FAQ

Personal tools

Views

Navigation

Search

Toolbox

FAQ:Substitute User (su) in a rMake chroot

From rPath Wiki