From 9b00c5c4c51c513b09ae32b97a0fbd8ca8590d45 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sun, 30 Apr 2023 13:20:54 +0200 Subject: [PATCH 01/24] Reduce PATH when accessing to Junest session --- lib/core/chroot.sh | 3 ++- lib/core/namespace.sh | 6 ++++-- lib/core/proot.sh | 3 ++- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/lib/core/chroot.sh b/lib/core/chroot.sh index c2237a9..c7f8abc 100644 --- a/lib/core/chroot.sh +++ b/lib/core/chroot.sh @@ -33,8 +33,9 @@ function _run_env_as_xroot(){ copy_common_files fi + # Resets PATH to avoid polluting with host related bin paths # shellcheck disable=SC2086 - JUNEST_ENV=1 $cmd $backend_args "$JUNEST_HOME" "${DEFAULT_SH[@]}" "${args[@]}" + PATH='' JUNEST_ENV=1 $cmd $backend_args "$JUNEST_HOME" "${DEFAULT_SH[@]}" "${args[@]}" } ####################################### diff --git a/lib/core/namespace.sh b/lib/core/namespace.sh index 9471f31..bbda112 100644 --- a/lib/core/namespace.sh +++ b/lib/core/namespace.sh @@ -101,8 +101,9 @@ function run_env_as_bwrap_fakeroot(){ local args=() [[ "$1" != "" ]] && args=("-c" "$(insert_quotes_on_spaces "${@}")") + # Fix PATH to /usr/bin to make sudo working and avoid polluting with host related bin paths # shellcheck disable=SC2086 - BWRAP="${backend_command}" JUNEST_ENV=1 bwrap_cmd $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 $backend_args sudo "${DEFAULT_SH[@]}" "${args[@]}" + PATH="/usr/bin" BWRAP="${backend_command}" JUNEST_ENV=1 bwrap_cmd $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 $backend_args sudo "${DEFAULT_SH[@]}" "${args[@]}" } @@ -150,8 +151,9 @@ function run_env_as_bwrap_user() { local args=() [[ "$1" != "" ]] && args=("-c" "$(insert_quotes_on_spaces "${@}")") + # Resets PATH to avoid polluting with host related bin paths # shellcheck disable=SC2086 - BWRAP="${backend_command}" JUNEST_ENV=1 bwrap_cmd $COMMON_BWRAP_OPTION $backend_args "${DEFAULT_SH[@]}" "${args[@]}" + PATH='' BWRAP="${backend_command}" JUNEST_ENV=1 bwrap_cmd $COMMON_BWRAP_OPTION $backend_args "${DEFAULT_SH[@]}" "${args[@]}" } diff --git a/lib/core/proot.sh b/lib/core/proot.sh index 259c8b7..b6c1c8f 100644 --- a/lib/core/proot.sh +++ b/lib/core/proot.sh @@ -17,7 +17,8 @@ function _run_env_with_proot(){ local args=() [[ "$1" != "" ]] && args=("-c" "$(insert_quotes_on_spaces "${@}")") - PROOT="${backend_command}" JUNEST_ENV=1 proot_cmd "${backend_args}" "${DEFAULT_SH[@]}" "${args[@]}" + # Resets PATH to avoid polluting with host related bin paths + PATH='' PROOT="${backend_command}" JUNEST_ENV=1 proot_cmd "${backend_args}" "${DEFAULT_SH[@]}" "${args[@]}" } function _run_env_with_qemu(){ From 296c9e47b4b98a8bdac048b5611b43f5ee4009c4 Mon Sep 17 00:00:00 2001 From: Escape0707 Date: Sat, 6 May 2023 00:55:50 +0900 Subject: [PATCH 02/24] Update README.md to accommodate that sudo-fake provides sudo Since junest/sudo-fake now provides sudo, users don't need to ignore core/sudo during the installation of base-devel. They only need to make sure not to install core/sudo manually. --- README.md | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 321feae..a6485d2 100644 --- a/README.md +++ b/README.md @@ -149,14 +149,11 @@ command. In `proot` mode, JuNest does no longer support the building of AUR pack first: ```sh -pacman -Syu --ignore sudo base-devel -:: sudo is in IgnorePkg/IgnoreGroup. Install anyway? [Y/n] n -... -... +pacman -S base-devel ``` -JuNest uses a modified version of `sudo`. That's why the original `sudo` -package **must be ignored** in the previous command. +JuNest uses a modified version of `sudo` provided by `junest/sudo-fake`. And the original `core/sudo` +package will be ignored **(and must not be installed)** during the installation of `base-devel`. Have fun! --------- @@ -387,9 +384,9 @@ For Arch Linux related FAQs take a look at the [General troubleshooting page](ht > In order to install AUR packages you need to install the package group `base-devel` first > that contains all the essential packages for compiling from source code (such as gcc, make, patch, etc): - #> pacman -S --ignore sudo base-devel + #> pacman -S base-devel -> Remember to ignore `sudo` as it conflicts with `sudo-fake` package. +> Remember to not install `core/sudo` as it conflicts with `junest/sudo-fake` package. ## Can't set user and group as root From 874f52f0f8b61f47c7a7e10cbbeebb382f4f9b3b Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sat, 6 May 2023 00:46:09 +0200 Subject: [PATCH 03/24] Remove PATH setting for chroot mode --- lib/core/chroot.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lib/core/chroot.sh b/lib/core/chroot.sh index c7f8abc..c2237a9 100644 --- a/lib/core/chroot.sh +++ b/lib/core/chroot.sh @@ -33,9 +33,8 @@ function _run_env_as_xroot(){ copy_common_files fi - # Resets PATH to avoid polluting with host related bin paths # shellcheck disable=SC2086 - PATH='' JUNEST_ENV=1 $cmd $backend_args "$JUNEST_HOME" "${DEFAULT_SH[@]}" "${args[@]}" + JUNEST_ENV=1 $cmd $backend_args "$JUNEST_HOME" "${DEFAULT_SH[@]}" "${args[@]}" } ####################################### From ae365215fbaf2650429203d5a5ffa063369cfb5d Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sat, 6 May 2023 01:38:52 +0200 Subject: [PATCH 04/24] 7.4.4 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 0f4a1d6..4e61aee 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.3 +7.4.4 From 39508ca8a9ddabfa2ebe1311831ec641a30bb121 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sun, 7 May 2023 13:59:00 +0200 Subject: [PATCH 05/24] First commit --- bin/junest | 9 +++++++-- lib/core/wrappers.sh | 18 ++++++++++-------- 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/bin/junest b/bin/junest index d3435fe..7288e59 100755 --- a/bin/junest +++ b/bin/junest @@ -69,8 +69,11 @@ usage() { echo -e " b[uild] Build a $NAME image (must run in ArchLinux)" echo -e " -n, --disable-check Disable the $NAME image check" echo - echo -e " create-bin-wrappers Create bin wrappers in $JUNEST_HOME/usr/bin_wrappers" + echo -e " create-bin-wrappers Create a bin wrappers directory according to --bin-path option" + echo -e " Default path is $JUNEST_HOME/usr/bin_wrappers" echo -e " -f, --force Create the wrapper files even if they already exist" + echo -e " -p, --bin-path The source directory where executable are located in JuNest" + echo -e " Default value is: /usr/bin" echo } @@ -215,10 +218,12 @@ function _parse_build_opts() { function _parse_create_wrappers_opts() { OPT_FORCE=false + OPT_BIN_PATH="" while [[ -n "$1" ]] do case "$1" in -f|--force) OPT_FORCE=true ; shift ;; + -p|--bin-path) shift ; OPT_BIN_PATH="$1" ; shift ;; *) die "Invalid option $1" ;; esac done @@ -276,7 +281,7 @@ function execute_operation() { fi if $ACT_CREATE_WRAPPERS; then - create_wrappers $OPT_FORCE + create_wrappers $OPT_FORCE "$OPT_BIN_PATH" exit fi diff --git a/lib/core/wrappers.sh b/lib/core/wrappers.sh index 1afbb2b..1fe955c 100644 --- a/lib/core/wrappers.sh +++ b/lib/core/wrappers.sh @@ -20,7 +20,9 @@ ####################################### function create_wrappers() { local force=${1:-false} - mkdir -p "${JUNEST_HOME}/usr/bin_wrappers" + local bin_path=${2:-/usr/bin} + bin_path=${bin_path%/} + mkdir -p "${JUNEST_HOME}${bin_path}_wrappers" # Arguments inside a variable (i.e. `JUNEST_ARGS`) separated by quotes # are not recognized normally unless using `eval`. More info here: # https://github.com/fsquillace/junest/issues/262 @@ -33,26 +35,26 @@ junest "\${junest_args_array[@]}" -- \$(basename \${0}) "\$@" EOF chmod +x "${JUNEST_HOME}/usr/bin/junest_wrapper" - cd "${JUNEST_HOME}/usr/bin" || return 1 + cd "${JUNEST_HOME}${bin_path}" || return 1 for file in * do [[ -d $file ]] && continue - # Symlinks outside junest appear as broken even though the are correct + # Symlinks outside junest appear as broken even though they are correct # within a junest session. The following do not skip broken symlinks: [[ -x $file || -L $file ]] || continue - if [[ -e ${JUNEST_HOME}/usr/bin_wrappers/$file ]] && ! $force + if [[ -e ${JUNEST_HOME}${bin_path}_wrappers/$file ]] && ! $force then continue fi - rm -f "${JUNEST_HOME}/usr/bin_wrappers/$file" - ln -s "../bin/junest_wrapper" "${JUNEST_HOME}/usr/bin_wrappers/$file" + rm -f "${JUNEST_HOME}${bin_path}_wrappers/$file" + ln -s "${JUNEST_HOME}/usr/bin/junest_wrapper" "${JUNEST_HOME}${bin_path}_wrappers/$file" done # Remove wrappers no longer needed - cd "${JUNEST_HOME}/usr/bin_wrappers" || return 1 + cd "${JUNEST_HOME}${bin_path}_wrappers" || return 1 for file in * do - [[ -e ${JUNEST_HOME}/usr/bin/$file || -L ${JUNEST_HOME}/usr/bin/$file ]] || rm -f "$file" + [[ -e ${JUNEST_HOME}${bin_path}/$file || -L ${JUNEST_HOME}${bin_path}/$file ]] || rm -f "$file" done } From c2dae9021d7bd4936d622a2984a8310984d2263d Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sun, 7 May 2023 14:15:55 +0200 Subject: [PATCH 06/24] Add integ test --- lib/checks/check_all.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/checks/check_all.sh b/lib/checks/check_all.sh index 2b39f9a..13e9237 100755 --- a/lib/checks/check_all.sh +++ b/lib/checks/check_all.sh @@ -24,4 +24,8 @@ sudo -E "$JUNEST_SCRIPT" groot -- "$CHECK_SCRIPT" --run-root-tests --skip-aur-te # Test the wrappers work "$JUNEST_SCRIPT" create-bin-wrappers --force "$JUNEST_HOME"/usr/bin_wrappers/pacman --help + +"$JUNEST_SCRIPT" create-bin-wrappers --force --bin-path /usr/bin/core_perl/ +"$JUNEST_HOME"/usr/bin/core_perl_wrappers/shasum --help + "${JUNEST_BASE}/bin/sudoj" pacman -Syu From 3742c16ce06bc8fbf6758a6f4ee796c3b2988084 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sun, 7 May 2023 16:13:10 +0200 Subject: [PATCH 07/24] Add documentation and unit test --- README.md | 24 ++++++++++++++++++++---- tests/unit-tests/test-wrappers.sh | 11 +++++++++++ 2 files changed, 31 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index a6485d2..72ae100 100644 --- a/README.md +++ b/README.md @@ -110,9 +110,9 @@ used, see the [Usage](#usage) section below. Run JuNest installed programs directly from host OS --------------------------------------- -Program installed within JuNest can be accessible directly from host machine -without entering directly into a JuNest session -(no need to call `junest` command first). +Programs installed within JuNest can be accessible directly from host machine +without entering into a JuNest session +(namely, no need to call `junest` command first). For instance, supposing the host OS is an Ubuntu distro you can directly run `pacman` by simply updating the `PATH` variable: @@ -123,7 +123,7 @@ htop ``` By default the wrappers use `ns` mode. To use the `ns --fakeroot` you can use the convenient command helper `sudoj`. -For more control on backend mode you can use the `JUNEST_ARGS` environment variable. +For more control on backend modes you can use the `JUNEST_ARGS` environment variable too. For instance, if you want to run `iftop` with real root privileges: ``` @@ -138,6 +138,22 @@ corrupted) with: junest create-bin-wrappers -f ``` +Bin wrappers are automatically generated each time they get installed inside JuNest. +This only works for executables located in `/usr/bin` path. +For executables in other locations (say `/usr/mybinpath`) you can only create +wrappers manually by executing the command: + +``` +junest create-bin-wrappers --bin-path /usr/mybinpath +``` + +Obviously, to get access to the corresponding bin wrappers you will need to +update your `PATH` variable accordingly: + +``` +export PATH="$PATH:~/.junest/usr/mybinpath_wrappers" +``` + Install packages from AUR ------------------------- diff --git a/tests/unit-tests/test-wrappers.sh b/tests/unit-tests/test-wrappers.sh index c5a5857..eef1f38 100755 --- a/tests/unit-tests/test-wrappers.sh +++ b/tests/unit-tests/test-wrappers.sh @@ -124,4 +124,15 @@ function test_create_wrappers_executable_no_longer_exist(){ assertTrue "myfile wrapper should not exist" "[ ! -x $JUNEST_HOME/usr/bin_wrappers/myfile ]" } +function test_create_wrappers_custom_bin_path(){ + mkdir -p "$JUNEST_HOME"/usr/mybindir + touch "$JUNEST_HOME"/usr/mybindir/myfile + chmod +x "$JUNEST_HOME"/usr/mybindir/myfile + assertCommandSuccess create_wrappers false /usr/mybindir/ + assertEquals "" "$(cat "$STDOUTF")" + assertTrue "bin_wrappers should exist" "[ -e $JUNEST_HOME/usr/mybindir_wrappers ]" + assertTrue "myfile wrapper should exist" "[ -x $JUNEST_HOME/usr/mybindir_wrappers/myfile ]" +} + + source "$(dirname "$0")"/../utils/shunit2 From 507502dc1a5bbcdfa836a6d984cd4524958879cd Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sun, 7 May 2023 16:27:17 +0200 Subject: [PATCH 08/24] 7.4.5 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 4e61aee..e91f104 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.4 +7.4.5 From daa60b05e3cd4ebf75970ca19bb1a012339dfc8d Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Mon, 29 May 2023 11:47:18 +0200 Subject: [PATCH 09/24] Fix PATH when running trap --- VERSION | 2 +- bin/junest | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/VERSION b/VERSION index e91f104..bd8293a 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.5 +7.4.6 diff --git a/bin/junest b/bin/junest index 7288e59..356482d 100755 --- a/bin/junest +++ b/bin/junest @@ -305,7 +305,7 @@ function execute_operation() { fi # Call create_wrappers in case new bin files have been created - trap "create_wrappers" EXIT QUIT TERM + trap "PATH=$PATH create_wrappers" EXIT QUIT TERM $run_env "$BACKEND_COMMAND" "${BACKEND_ARGS}" $OPT_NO_COPY_FILES "${ARGS[@]}" } From 9a06d47f76bbe18cd0817ba6ddb5a780713a6d73 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Mon, 29 May 2023 12:00:15 +0200 Subject: [PATCH 10/24] Add shellcheck disable --- bin/junest | 1 + 1 file changed, 1 insertion(+) diff --git a/bin/junest b/bin/junest index 356482d..f0d6abe 100755 --- a/bin/junest +++ b/bin/junest @@ -305,6 +305,7 @@ function execute_operation() { fi # Call create_wrappers in case new bin files have been created + # shellcheck disable=SC2064 trap "PATH=$PATH create_wrappers" EXIT QUIT TERM $run_env "$BACKEND_COMMAND" "${BACKEND_ARGS}" $OPT_NO_COPY_FILES "${ARGS[@]}" } From b3565e093d848eeb6c4f72ca97df25d200f0e0ad Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Wed, 31 May 2023 14:57:57 +0200 Subject: [PATCH 11/24] #328 Check if `user` file exist in `ns` directory --- lib/core/namespace.sh | 30 +++++++++++++++------------ tests/unit-tests/test-namespace.sh | 33 +++++++++++++----------------- 2 files changed, 31 insertions(+), 32 deletions(-) diff --git a/lib/core/namespace.sh b/lib/core/namespace.sh index bbda112..70763bd 100644 --- a/lib/core/namespace.sh +++ b/lib/core/namespace.sh @@ -15,8 +15,24 @@ COMMON_BWRAP_OPTION="--bind "$JUNEST_HOME" / --bind "$HOME" "$HOME" --bind /tmp CONFIG_PROC_FILE="/proc/config.gz" CONFIG_BOOT_FILE="/boot/config-$($UNAME -r)" PROC_USERNS_CLONE_FILE="/proc/sys/kernel/unprivileged_userns_clone" +PROC_USERNS_FILE="/proc/$$/ns/user" function _is_user_namespace_enabled() { + if [[ -L $PROC_USERNS_FILE ]] + then + return 0 + fi + + if [[ -e $PROC_USERNS_CLONE_FILE ]] + then + # `-q` option in zgrep may cause a gzip: stdout: Broken pipe + # Use redirect to /dev/null instead + if zgrep_cmd "1" "$PROC_USERNS_CLONE_FILE" > /dev/null + then + return 0 + fi + fi + local config_file="" if [[ -e $CONFIG_PROC_FILE ]] then @@ -35,19 +51,7 @@ function _is_user_namespace_enabled() { return "$NO_CONFIG_FOUND" fi - if [[ ! -e $PROC_USERNS_CLONE_FILE ]] - then - return 0 - fi - - # `-q` option in zgrep may cause a gzip: stdout: Broken pipe - # Use redirect to /dev/null instead - if ! zgrep_cmd "1" $PROC_USERNS_CLONE_FILE > /dev/null - then - return "$UNPRIVILEGED_USERNS_DISABLED" - fi - - return 0 + return "$UNPRIVILEGED_USERNS_DISABLED" } function _check_user_namespace() { diff --git a/tests/unit-tests/test-namespace.sh b/tests/unit-tests/test-namespace.sh index 373c1be..781ca92 100755 --- a/tests/unit-tests/test-namespace.sh +++ b/tests/unit-tests/test-namespace.sh @@ -58,50 +58,45 @@ function _test_copy_remaining_files() { } function test_is_user_namespace_enabled_no_config_file(){ + PROC_USERNS_FILE="blah" + PROC_USERNS_CLONE_FILE="blah" CONFIG_PROC_FILE="blah" CONFIG_BOOT_FILE="blah" assertCommandFailOnStatus "$NOT_EXISTING_FILE" _is_user_namespace_enabled } function test_is_user_namespace_enabled_no_config(){ + PROC_USERNS_FILE="blah" + PROC_USERNS_CLONE_FILE="blah" touch config gzip config + # shellcheck disable=SC2034 CONFIG_PROC_FILE="config.gz" + # shellcheck disable=SC2034 CONFIG_BOOT_FILE="blah" assertCommandFailOnStatus "$NO_CONFIG_FOUND" _is_user_namespace_enabled } -function test_is_user_namespace_enabled_with_config(){ - echo "CONFIG_USER_NS=y" > config - gzip config - CONFIG_PROC_FILE="config.gz" - CONFIG_BOOT_FILE="blah" - PROC_USERNS_CLONE_FILE="not-existing-file" - assertCommandSuccess _is_user_namespace_enabled -} - function test_is_user_namespace_enabled_with_userns_clone_file_disabled(){ - echo "CONFIG_USER_NS=y" > config - gzip config - CONFIG_PROC_FILE="config.gz" - CONFIG_BOOT_FILE="blah" + PROC_USERNS_FILE="blah" PROC_USERNS_CLONE_FILE="unprivileged_userns_clone" echo "0" > $PROC_USERNS_CLONE_FILE assertCommandFailOnStatus "$UNPRIVILEGED_USERNS_DISABLED" _is_user_namespace_enabled } function test_is_user_namespace_enabled_with_userns_clone_file_enabled(){ - echo "CONFIG_USER_NS=y" > config - gzip config - # shellcheck disable=SC2034 - CONFIG_PROC_FILE="config.gz" - # shellcheck disable=SC2034 - CONFIG_BOOT_FILE="blah" PROC_USERNS_CLONE_FILE="unprivileged_userns_clone" echo "1" > $PROC_USERNS_CLONE_FILE assertCommandSuccess _is_user_namespace_enabled } +function test_is_user_namespace_enabled_with_proc_userns_file_existing(){ + PROC_USERNS_FILE="user" + ln -s . $PROC_USERNS_FILE + PROC_USERNS_CLONE_FILE="blah" + assertCommandSuccess _is_user_namespace_enabled +} + function test_run_env_as_bwrap_fakeroot() { assertCommandSuccess run_env_as_bwrap_fakeroot "" "" "false" assertEquals "$BWRAP $COMMON_BWRAP_OPTION --cap-add ALL --uid 0 --gid 0 sudo /bin/sh --login" "$(cat "$STDOUTF")" From 2dd84efecbb6bda68b12cd567c41d01d3176f9d2 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Wed, 31 May 2023 15:07:39 +0200 Subject: [PATCH 12/24] 7.4.7 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index bd8293a..25627bc 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.6 +7.4.7 From d19d2f07b68e596706c7c576ca941e63809483c0 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sat, 22 Jul 2023 16:26:21 +0200 Subject: [PATCH 13/24] Add buymeacoffee badge --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 72ae100..e51e5be 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ The lightweight Arch Linux based distro that runs, without root privileges, on t |Project Status|Donation|Communication| |:------------:|:------:|:-----------:| -| [![Build status](https://api.travis-ci.com/fsquillace/junest.png?branch=master)](https://app.travis-ci.com/github/fsquillace/junest) [![OpenHub](https://www.openhub.net/p/junest/widgets/project_thin_badge.gif)](https://www.openhub.net/p/junest) | [![Github Sponsors](https://img.shields.io/badge/GitHub-Sponsors-orange.svg)](https://github.com/sponsors/fsquillace) [![PayPal](https://img.shields.io/badge/PayPal-Donation-blue.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=8LEHQKBCYTACY) | [![Join the Discord server at https://discord.gg/ttfBT7MKve](https://img.shields.io/badge/Discord-Server-blueviolet.svg)](https://discord.gg/ttfBT7MKve) | +| [![Build status](https://api.travis-ci.com/fsquillace/junest.png?branch=master)](https://app.travis-ci.com/github/fsquillace/junest) [![OpenHub](https://www.openhub.net/p/junest/widgets/project_thin_badge.gif)](https://www.openhub.net/p/junest) | [![Github Sponsors](https://img.shields.io/badge/GitHub-Sponsors-orange.svg)](https://github.com/sponsors/fsquillace) [![PayPal](https://img.shields.io/badge/PayPal-Donation-blue.svg)](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=8LEHQKBCYTACY) [![Buy me a coffee](https://www.buymeacoffee.com/assets/img/custom_images/yellow_img.png)](https://www.buymeacoffee.com/fsquillace) | [![Join the Discord server at https://discord.gg/ttfBT7MKve](https://img.shields.io/badge/Discord-Server-blueviolet.svg)](https://discord.gg/ttfBT7MKve) | **Table of Contents** - [Description](#description) From 6ae9f72dd5bd423bf5e6db8e62cf0e343a8a2bee Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sat, 22 Jul 2023 16:34:44 +0200 Subject: [PATCH 14/24] Add Readme update --- README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e51e5be..7be58b1 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,9 @@ Setup environment ----------------- The first operation required is to install the JuNest environment in the -location of your choice (by default `~/.junest`, configurable via the environment variable `JUNEST_HOME`): +location of your choice via `JUNEST_HOME` environment variable +(it must contain an absolute path) which by +default is `~/.junest`: ```sh junest setup From e680325f5a815f58c8ef7e57a319c6cd64a497a2 Mon Sep 17 00:00:00 2001 From: Cosmo Date: Mon, 13 Nov 2023 15:29:05 -0500 Subject: [PATCH 15/24] Explain installation before quickstart/setup This should clear up some of the confusion that new users experience when discovering JuNest for the first time --- README.md | 62 +++++++++++++++++++++++++++---------------------------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/README.md b/README.md index 72ae100..49f3786 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,37 @@ This allows interaction between processes belonging to both host OS and JuNest. For example, you can install the `top` command in JuNest and use it to monitor processes belonging to the host OS. +Installation +============ + +## Dependencies ## +JuNest comes with a very short list of dependencies in order to be installed in most +of GNU/Linux distributions. +Before installing JuNest be sure that all dependencies are properly installed in your system: + +- [bash (>=4.0)](https://www.gnu.org/software/bash/) +- [GNU coreutils](https://www.gnu.org/software/coreutils/) + +## Installation from git repository ## +Just clone the JuNest repo somewhere (for example in ~/.local/share/junest): + +```sh +git clone https://github.com/fsquillace/junest.git ~/.local/share/junest +export PATH=~/.local/share/junest/bin:$PATH +``` + +Optionally you want to use the wrappers to run commands +installed in JuNest directly from host: + +```sh +export PATH="$PATH:~/.junest/usr/bin_wrappers" +``` +Update your `~/.bashrc` or `~/.zshrc` to get always the wrappers available. + +### Installation using AUR (Arch Linux only) ### +If you are using an Arch Linux system you can, alternatively, install JuNest from the [AUR repository](https://aur.archlinux.org/packages/junest-git/). +JuNest will be located in `/opt/junest/` + Quickstart ========== @@ -177,37 +208,6 @@ Have fun! If you are new on Arch Linux and you are not familiar with `pacman` package manager visit the [pacman rosetta page](https://wiki.archlinux.org/index.php/Pacman_Rosetta). -Installation -============ - -## Dependencies ## -JuNest comes with a very short list of dependencies in order to be installed in most -of GNU/Linux distributions. -Before installing JuNest be sure that all dependencies are properly installed in your system: - -- [bash (>=4.0)](https://www.gnu.org/software/bash/) -- [GNU coreutils](https://www.gnu.org/software/coreutils/) - -## Installation from git repository ## -Just clone the JuNest repo somewhere (for example in ~/.local/share/junest): - -```sh -git clone https://github.com/fsquillace/junest.git ~/.local/share/junest -export PATH=~/.local/share/junest/bin:$PATH -``` - -Optionally you want to use the wrappers to run commands -installed in JuNest directly from host: - -```sh -export PATH="$PATH:~/.junest/usr/bin_wrappers" -``` -Update your `~/.bashrc` or `~/.zshrc` to get always the wrappers available. - -### Installation using AUR (Arch Linux only) ### -If you are using an Arch Linux system you can, alternatively, install JuNest from the [AUR repository](https://aur.archlinux.org/packages/junest-git/). -JuNest will be located in `/opt/junest/` - Usage ===== There are three different ways you can run JuNest depending on the backend program you decide to use. From c91e013cd4c473df120697e8130700d4d95c83ed Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Tue, 9 Jan 2024 15:51:33 +0100 Subject: [PATCH 16/24] Copy pacman.conf file if does not exist --- lib/core/build.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/core/build.sh b/lib/core/build.sh index 0f3d8b0..7a2ef9d 100644 --- a/lib/core/build.sh +++ b/lib/core/build.sh @@ -25,7 +25,8 @@ function _install_pkg(){ function _prepare() { # ArchLinux System initialization prepare_archlinux - sudo pacman -S --noconfirm git arch-install-scripts haveged + # curl is used to download pacman.conf file + sudo pacman -S --noconfirm git arch-install-scripts haveged curl } function build_image_env(){ @@ -59,12 +60,19 @@ function build_image_env(){ fi sudo mkdir -p "${maindir}"/root/run/lock - sudo tee -a "${maindir}"/root/etc/pacman.conf > /dev/null < Date: Tue, 9 Jan 2024 16:41:45 +0100 Subject: [PATCH 17/24] 7.4.8 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 25627bc..da8d653 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.7 +7.4.8 From fd449721375124ab9870970fb1e649b9d36da1dc Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Thu, 1 Aug 2024 19:51:21 +0200 Subject: [PATCH 18/24] Disable the checks and fix shellcheck --- .travis.yml | 4 +++- bin/junest | 3 +++ tests/unit-tests/test-chroot.sh | 3 +++ tests/unit-tests/test-common.sh | 8 ++++++++ tests/unit-tests/test-junest.sh | 25 +++++++++++++++++++++++++ tests/unit-tests/test-namespace.sh | 1 + tests/unit-tests/test-proot.sh | 10 ++++++++++ tests/unit-tests/test-setup.sh | 1 + tests/unit-tests/test-wrappers.sh | 1 + 9 files changed, 55 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 153b779..8efa537 100644 --- a/.travis.yml +++ b/.travis.yml @@ -49,7 +49,9 @@ script: # Test the newly created JuNest image against Ubuntu host - export JUNEST_HOME=~/.junest - junest setup -i junest-x86_64.tar.gz - - ${PWD}/lib/checks/check_all.sh + # TODO The check does not work at the moment: https://app.travis-ci.com/github/fsquillace/junest/builds/271706037 + # Disabling it in order to avoid having stale version of junest images. + # - ${PWD}/lib/checks/check_all.sh - yes | junest setup --delete diff --git a/bin/junest b/bin/junest index f0d6abe..4084fe0 100755 --- a/bin/junest +++ b/bin/junest @@ -250,6 +250,7 @@ function execute_operation() { $ACT_VERSION && version && return if $ACT_BUILD; then + # shellcheck disable=SC2086 build_image_env $OPT_DISABLE_CHECK return fi @@ -281,6 +282,7 @@ function execute_operation() { fi if $ACT_CREATE_WRAPPERS; then + # shellcheck disable=SC2086 create_wrappers $OPT_FORCE "$OPT_BIN_PATH" exit fi @@ -307,6 +309,7 @@ function execute_operation() { # Call create_wrappers in case new bin files have been created # shellcheck disable=SC2064 trap "PATH=$PATH create_wrappers" EXIT QUIT TERM + # shellcheck disable=SC2086 $run_env "$BACKEND_COMMAND" "${BACKEND_ARGS}" $OPT_NO_COPY_FILES "${ARGS[@]}" } diff --git a/tests/unit-tests/test-chroot.sh b/tests/unit-tests/test-chroot.sh index 703004d..3739c58 100755 --- a/tests/unit-tests/test-chroot.sh +++ b/tests/unit-tests/test-chroot.sh @@ -29,12 +29,15 @@ function tearDown(){ function init_mocks() { chroot_cmd() { + # shellcheck disable=SC2317 [ "$JUNEST_ENV" != "1" ] && return 1 + # shellcheck disable=SC2317 echo "chroot_cmd $*" } # shellcheck disable=SC2034 GROOT=chroot_cmd mychroot() { + # shellcheck disable=SC2317 echo mychroot "$*" } } diff --git a/tests/unit-tests/test-common.sh b/tests/unit-tests/test-common.sh index d0a6c0b..89c1a1e 100755 --- a/tests/unit-tests/test-common.sh +++ b/tests/unit-tests/test-common.sh @@ -22,8 +22,10 @@ function oneTimeTearDown(){ function setUp(){ ld_exec_mock() { + # shellcheck disable=SC2317 echo "ld_exec $*" } + # shellcheck disable=SC2317 ld_exec_mock_false() { echo "ld_exec $*" return 1 @@ -32,11 +34,13 @@ function setUp(){ LD_EXEC=ld_exec_mock unshare_mock() { + # shellcheck disable=SC2317 echo "unshare $*" } # shellcheck disable=SC2034 UNSHARE=unshare_mock + # shellcheck disable=SC2317 bwrap_mock() { echo "bwrap $*" } @@ -173,6 +177,7 @@ function test_proot_cmd_compat(){ function test_proot_cmd_seccomp(){ envv(){ + # shellcheck disable=SC2317 env } PROOT=envv @@ -180,6 +185,7 @@ function test_proot_cmd_seccomp(){ assertEquals "" "$(grep "^PROOT_NO_SECCOMP" "$STDOUTF")" envv(){ + # shellcheck disable=SC2317 env | grep "^PROOT_NO_SECCOMP" } # shellcheck disable=SC2034 @@ -193,6 +199,7 @@ PROOT_NO_SECCOMP=1" "$(grep "^PROOT_NO_SECCOMP" "$STDOUTF")" function test_copy_passwd_and_group(){ getent_cmd_mock() { + # shellcheck disable=SC2317 echo "$*" } GETENT=getent_cmd_mock assertCommandSuccess copy_passwd_and_group @@ -202,6 +209,7 @@ function test_copy_passwd_and_group(){ function test_copy_passwd_and_group_fallback(){ cp_cmd_mock() { + # shellcheck disable=SC2317 echo "$*" } CP=cp_cmd_mock GETENT=false LD_EXEC=false assertCommandSuccess copy_passwd_and_group diff --git a/tests/unit-tests/test-junest.sh b/tests/unit-tests/test-junest.sh index 086062f..07a92b1 100755 --- a/tests/unit-tests/test-junest.sh +++ b/tests/unit-tests/test-junest.sh @@ -15,25 +15,32 @@ function oneTimeSetUp(){ function setUp(){ ## Mock functions ## + # shellcheck disable=SC2317 function usage(){ echo "usage" } + # shellcheck disable=SC2317 function version(){ echo "version" } + # shellcheck disable=SC2317 function build_image_env(){ local disable_check=$1 echo "build_image_env($disable_check)" } + # shellcheck disable=SC2317 function delete_env(){ echo "delete_env" } + # shellcheck disable=SC2317 function setup_env_from_file(){ echo "setup_env_from_file($1)" } + # shellcheck disable=SC2317 function setup_env(){ echo "setup_env($1)" } + # shellcheck disable=SC2317 function run_env_as_proot_fakeroot(){ local backend_command="$1" local backend_args="$2" @@ -41,6 +48,7 @@ function setUp(){ shift 3 echo "run_env_as_proot_fakeroot($backend_command,$backend_args,$no_copy_files,$*)" } + # shellcheck disable=SC2317 function run_env_as_groot(){ local backend_command="$1" local backend_args="$2" @@ -48,6 +56,7 @@ function setUp(){ shift 3 echo "run_env_as_groot($backend_command,$backend_args,$no_copy_files,$*)" } + # shellcheck disable=SC2317 function run_env_as_chroot(){ local backend_command="$1" local backend_args="$2" @@ -55,6 +64,7 @@ function setUp(){ shift 3 echo "run_env_as_chroot($backend_command,$backend_args,$no_copy_files,$*)" } + # shellcheck disable=SC2317 function run_env_as_proot_user(){ local backend_command="$1" local backend_args="$2" @@ -62,6 +72,7 @@ function setUp(){ shift 3 echo "run_env_as_proot_user($backend_command,$backend_args,$no_copy_files,$*)" } + # shellcheck disable=SC2317 function run_env_as_bwrap_fakeroot(){ local backend_command="$1" local backend_args="$2" @@ -69,6 +80,7 @@ function setUp(){ shift 3 echo "run_env_as_bwrap_fakeroot($backend_command,$backend_args,$no_copy_files,$*)" } + # shellcheck disable=SC2317 function run_env_as_bwrap_user(){ local backend_command="$1" local backend_args="$2" @@ -76,9 +88,11 @@ function setUp(){ shift 3 echo "run_env_as_bwrap_user($backend_command,$backend_args,$no_copy_files,$*)" } + # shellcheck disable=SC2317 function is_env_installed(){ return 0 } + # shellcheck disable=SC2317 function create_wrappers(){ : } @@ -108,6 +122,7 @@ function test_build_image_env(){ } function test_create_wrappers(){ + # shellcheck disable=SC2317 function create_wrappers(){ local force=$1 echo "create_wrappers($force)" @@ -126,6 +141,7 @@ function test_delete_env(){ assertEquals "delete_env" "$(cat "$STDOUTF")" } function test_setup_env_from_file(){ + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -134,6 +150,7 @@ function test_setup_env_from_file(){ assertCommandSuccess main setup --from-file myimage assertEquals "setup_env_from_file(myimage)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 0 } @@ -141,6 +158,7 @@ function test_setup_env_from_file(){ } function test_setup_env(){ + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -153,6 +171,7 @@ function test_setup_env(){ assertCommandSuccess main setup --arch arm assertEquals "setup_env(arm)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 0 } @@ -181,6 +200,7 @@ function test_run_env_as_proot_fakeroot(){ assertCommandSuccess main proot -f -- command --as assertEquals "run_env_as_proot_fakeroot(,,false,command --as)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -207,6 +227,7 @@ function test_run_env_as_user(){ assertCommandSuccess main proot -- command -ls assertEquals "run_env_as_proot_user(,,false,command -ls)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -231,6 +252,7 @@ function test_run_env_as_groot(){ assertCommandSuccess main groot -- command assertEquals "run_env_as_groot(,,false,command)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -253,6 +275,7 @@ function test_run_env_as_chroot(){ assertCommandSuccess main root -- command assertEquals "run_env_as_chroot(,,false,command)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -295,6 +318,7 @@ function test_run_env_as_bwrap_fakeroot(){ assertCommandSuccess main -f -- command --as assertEquals "run_env_as_bwrap_fakeroot(,,false,command --as)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 1 } @@ -337,6 +361,7 @@ function test_run_env_as_bwrap_user(){ assertCommandSuccess main -- command --as assertEquals "run_env_as_bwrap_user(,,false,command --as)" "$(cat "$STDOUTF")" + # shellcheck disable=SC2317 is_env_installed(){ return 1 } diff --git a/tests/unit-tests/test-namespace.sh b/tests/unit-tests/test-namespace.sh index 781ca92..7a845aa 100755 --- a/tests/unit-tests/test-namespace.sh +++ b/tests/unit-tests/test-namespace.sh @@ -16,6 +16,7 @@ function oneTimeSetUp(){ ## Mock functions ## function init_mocks() { + # shellcheck disable=SC2317 function bwrap_cmd(){ echo "$BWRAP $*" } diff --git a/tests/unit-tests/test-proot.sh b/tests/unit-tests/test-proot.sh index dfc7498..0f4f11a 100755 --- a/tests/unit-tests/test-proot.sh +++ b/tests/unit-tests/test-proot.sh @@ -49,6 +49,7 @@ function _test_copy_remaining_files() { } function test_run_env_as_proot_user(){ + # shellcheck disable=SC2317 _run_env_with_qemu() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 @@ -66,6 +67,7 @@ function test_run_env_as_proot_user(){ } function test_run_env_as_proot_user_with_backend_command(){ + # shellcheck disable=SC2317 _run_env_with_qemu() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 @@ -83,6 +85,7 @@ function test_run_env_as_proot_user_with_backend_command(){ } function test_run_env_as_proot_user_no_copy(){ + # shellcheck disable=SC2317 _run_env_with_qemu() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 @@ -120,6 +123,7 @@ function test_run_env_as_proot_user_nested_env(){ } function test_run_env_as_proot_fakeroot(){ + # shellcheck disable=SC2317 _run_env_with_qemu() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 @@ -136,6 +140,7 @@ function test_run_env_as_proot_fakeroot(){ } function test_run_env_as_proot_fakeroot_with_backend_command(){ + # shellcheck disable=SC2317 _run_env_with_qemu() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 @@ -159,6 +164,7 @@ function test_run_env_as_proot_fakeroot_nested_env(){ } function test_run_env_with_quotes(){ + # shellcheck disable=SC2317 _run_env_with_qemu() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 @@ -169,6 +175,7 @@ function test_run_env_with_quotes(){ } function test_run_env_with_proot_args(){ + # shellcheck disable=SC2317 proot_cmd() { [ "$JUNEST_ENV" != "1" ] && return 1 # shellcheck disable=SC2086 @@ -187,16 +194,19 @@ function test_run_env_with_proot_args(){ function test_qemu() { echo "JUNEST_ARCH=arm" > "${JUNEST_HOME}"/etc/junest/info + # shellcheck disable=SC2317 rm_cmd() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 echo $* } + # shellcheck disable=SC2317 ln_cmd() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 echo $* } + # shellcheck disable=SC2317 _run_env_with_proot() { # shellcheck disable=SC2086 # shellcheck disable=SC2048 diff --git a/tests/unit-tests/test-setup.sh b/tests/unit-tests/test-setup.sh index d8c2456..de2df75 100755 --- a/tests/unit-tests/test-setup.sh +++ b/tests/unit-tests/test-setup.sh @@ -35,6 +35,7 @@ function test_is_env_installed(){ function test_setup_env(){ rm -rf "${JUNEST_HOME:?}"/* + # shellcheck disable=SC2317 wget_mock(){ # Proof that the setup is happening # inside $JUNEST_TEMPDIR diff --git a/tests/unit-tests/test-wrappers.sh b/tests/unit-tests/test-wrappers.sh index eef1f38..ee9776f 100755 --- a/tests/unit-tests/test-wrappers.sh +++ b/tests/unit-tests/test-wrappers.sh @@ -70,6 +70,7 @@ function test_create_wrappers_verify_content(){ assertEquals "" "$(cat "$STDOUTF")" # Mock junest command to capture the actual output generated from myfile script + # shellcheck disable=SC2317 junest(){ for arg in "$@" do From e68c24dec630412b01f378ffe242f79a5586a38b Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Thu, 1 Aug 2024 20:29:07 +0200 Subject: [PATCH 19/24] 7.4.9 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index da8d653..14ebea1 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.8 +7.4.9 From 7af01ba4811b03c4764727803a4c4c3d30e23c6c Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Tue, 8 Oct 2024 01:04:11 +0200 Subject: [PATCH 20/24] Fix pacman 7 usage during build --- lib/core/build.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/core/build.sh b/lib/core/build.sh index 7a2ef9d..cf23f67 100644 --- a/lib/core/build.sh +++ b/lib/core/build.sh @@ -65,6 +65,9 @@ function build_image_env(){ # https://app.travis-ci.com/github/fsquillace/junest/builds/268216346 [[ -e "${maindir}"/root/etc/pacman.conf ]] || sudo curl "https://gitlab.archlinux.org/archlinux/packaging/packages/pacman/-/raw/main/pacman.conf" -o "${maindir}/root/etc/pacman.conf" + # Pacman/pacstrap bug: https://gitlab.archlinux.org/archlinux/packaging/packages/arch-install-scripts/-/issues/3 + sudo sed -i '/^DownloadUser = alpm$/d' "${maindir}"/root/etc/pacman.conf + sudo tee -a "${maindir}"/root/etc/pacman.conf < Date: Tue, 8 Oct 2024 01:10:24 +0200 Subject: [PATCH 21/24] Do not remove gzip during build --- lib/core/build.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/core/build.sh b/lib/core/build.sh index cf23f67..9d985ea 100644 --- a/lib/core/build.sh +++ b/lib/core/build.sh @@ -87,13 +87,13 @@ EOT info "Generating the locales..." # sed command is required for locale-gen but it is required by fakeroot # and cannot be removed - # localedef (called by locale-gen) requires gzip + # localedef (called by locale-gen) requires gzip but it is supposed to be + # already installed as systemd already depends on it sudo pacman --noconfirm --root "${maindir}"/root -S sed gzip sudo ln -sf /usr/share/zoneinfo/posix/UTC "${maindir}"/root/etc/localtime sudo bash -c "echo 'en_US.UTF-8 UTF-8' >> ${maindir}/root/etc/locale.gen" sudo "${maindir}"/root/bin/groot "${maindir}"/root locale-gen sudo bash -c "echo LANG=\"en_US.UTF-8\" >> ${maindir}/root/etc/locale.conf" - sudo pacman --noconfirm --root "${maindir}"/root -Rsn gzip info "Setting up the pacman keyring (this might take a while!)..." if [[ $(uname -m) == *"arm"* ]] From e2d9517a92093b6e5caddc5ab8c2254e76819134 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Tue, 8 Oct 2024 19:47:29 +0200 Subject: [PATCH 22/24] Test enabling back the check scripts --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 8efa537..fab23ba 100644 --- a/.travis.yml +++ b/.travis.yml @@ -51,7 +51,7 @@ script: - junest setup -i junest-x86_64.tar.gz # TODO The check does not work at the moment: https://app.travis-ci.com/github/fsquillace/junest/builds/271706037 # Disabling it in order to avoid having stale version of junest images. - # - ${PWD}/lib/checks/check_all.sh + - ${PWD}/lib/checks/check_all.sh - yes | junest setup --delete From 0242749f8e39af96e5f1837e1ecfce3f4c146b07 Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sat, 12 Oct 2024 11:34:38 +0200 Subject: [PATCH 23/24] Replace yay with yay-git --- lib/core/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/core/build.sh b/lib/core/build.sh index 9d985ea..65a9474 100644 --- a/lib/core/build.sh +++ b/lib/core/build.sh @@ -76,7 +76,7 @@ Server = https://raw.githubusercontent.com/fsquillace/junest-repo/master/any EOT info "pacman.conf being used:" cat "${maindir}"/root/etc/pacman.conf - sudo pacman --noconfirm --config "${maindir}"/root/etc/pacman.conf --root "${maindir}"/root -Sy sudo-fake groot-git proot-static qemu-user-static-bin-alt yay + sudo pacman --noconfirm --config "${maindir}"/root/etc/pacman.conf --root "${maindir}"/root -Sy sudo-fake groot-git proot-static qemu-user-static-bin-alt yay-git echo "Generating the metadata info" sudo install -d -m 755 "${maindir}/root/etc/${CMD}" From 0037f96e159a143e37db978e537e3fb362ba3a5b Mon Sep 17 00:00:00 2001 From: Filippo Squillace Date: Sat, 12 Oct 2024 11:53:52 +0200 Subject: [PATCH 24/24] Add warning box for Ubuntu restriction --- README.md | 7 +++++++ VERSION | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a7001ce..1268f8b 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,12 @@ JuNest ====== + +> [!IMPORTANT] +> Starting from Ubuntu 23.10+, [unprivileged user namespaces has been restricted](https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces). +> If using JuNest within Ubuntu, you may need root privileges in order to enable it. +> Alternatively, you can access JuNest using the `proot` mode as described +> [below](#Proot-based). + The lightweight Arch Linux based distro that runs, without root privileges, on top of any other Linux distro.

diff --git a/VERSION b/VERSION index 14ebea1..ef13716 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -7.4.9 +7.4.10