https://lwn.net/Articles/689856/ This is a special feed containing comments posted to the individual LWN article titled "Mount namespaces and shared subtrees". en-us Wed, 15 Oct 2025 19:10:58 +0000 Wed, 15 Oct 2025 19:10:58 +0000 https://www.rssboard.org/rss-specification lwn@lwn.net https://lwn.net/Articles/858734/ https://lwn.net/Articles/858734/ imlk <div class="FormattedComment"> Actually, the -r command in your command will create a new user namespace, and map your user ID to 0 (root) in this user namespace. That is why you can run chroot &quot;without&quot; root.<br> <p> As mentioned in this article (<a rel="nofollow" href="https://lwn.net/Articles/532593/">https://lwn.net/Articles/532593/</a>), starting with Linux 3.8, no privilege is required to create a new user namespace.<br> <p> </div> Wed, 09 Jun 2021 12:47:11 +0000 https://lwn.net/Articles/850621/ https://lwn.net/Articles/850621/ Hi-Angel Oh, I found in the other article, the command I was searching for is: <pre><code> unshare -mr chroot ~/Projects/an-alternative-root-dir /bin/bash </code></pre> This article prefixes the <code>unshare</code> command with <code>#</code> making it look as if you need root priviledges, but actually you don't need to run it as root. Running the above command as a usual user worked for me. Fri, 26 Mar 2021 01:09:04 +0000 https://lwn.net/Articles/850617/ https://lwn.net/Articles/850617/ Hi-Angel <div class="FormattedComment"> So, I got into this article because it was linked from &quot;unprivileged chroot&quot; as allegedly covering most of its usecases. Sounds nice to me: at work I&#x27;m just trying to solve the problem of root required to build a system image (specifically it is running `chroot` from non-root that&#x27;s causing the problem).<br> <p> Okay, so I read through this article, and it even has this mention:<br> <p> <font class="QuotedText">&gt; Other uses include […] chroot()-style isolation of a process to a portion of the single directory hierarchy</font><br> <p> How? I read through the whole article, and not only I don&#x27;t get how to do it unpriveleged (all commands here explicitly mention root) — in fact, I don&#x27;t even see an example of isolating a command to a new root.<br> </div> Fri, 26 Mar 2021 00:47:19 +0000 https://lwn.net/Articles/690655/ https://lwn.net/Articles/690655/ gutschke <div class="FormattedComment"> It took me forever to debug this problem, and only after reading this LWN article did I finally figure out why my computer would crash whenever I enabled "systemd".<br> <p> I have a cron job that uses "bup" to create regular snapshots of the entire filesystem. I then mount the most recent backup on "/backup". This way, I can easily recover from accidentally deleting important files or from accidentally breaking things when I make poorly conceived changes to configuration files.<br> <p> For additional convenience, I also bind-mount things like "/proc" and "/dev" into this snapshot. This allows me to "chroot" into "/backup", whenever I want to see how things changed with my edits. It's been working like this for years, and the extra safety net gives great peace of mind.<br> <p> Turns out, the new "systemd" policy for shared mounts means that umounting "/backup/dev/pts" also automatically unmounts the global "/dev/pts". And that has devastating effects. The system only survives very briefly afterwards.<br> <p> I have a really hard time seeing how this behavior can ever be desirable for bind mounts (most notably for the "rbind" variety).<br> </div> Thu, 09 Jun 2016 16:35:47 +0000 https://lwn.net/Articles/690639/ https://lwn.net/Articles/690639/ grawity The "shared" mode is probably a nicer default but it breaks <code>mount --move</code> as a side effect, so I've seen a few complaints when this was first added to systemd. Thu, 09 Jun 2016 14:42:13 +0000