binpash / try Goto Github PK

View Code? Open in Web Editor NEW

5.1K 10.0 64.0 9.95 MB

Inspect a command's effects before modifying your live system

License: MIT License

Shell 100.00%

administration containers shell tools virtualization

try's People

Contributors

Stargazers

Watchers

try's Issues

`try explore` to launch a shell

Just start the user's default login shell in the overlay.

Failure on Ubuntu 22.04 (reopened)

I've tried the following (as a normal user) on my Ubuntu 22.04 64bit machine on a "nested-mount" branch:

$ git switch nested-mount
$ bash -x try pip install click
+ TRY_VERSION=0.1.0
+ NO_COMMIT=interactive
+ getopts :yvnD: opt
+ shift 0
+ '[' 3 -eq 0 ']'
+ case "$1" in
+ try pip install click
+ START_DIR=/home/adam/tmp/try
+ '[' '' ']'
++ mktemp -d
+ SANDBOX_DIR=/tmp/tmp.YMBs4wsY3M
+ export SANDBOX_DIR
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir /tmp/tmp.YMBs4wsY3M/workdir /tmp/tmp.YMBs4wsY3M/temproot
++ findmnt --real -r -o target -n
++ grep -v '^/$'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /bin ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//bin /tmp/tmp.YMBs4wsY3M/workdir//bin /tmp/tmp.YMBs4wsY3M/temproot//bin
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /boot ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//boot /tmp/tmp.YMBs4wsY3M/workdir//boot /tmp/tmp.YMBs4wsY3M/temproot//boot
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /dev ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//dev /tmp/tmp.YMBs4wsY3M/workdir//dev /tmp/tmp.YMBs4wsY3M/temproot//dev
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /etc ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//etc /tmp/tmp.YMBs4wsY3M/workdir//etc /tmp/tmp.YMBs4wsY3M/temproot//etc
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /home ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//home /tmp/tmp.YMBs4wsY3M/workdir//home /tmp/tmp.YMBs4wsY3M/temproot//home
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /lib ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//lib /tmp/tmp.YMBs4wsY3M/workdir//lib /tmp/tmp.YMBs4wsY3M/temproot//lib
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /lib32 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//lib32 /tmp/tmp.YMBs4wsY3M/workdir//lib32 /tmp/tmp.YMBs4wsY3M/temproot//lib32
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /lib64 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//lib64 /tmp/tmp.YMBs4wsY3M/workdir//lib64 /tmp/tmp.YMBs4wsY3M/temproot//lib64
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /libx32 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//libx32 /tmp/tmp.YMBs4wsY3M/workdir//libx32 /tmp/tmp.YMBs4wsY3M/temproot//libx32
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /media ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//media /tmp/tmp.YMBs4wsY3M/workdir//media /tmp/tmp.YMBs4wsY3M/temproot//media
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /mnt ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//mnt /tmp/tmp.YMBs4wsY3M/workdir//mnt /tmp/tmp.YMBs4wsY3M/temproot//mnt
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /opt ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//opt /tmp/tmp.YMBs4wsY3M/workdir//opt /tmp/tmp.YMBs4wsY3M/temproot//opt
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /Passwords2.kdbx ']'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /photoprism ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//photoprism /tmp/tmp.YMBs4wsY3M/workdir//photoprism /tmp/tmp.YMBs4wsY3M/temproot//photoprism
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /proc ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//proc /tmp/tmp.YMBs4wsY3M/workdir//proc /tmp/tmp.YMBs4wsY3M/temproot//proc
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /root ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//root /tmp/tmp.YMBs4wsY3M/workdir//root /tmp/tmp.YMBs4wsY3M/temproot//root
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /run ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//run /tmp/tmp.YMBs4wsY3M/workdir//run /tmp/tmp.YMBs4wsY3M/temproot//run
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /sbin ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//sbin /tmp/tmp.YMBs4wsY3M/workdir//sbin /tmp/tmp.YMBs4wsY3M/temproot//sbin
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap /tmp/tmp.YMBs4wsY3M/workdir//snap /tmp/tmp.YMBs4wsY3M/temproot//snap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /srv ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//srv /tmp/tmp.YMBs4wsY3M/workdir//srv /tmp/tmp.YMBs4wsY3M/temproot//srv
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /@swap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//@swap /tmp/tmp.YMBs4wsY3M/workdir//@swap /tmp/tmp.YMBs4wsY3M/temproot//@swap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /swap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//swap /tmp/tmp.YMBs4wsY3M/workdir//swap /tmp/tmp.YMBs4wsY3M/temproot//swap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /swap.img ']'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /sys ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//sys /tmp/tmp.YMBs4wsY3M/workdir//sys /tmp/tmp.YMBs4wsY3M/temproot//sys
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /tmp ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//tmp /tmp/tmp.YMBs4wsY3M/workdir//tmp /tmp/tmp.YMBs4wsY3M/temproot//tmp
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /usr ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//usr /tmp/tmp.YMBs4wsY3M/workdir//usr /tmp/tmp.YMBs4wsY3M/temproot//usr
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /var ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//var /tmp/tmp.YMBs4wsY3M/workdir//var /tmp/tmp.YMBs4wsY3M/temproot//var
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/acrordrdc/62 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/acrordrdc/62 /tmp/tmp.YMBs4wsY3M/workdir//snap/acrordrdc/62 /tmp/tmp.YMBs4wsY3M/temproot//snap/acrordrdc/62
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/audacity/1051 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/audacity/1051 /tmp/tmp.YMBs4wsY3M/workdir//snap/audacity/1051 /tmp/tmp.YMBs4wsY3M/temproot//snap/audacity/1051
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/bare/5 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/bare/5 /tmp/tmp.YMBs4wsY3M/workdir//snap/bare/5 /tmp/tmp.YMBs4wsY3M/temproot//snap/bare/5
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/blender/3584 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/blender/3584 /tmp/tmp.YMBs4wsY3M/workdir//snap/blender/3584 /tmp/tmp.YMBs4wsY3M/temproot//snap/blender/3584
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/chromium/2497 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/chromium/2497 /tmp/tmp.YMBs4wsY3M/workdir//snap/chromium/2497 /tmp/tmp.YMBs4wsY3M/temproot//snap/chromium/2497
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/clion/237 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/clion/237 /tmp/tmp.YMBs4wsY3M/workdir//snap/clion/237 /tmp/tmp.YMBs4wsY3M/temproot//snap/clion/237
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/code/132 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/code/132 /tmp/tmp.YMBs4wsY3M/workdir//snap/code/132 /tmp/tmp.YMBs4wsY3M/temproot//snap/code/132
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core/14946 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core/14946 /tmp/tmp.YMBs4wsY3M/workdir//snap/core/14946 /tmp/tmp.YMBs4wsY3M/temproot//snap/core/14946
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core18/2785 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core18/2785 /tmp/tmp.YMBs4wsY3M/workdir//snap/core18/2785 /tmp/tmp.YMBs4wsY3M/temproot//snap/core18/2785
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/cups/872 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/cups/872 /tmp/tmp.YMBs4wsY3M/workdir//snap/cups/872 /tmp/tmp.YMBs4wsY3M/temproot//snap/cups/872
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core20/1891 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core20/1891 /tmp/tmp.YMBs4wsY3M/workdir//snap/core20/1891 /tmp/tmp.YMBs4wsY3M/temproot//snap/core20/1891
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core22/750 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core22/750 /tmp/tmp.YMBs4wsY3M/workdir//snap/core22/750 /tmp/tmp.YMBs4wsY3M/temproot//snap/core22/750
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/ffmpeg/1286 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/ffmpeg/1286 /tmp/tmp.YMBs4wsY3M/workdir//snap/ffmpeg/1286 /tmp/tmp.YMBs4wsY3M/temproot//snap/ffmpeg/1286
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/firefox/2710 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/firefox/2710 /tmp/tmp.YMBs4wsY3M/workdir//snap/firefox/2710 /tmp/tmp.YMBs4wsY3M/temproot//snap/firefox/2710
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gnome-3-28-1804/198 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gnome-3-28-1804/198 /tmp/tmp.YMBs4wsY3M/workdir//snap/gnome-3-28-1804/198 /tmp/tmp.YMBs4wsY3M/temproot//snap/gnome-3-28-1804/198
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gimp/393 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gimp/393 /tmp/tmp.YMBs4wsY3M/workdir//snap/gimp/393 /tmp/tmp.YMBs4wsY3M/temproot//snap/gimp/393
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gnome-3-34-1804/93 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gnome-3-34-1804/93 /tmp/tmp.YMBs4wsY3M/workdir//snap/gnome-3-34-1804/93 /tmp/tmp.YMBs4wsY3M/temproot//snap/gnome-3-34-1804/93
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gtk2-common-themes/13 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gtk2-common-themes/13 /tmp/tmp.YMBs4wsY3M/workdir//snap/gtk2-common-themes/13 /tmp/tmp.YMBs4wsY3M/temproot//snap/gtk2-common-themes/13
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gnome-3-38-2004/140 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gnome-3-38-2004/140 /tmp/tmp.YMBs4wsY3M/workdir//snap/gnome-3-38-2004/140 /tmp/tmp.YMBs4wsY3M/temproot//snap/gnome-3-38-2004/140
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gtk-common-themes/1535 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gtk-common-themes/1535 /tmp/tmp.YMBs4wsY3M/workdir//snap/gtk-common-themes/1535 /tmp/tmp.YMBs4wsY3M/temproot//snap/gtk-common-themes/1535
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/inkscape/10536 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/inkscape/10536 /tmp/tmp.YMBs4wsY3M/workdir//snap/inkscape/10536 /tmp/tmp.YMBs4wsY3M/temproot//snap/inkscape/10536
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/intellij-idea-ultimate/430 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/intellij-idea-ultimate/430 /tmp/tmp.YMBs4wsY3M/workdir//snap/intellij-idea-ultimate/430 /tmp/tmp.YMBs4wsY3M/temproot//snap/intellij-idea-ultimate/430
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/kf5-5-104-qt-5-15-8-core22/9 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/kf5-5-104-qt-5-15-8-core22/9 /tmp/tmp.YMBs4wsY3M/workdir//snap/kf5-5-104-qt-5-15-8-core22/9 /tmp/tmp.YMBs4wsY3M/temproot//snap/kf5-5-104-qt-5-15-8-core22/9
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/kde-frameworks-5-core18/35 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/kde-frameworks-5-core18/35 /tmp/tmp.YMBs4wsY3M/workdir//snap/kde-frameworks-5-core18/35 /tmp/tmp.YMBs4wsY3M/temproot//snap/kde-frameworks-5-core18/35
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/losslesscut/114 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/losslesscut/114 /tmp/tmp.YMBs4wsY3M/workdir//snap/losslesscut/114 /tmp/tmp.YMBs4wsY3M/temproot//snap/losslesscut/114
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/krita/90 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/krita/90 /tmp/tmp.YMBs4wsY3M/workdir//snap/krita/90 /tmp/tmp.YMBs4wsY3M/temproot//snap/krita/90
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/lxd/24322 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/lxd/24322 /tmp/tmp.YMBs4wsY3M/workdir//snap/lxd/24322 /tmp/tmp.YMBs4wsY3M/temproot//snap/lxd/24322
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/marp-cli-carroarmato0/33 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/marp-cli-carroarmato0/33 /tmp/tmp.YMBs4wsY3M/workdir//snap/marp-cli-carroarmato0/33 /tmp/tmp.YMBs4wsY3M/temproot//snap/marp-cli-carroarmato0/33
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/rubymine/365 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/rubymine/365 /tmp/tmp.YMBs4wsY3M/workdir//snap/rubymine/365 /tmp/tmp.YMBs4wsY3M/temproot//snap/rubymine/365
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/pycharm-professional/336 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/pycharm-professional/336 /tmp/tmp.YMBs4wsY3M/workdir//snap/pycharm-professional/336 /tmp/tmp.YMBs4wsY3M/temproot//snap/pycharm-professional/336
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/snapd/19361 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/snapd/19361 /tmp/tmp.YMBs4wsY3M/workdir//snap/snapd/19361 /tmp/tmp.YMBs4wsY3M/temproot//snap/snapd/19361
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/scantailor-advanced/3 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/scantailor-advanced/3 /tmp/tmp.YMBs4wsY3M/workdir//snap/scantailor-advanced/3 /tmp/tmp.YMBs4wsY3M/temproot//snap/scantailor-advanced/3
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/sharik-app/9 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/sharik-app/9 /tmp/tmp.YMBs4wsY3M/workdir//snap/sharik-app/9 /tmp/tmp.YMBs4wsY3M/temproot//snap/sharik-app/9
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/sweethome3d-homedesign/15 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/sweethome3d-homedesign/15 /tmp/tmp.YMBs4wsY3M/workdir//snap/sweethome3d-homedesign/15 /tmp/tmp.YMBs4wsY3M/temproot//snap/sweethome3d-homedesign/15
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /var/snap/firefox/common/host-hunspell ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//var/snap/firefox/common/host-hunspell /tmp/tmp.YMBs4wsY3M/workdir//var/snap/firefox/common/host-hunspell /tmp/tmp.YMBs4wsY3M/temproot//var/snap/firefox/common/host-hunspell
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/vlc/3078 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/vlc/3078 /tmp/tmp.YMBs4wsY3M/workdir//snap/vlc/3078 /tmp/tmp.YMBs4wsY3M/temproot//snap/vlc/3078
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/telegram-desktop/4743 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/telegram-desktop/4743 /tmp/tmp.YMBs4wsY3M/workdir//snap/telegram-desktop/4743 /tmp/tmp.YMBs4wsY3M/temproot//snap/telegram-desktop/4743
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/wine-platform-runtime/349 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/wine-platform-runtime/349 /tmp/tmp.YMBs4wsY3M/workdir//snap/wine-platform-runtime/349 /tmp/tmp.YMBs4wsY3M/temproot//snap/wine-platform-runtime/349
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/wine-platform-6-stable/19 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/wine-platform-6-stable/19 /tmp/tmp.YMBs4wsY3M/workdir//snap/wine-platform-6-stable/19 /tmp/tmp.YMBs4wsY3M/temproot//snap/wine-platform-6-stable/19
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /swap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//swap /tmp/tmp.YMBs4wsY3M/workdir//swap /tmp/tmp.YMBs4wsY3M/temproot//swap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /boot ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//boot /tmp/tmp.YMBs4wsY3M/workdir//boot /tmp/tmp.YMBs4wsY3M/temproot//boot
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /boot/efi ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//boot/efi /tmp/tmp.YMBs4wsY3M/workdir//boot/efi /tmp/tmp.YMBs4wsY3M/temproot//boot/efi
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /var/lib/docker/btrfs ']'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /home/adam ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//home/adam /tmp/tmp.YMBs4wsY3M/workdir//home/adam /tmp/tmp.YMBs4wsY3M/temproot//home/adam
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /home/Adama-docs ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//home/Adama-docs /tmp/tmp.YMBs4wsY3M/workdir//home/Adama-docs /tmp/tmp.YMBs4wsY3M/temproot//home/Adama-docs
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /run/user/1000/doc ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//run/user/1000/doc /tmp/tmp.YMBs4wsY3M/workdir//run/user/1000/doc /tmp/tmp.YMBs4wsY3M/temproot//run/user/1000/doc
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /media/adam-minipc/videos ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//media/adam-minipc/videos /tmp/tmp.YMBs4wsY3M/workdir//media/adam-minipc/videos /tmp/tmp.YMBs4wsY3M/temproot//media/adam-minipc/videos
++ mktemp
+ mount_and_execute=/tmp/tmp.tHOQLkXJB1
++ mktemp
+ export chroot_executable=/tmp/tmp.4d5roj1rEM
+ chroot_executable=/tmp/tmp.4d5roj1rEM
++ mktemp
+ export try_mount_log=/tmp/tmp.oMWt0UuKh7
+ try_mount_log=/tmp/tmp.oMWt0UuKh7
+ cat
+ cat
+ chmod +x /tmp/tmp.tHOQLkXJB1 /tmp/tmp.4d5roj1rEM
+ unshare --mount --map-root-user --user --pid --fork /tmp/tmp.tHOQLkXJB1
Warning: Failed to mount /boot via mergerfs
Warning: Failed to mount /home via mergerfs
Warning: Failed to mount /media via mergerfs
Warning: Failed to mount /run via mergerfs
Warning: Failed to mount /snap via mergerfs
Warning: Failed to mount /sys via mergerfs
Warning: Failed to mount /var via mergerfs
Warning: Failed to mount /run/user/1000/doc via mergerfs
Warning: Failed to mount /boot via mergerfs
Warning: Failed to mount /boot/efi via mergerfs

The process then hangs for at least 5 minutes (much, much longer than it takes to do pip install click.

The issue is re-opened upon request of @ericzty .

It failed without a comprehensive error message (folder /home/Adama-docs/Adam/linux/tmp/try obviously exists, as this is the place the repository was cloned).

Running commands that access the network

It seems that try blocks any kind of network access:

$ try "ping -c3 www.google.com"
mount: /tmp/tmp.l06qs0JdDT/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.l06qs0JdDT/temproot/var: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
ping: www.google.com: Temporary failure in name resolution

$ try curl www.google.com
mount: /tmp/tmp.8hpad1vI2s/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.8hpad1vI2s/temproot/var: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
curl: (6) Could not resolve host: www.google.com

Despite this, unshare --mount --map-root-user --user --pid --fork curl www.google.com runs successfully.

Also, double checked that we are not unsharing the network namespace anywhere.

Tests that reuse `SANDBOX_DIR`

We should have tests that run multiple commands in the same sandbox. (Not quite the same as try explore from #5, but related.)

VM tests on Github Actions

Run tests with vagrant VMs on github actions to be able to test nested mounts and the other bugfixes.

Things that we want to test

SELinux?
Other distros
Basic LVM setups (with /home mounted separately, and other nested mounts) #19
More curl | bash scripts

Could not delete created temporary path

OS info:

➜  try git:(main) ✗ cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.2 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.2 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

Minimal Reproducible Script：

#!/usr/bin/bash

cur=$(pwd)

sudo rm -rf /tmp/tmp.*
$cur/try -y touch $HOME/testfile
ls -l /tmp/testfile
ls -l /tmp/tmp.*
rm -rf /tmp/tmp.*
$cur/try -y rm $HOME/testfile
ls -l /tmp/testfile
ls -l /tmp/tmp.*
rm -rf /tmp/tmp.*

Output logs:

➜  try git:(main) ✗ sh a.sh
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.iWAZWwEcHw
Warning: Failed mounting /snap as an overlay, see /tmp/tmp.iWAZWwEcHw
Warning: Failed mounting /var as an overlay, see /tmp/tmp.iWAZWwEcHw
Warning: Failed mounting /snap/bare/5 as an overlay, see /tmp/tmp.iWAZWwEcHw
...
Warning: Failed mounting /snap/firefox/2800 as an overlay, see /tmp/tmp.iWAZWwEcHw
ls: cannot access '/tmp/testfile': No such file or directory
-rw------- 1 yiran yiran 2668  6月 25 17:28 /tmp/tmp.iWAZWwEcHw
-rwx--x--x 1 yiran yiran  120  6月 25 17:28 /tmp/tmp.pU1iJHkqNZ
-rwx--x--x 1 yiran yiran 1824  6月 25 17:28 /tmp/tmp.ZJln7EqgWV

/tmp/tmp.a5YeVGkibC:
total 12
drwxrwxr-x 29 yiran yiran 4096  6月 25 17:28 temproot
drwxrwxr-x 29 yiran yiran 4096  6月 25 17:28 upperdir
drwxrwxr-x 29 yiran yiran 4096  6月 25 17:28 workdir
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /var as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/bare/5 as an overlay, see /tmp/tmp.1amwhWmW0M
...
Warning: Failed mounting /var/snap/firefox/common/host-hunspell as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/snapd/19361 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/core18/2785 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/slack/79 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/gnome-42-2204/111 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/snapd/19457 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/core20/1950 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/core22/766 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/firefox/2800 as an overlay, see /tmp/tmp.1amwhWmW0M
ls: cannot access '/tmp/testfile': No such file or directory
-rw------- 1 yiran yiran 2668  6月 25 17:28 /tmp/tmp.1amwhWmW0M
-rwx--x--x 1 yiran yiran  117  6月 25 17:28 /tmp/tmp.iNGI2499F3
-rwx--x--x 1 yiran yiran 1824  6月 25 17:28 /tmp/tmp.LjL0GhNZOQ

/tmp/tmp.j8aZKEw1zb:
total 12
drwxrwxr-x 29 yiran yiran 4096  6月 25 17:28 temproot
drwxrwxr-x 29 yiran yiran 4096  6月 25 17:28 upperdir
drwxrwxr-x 29 yiran yiran 4096  6月 25 17:28 workdir
rm: cannot remove '/tmp/tmp.j8aZKEw1zb/workdir/home/work': Permission denied

The file path operated by the try command will remain, and then cannot be deleted by the current user.

We want a test that first starts an interactive command, e.g., try bash, and then run a few more commands and exit, to make sure that the summary function does not get sent to the background after the user's process finishes.

Unshare fails on nested mounts

On a docker container, --privileged is required for unshare to work.
When running try, mount fails in the overlayfs.

❯ ./try echo hi
mount: /tmp/tmp.nFUDbAZ10u/temproot/bin: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.nFUDbAZ10u/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.nFUDbAZ10u/temproot/etc: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
<snip>
unshare: failed to execute /bin/bash: No such file or directory

Failure on Ubuntu 22.04

I've tried the following (as normal user) on my Ubuntu 22.04 64bit machine:

$ bash -x ./try pip install ipython
+ TRY_VERSION=0.1.0
+ NO_COMMIT=interactive
+ getopts :yvnD: opt
+ shift 0
+ '[' 3 -eq 0 ']'
+ case "$1" in
+ try pip install ipython
+ START_DIR=/home/Adama-docs/Adam/linux/tmp/try
+ '[' '' ']'
++ mktemp -d
+ SANDBOX_DIR=/tmp/tmp.zehcnpM68I
+ export SANDBOX_DIR
+ mkdir -p /tmp/tmp.zehcnpM68I/upperdir /tmp/tmp.zehcnpM68I/workdir /tmp/tmp.zehcnpM68I/temproot
+ for top_dir in /*
+ '[' -d /bin ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//bin /tmp/tmp.zehcnpM68I/workdir//bin /tmp/tmp.zehcnpM68I/temproot//bin
+ for top_dir in /*
+ '[' -d /boot ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//boot /tmp/tmp.zehcnpM68I/workdir//boot /tmp/tmp.zehcnpM68I/temproot//boot
+ for top_dir in /*
+ '[' -d /dev ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//dev /tmp/tmp.zehcnpM68I/workdir//dev /tmp/tmp.zehcnpM68I/temproot//dev
+ for top_dir in /*
+ '[' -d /etc ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//etc /tmp/tmp.zehcnpM68I/workdir//etc /tmp/tmp.zehcnpM68I/temproot//etc
+ for top_dir in /*
+ '[' -d /home ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//home /tmp/tmp.zehcnpM68I/workdir//home /tmp/tmp.zehcnpM68I/temproot//home
+ for top_dir in /*
+ '[' -d /lib ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//lib /tmp/tmp.zehcnpM68I/workdir//lib /tmp/tmp.zehcnpM68I/temproot//lib
+ for top_dir in /*
+ '[' -d /lib32 ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//lib32 /tmp/tmp.zehcnpM68I/workdir//lib32 /tmp/tmp.zehcnpM68I/temproot//lib32
+ for top_dir in /*
+ '[' -d /lib64 ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//lib64 /tmp/tmp.zehcnpM68I/workdir//lib64 /tmp/tmp.zehcnpM68I/temproot//lib64
+ for top_dir in /*
+ '[' -d /libx32 ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//libx32 /tmp/tmp.zehcnpM68I/workdir//libx32 /tmp/tmp.zehcnpM68I/temproot//libx32
+ for top_dir in /*
+ '[' -d /media ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//media /tmp/tmp.zehcnpM68I/workdir//media /tmp/tmp.zehcnpM68I/temproot//media
+ for top_dir in /*
+ '[' -d /mnt ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//mnt /tmp/tmp.zehcnpM68I/workdir//mnt /tmp/tmp.zehcnpM68I/temproot//mnt
+ for top_dir in /*
+ '[' -d /opt ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//opt /tmp/tmp.zehcnpM68I/workdir//opt /tmp/tmp.zehcnpM68I/temproot//opt
+ for top_dir in /*
+ '[' -d /Passwords2.kdbx ']'
+ for top_dir in /*
+ '[' -d /photoprism ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//photoprism /tmp/tmp.zehcnpM68I/workdir//photoprism /tmp/tmp.zehcnpM68I/temproot//photoprism
+ for top_dir in /*
+ '[' -d /proc ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//proc /tmp/tmp.zehcnpM68I/workdir//proc /tmp/tmp.zehcnpM68I/temproot//proc
+ for top_dir in /*
+ '[' -d /root ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//root /tmp/tmp.zehcnpM68I/workdir//root /tmp/tmp.zehcnpM68I/temproot//root
+ for top_dir in /*
+ '[' -d /run ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//run /tmp/tmp.zehcnpM68I/workdir//run /tmp/tmp.zehcnpM68I/temproot//run
+ for top_dir in /*
+ '[' -d /sbin ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//sbin /tmp/tmp.zehcnpM68I/workdir//sbin /tmp/tmp.zehcnpM68I/temproot//sbin
+ for top_dir in /*
+ '[' -d /snap ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//snap /tmp/tmp.zehcnpM68I/workdir//snap /tmp/tmp.zehcnpM68I/temproot//snap
+ for top_dir in /*
+ '[' -d /srv ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//srv /tmp/tmp.zehcnpM68I/workdir//srv /tmp/tmp.zehcnpM68I/temproot//srv
+ for top_dir in /*
+ '[' -d /@swap ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//@swap /tmp/tmp.zehcnpM68I/workdir//@swap /tmp/tmp.zehcnpM68I/temproot//@swap
+ for top_dir in /*
+ '[' -d /swap ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//swap /tmp/tmp.zehcnpM68I/workdir//swap /tmp/tmp.zehcnpM68I/temproot//swap
+ for top_dir in /*
+ '[' -d /swap.img ']'
+ for top_dir in /*
+ '[' -d /sys ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//sys /tmp/tmp.zehcnpM68I/workdir//sys /tmp/tmp.zehcnpM68I/temproot//sys
+ for top_dir in /*
+ '[' -d /tmp ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//tmp /tmp/tmp.zehcnpM68I/workdir//tmp /tmp/tmp.zehcnpM68I/temproot//tmp
+ for top_dir in /*
+ '[' -d /usr ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//usr /tmp/tmp.zehcnpM68I/workdir//usr /tmp/tmp.zehcnpM68I/temproot//usr
+ for top_dir in /*
+ '[' -d /var ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//var /tmp/tmp.zehcnpM68I/workdir//var /tmp/tmp.zehcnpM68I/temproot//var
++ mktemp
+ mount_and_execute=/tmp/tmp.vu7KwDCiXR
++ mktemp
+ export chroot_executable=/tmp/tmp.o2GNp8OpGq
+ chroot_executable=/tmp/tmp.o2GNp8OpGq
++ mktemp
+ export try_mount_log=/tmp/tmp.HYUBzRN8rm
+ try_mount_log=/tmp/tmp.HYUBzRN8rm
+ cat
+ cat
+ chmod +x /tmp/tmp.vu7KwDCiXR /tmp/tmp.o2GNp8OpGq
+ unshare --mount --map-root-user --user --pid --fork /tmp/tmp.vu7KwDCiXR
Warning: Failed mounting /home as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /media as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /snap as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /var as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /run/user/1000/doc as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /snap/acrordrdc/62 as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /snap/bare/5 as an overlay, see /tmp/tmp.HYUBzRN8rm
...
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /var/lib/docker/btrfs as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /home/adam as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /home/Adama-docs as an overlay, see /tmp/tmp.HYUBzRN8rm
/tmp/tmp.o2GNp8OpGq: line 4: cd: /home/Adama-docs/Adam/linux/tmp/try: No such file or directory
+ exitcode=1
+ case "$NO_COMMIT" in
+ summary /tmp/tmp.zehcnpM68I
+ '[' -d /tmp/tmp.zehcnpM68I ']'
+ '[' -d /tmp/tmp.zehcnpM68I/upperdir ']'
++ find /tmp/tmp.zehcnpM68I/upperdir/ -type f -or '(' -type c -size 0 ')'
++ ignore_changes
++ grep -v -e .rkr -e Rikerfile
+ changed_files=
+ '[' -z '' ']'
+ return 1
+ '[' 1 -eq 0 ']'
+ exit 1

/tmp/tmp.RqaXJrG4E1: line 4: cd: /home/Adama-docs/Adam/linux/tmp/try: No such file or directory

It failed without a comprehensive error message (folder /home/Adama-docs/Adam/linux/tmp/try obviously exists, as this is the place the repository was cloned).

Suggestion for See Also: checkinstall

This looks like a nice tool. Thanks for sharing it.

You may not be aware of an old tool named checkinstall, which works similarly: changes to the filesystem are intercepted, they are collected into a distro-specific package, and installed with the distro's package manager; then the package can be removed to undo the changes. It's been available in Debian, Red Hat, etc. for a long time.

It would be good to mention it in the readme as an alternative: http://checkinstall.izto.org/

Running apt

Currently try with apt install fails both with sudo in and out of the try:

$ ./try sudo apt install tmux
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: /usr/lib/sudo/sudoers.so must be owned by uid 0
sudo: fatal error, unable to load plugins

$ sudo ./try apt install tmux
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
  tmux
1 upgraded, 0 newly installed, 0 to remove and 227 not upgraded.
Need to get 292 kB of archives.
After this operation, 0 B of additional disk space will be used.
E: setgroups 65534 failed - setgroups (1: Operation not permitted)
E: setegid 65534 failed - setegid (22: Invalid argument)
E: seteuid 105 failed - seteuid (22: Invalid argument)
E: setgroups 0 failed - setgroups (1: Operation not permitted)
Ign:1 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 tmux amd64 3.0a-2ubuntu0.4
Err:1 http://security.ubuntu.com/ubuntu focal-updates/main amd64 tmux amd64 3.0a-2ubuntu0.4
  Could not open file /var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb - open (13: Permission denied) [IP: 91.189.91.39 80]
W: chown to _apt:root of directory /var/cache/apt/archives/partial failed - SetupAPTPartialDirectory (22: Invalid argument)
W: chmod 0700 of directory /var/cache/apt/archives/partial failed - SetupAPTPartialDirectory (1: Operation not permitted)
W: chown to _apt:root of directory /var/lib/apt/lists/auxfiles failed - SetupAPTPartialDirectory (22: Invalid argument)
W: chmod 0700 of directory /var/lib/apt/lists/auxfiles failed - SetupAPTPartialDirectory (1: Operation not permitted)
E: setgroups 65534 failed - setgroups (1: Operation not permitted)
E: setegid 65534 failed - setegid (22: Invalid argument)
E: seteuid 105 failed - seteuid (22: Invalid argument)
W: Download is performed unsandboxed as root as file '/var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
E: setgroups 0 failed - setgroups (1: Operation not permitted)
W: Problem unlinking the file /var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb - PrepareFiles (13: Permission denied)
W: Problem unlinking the file /var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb - PrepareFiles (13: Permission denied)

Changes detected in the following files:

/tmp/tmp.neLW9gBc4r/upperdir/var/cache/apt/archives/lock
/tmp/tmp.neLW9gBc4r/upperdir/var/lib/dpkg/lock
/tmp/tmp.neLW9gBc4r/upperdir/var/lib/dpkg/lock-frontend

Commit these changes? [y/N]

Hardened mode?

Perhaps a flag for a hardened mode which uses a separate network stack and only expose some /dev files (e.g., null, (u)random, zero).

Something that makes sudo ./try rm -rf / not affect the host system.

Versioning

Add a -v flag to get the version.

Warning when mounting run

try/try

Line 51 in 3d5af35

mount --rbind --read-only /run "$SANDBOX_DIR/temproot/run"

mount: /tmp/tmp.1MYxsHblfI/temproot/run: filesystem was mounted, but any subsequent operation failed: Unknown error 5005.

Hide upperdir in change summary

We currently summarize changes in terms of complete paths into the upperdir:

Changes detected in the following files:

/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/ast.py (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/_dash.py (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__init__.py (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/printer.cpython-310.pyc (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/ast.cpython-310.pyc (modified/added)
...

We should hide everything through upperdir, i.e., showing:

/home/gliargovas/.local/lib/python3.10/site-packages/libdash/ast.py (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/_dash.py (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__init__.py (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/printer.cpython-310.pyc (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/ast.cpython-310.pyc (modified/added)

Feat: Selective commit

We should allow the user to choose what they want to commit.
One way to do this is to list all the changes in the upperdir in a file, open up and editor so user can delete the files that they don't wish to commit, and then commit the rest. In the prompt file we could also describe the type of change, (modify/create or delete).

Run shellcheck on CI

libreadline error

$ try ls
/bin/bash: error while loading shared libraries: libreadline.so.8: cannot open shared object file: No such file or directory

I'm in an up-to-date Arch Linux.

Improve README contents

Failed to mount several directories

After cloning the repo and running ./try cb, I'm getting these errors:

Warning: Failed mounting /boot as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /home as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /run/user/1000/doc as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /home/jackson/SecondDrive as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /recovery as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.NVsp08HPwA
/tmp/tmp.gLlM2WMSzk: line 4: cd: /home/jackson/try: No such file or directory

From dmesg:

[21415.387716] overlayfs: failed to set xattr on upper
[21415.387718] overlayfs: ...falling back to xino=off.
[21415.387718] overlayfs: try mounting with 'userxattr' option
[21415.388733] overlayfs: failed to set xattr on upper
[21415.388734] overlayfs: ...falling back to xino=off.
[21415.388735] overlayfs: try mounting with 'userxattr' option
[21415.388737] overlayfs: failed to clone lowerpath
[21415.390575] overlayfs: failed to set xattr on upper
[21415.390576] overlayfs: ...falling back to xino=off.
[21415.390577] overlayfs: try mounting with 'userxattr' option
[21415.391556] overlayfs: failed to set xattr on upper
[21415.391557] overlayfs: ...falling back to xino=off.
[21415.391557] overlayfs: try mounting with 'userxattr' option
[21415.391559] overlayfs: failed to clone lowerpath
[21415.392856] overlayfs: failed to set xattr on upper
[21415.392857] overlayfs: ...falling back to xino=off.
[21415.392857] overlayfs: try mounting with 'userxattr' option
[21415.394656] overlayfs: failed to set xattr on upper
[21415.394658] overlayfs: ...falling back to xino=off.
[21415.394658] overlayfs: try mounting with 'userxattr' option
[21415.395746] overlayfs: failed to set xattr on upper
[21415.395747] overlayfs: ...falling back to xino=off.
[21415.395748] overlayfs: try mounting with 'userxattr' option
[21415.397045] overlayfs: failed to set xattr on upper
[21415.397047] overlayfs: ...falling back to xino=off.
[21415.397048] overlayfs: try mounting with 'userxattr' option
[21415.398331] overlayfs: failed to set xattr on upper
[21415.398332] overlayfs: ...falling back to xino=off.
[21415.398333] overlayfs: try mounting with 'userxattr' option
[21415.399696] overlayfs: failed to set xattr on upper
[21415.399698] overlayfs: ...falling back to xino=off.
[21415.399698] overlayfs: try mounting with 'userxattr' option
[21415.401035] overlayfs: failed to set xattr on upper
[21415.401037] overlayfs: ...falling back to xino=off.
[21415.401037] overlayfs: try mounting with 'userxattr' option
[21415.402049] overlayfs: failed to set xattr on upper
[21415.402050] overlayfs: ...falling back to xino=off.
[21415.402051] overlayfs: try mounting with 'userxattr' option
[21415.403984] overlayfs: failed to set xattr on upper
[21415.403985] overlayfs: ...falling back to xino=off.
[21415.403985] overlayfs: try mounting with 'userxattr' option
[21415.405473] overlayfs: failed to set xattr on upper
[21415.405475] overlayfs: ...falling back to xino=off.
[21415.405475] overlayfs: try mounting with 'userxattr' option
[21415.406477] overlayfs: failed to set xattr on upper
[21415.406478] overlayfs: ...falling back to xino=off.
[21415.406479] overlayfs: try mounting with 'userxattr' option
[21415.407962] overlayfs: failed to set xattr on upper
[21415.407963] overlayfs: ...falling back to xino=off.
[21415.407963] overlayfs: try mounting with 'userxattr' option
[21415.408990] overlayfs: failed to set xattr on upper
[21415.408992] overlayfs: ...falling back to xino=off.
[21415.408992] overlayfs: try mounting with 'userxattr' option
[21415.410003] overlayfs: failed to set xattr on upper
[21415.410004] overlayfs: ...falling back to xino=off.
[21415.410005] overlayfs: try mounting with 'userxattr' option
[21415.411689] overlayfs: failed to resolve '/tmp/tmp.sw78B8qrlH/upperdir/run/user/1000/doc': -2
[21415.412428] overlayfs: failed to resolve '/tmp/tmp.sw78B8qrlH/upperdir/home/jackson/SecondDrive': -2
[21415.413072] overlayfs: failed to set xattr on upper
[21415.413073] overlayfs: ...falling back to xino=off.
[21415.413074] overlayfs: try mounting with 'userxattr' option
[21415.413075] overlayfs: filesystem on '/recovery' not supported
[21415.413607] overlayfs: failed to resolve '/tmp/tmp.sw78B8qrlH/upperdir/boot/efi': -2

I'm using Pop!_OS 22.04. Is this a known issue?

/run not being mounted as readonly

It seems like mount --rbind -o ro,noload --read-only /run "$SANDBOX_DIR/temproot/run" is not making /run mount as readonly.
We should also try to get this mounted in overlayfs aswell so we can track changes in run.

Motivation: running try rm -rf --no-preserve-root /* will break the system until the system is power-cycled as removing entries in /run breaks systemd.

Relates to #20

No access to /dev directory

It would be nice if we were able to mount the /dev directory to the overlay as well. Currently, this fails, and as a result commands that write to /dev/null are doomed to fail.

$ try git clone https://github.com/binpash/try.git
mount: /tmp/tmp.Q15MleyJXP/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.Q15MleyJXP/temproot/var: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
fatal: could not open '/dev/null' for reading and writing: No such file or directory

Distro Compatibility

Works on Ubuntu 20.04.6 5.4.0-152-generic
Works on Ubuntu 23.04 6.2.0-23-generic
Works on Rocky 9 5.14.0-284.11.1.el9_2
Works on Centos 9 Stream 5.14.0-325.el9
Works on Debian 12 6.1.0-9-amd64
Works on Arch 6.1.33-1-lts
Works on Alpine 6.1.34-1-lts

Fails on Debian 10 5.10.0-21-amd64
Fails on Debian 10 4.19.0-24-amd64
Fails on Debian 11 5.10.0-23-amd64
Fails on Centos 7 3.10.0-1160.90.1.el7
Fails on Centos 8 Stream 4.18.0-496.el8

Note: systems where unprivileged userns is disabled by default (e.g., debian 10) we can run sysctl -w kernel.unprivileged_userns_clone=1 to let unshare --user work.

Fail early when critical commands are missing

At the beginning of appropriate routines, (e.g., try()), we should ensure that any non-obvious binaries we need (e.g., findmnt) exist and fail early if they do not. Bonus points for appropriate depext suggestions.

User control of ignored changes

Right now ignore_changes is using logic that's only appropriate for the hs stuff. We should (a) have nothing be ignored by default and (b) let the user specify what to ignore.

I imagine:

$ try -i '*~' -i '#*#' -- emacs -nw foo.txt
...

We should allow multiple instances of the -i flag, with the expectation that these will be passed as patterns to grep -v.

Somewhat related to #25.

Fails if /tmp is tempfs

On arch and alpine cloud images, /tmp is tempfs, so the inner unshare would fail since the $chroot_executable is not accessible. $chroot_executable is however visible in the first unshare.

Support use of fuse-overlayfs

If fuse-overlayfs is available, it would make sense to use it instead of the kernel overlayfs. This would be especially useful on systems where overlayfs is not available for non-root users.

This is the strategy used by rootless podman (see https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md).

manpage

Write a manpage!

shell completion files

do the thing

Cleanup temporary files

Do we want to cleanup the tempdir and tempfiles that we make?

FreeBSD support?

Currently FreeBSD missing unshare and maybe other unaddressed issues?

Better CI System

Should we look into a better CI system that could support testing on multiple distros and mount setups.

Currently for linux, github actions only works for Ubuntu 20 and Ubuntu 22.
https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources

Things that we want to test

SELinux?
Other distros
Basic LVM setups (with /home mounted separately, and other nested mounts) #19
More curl | bash scripts

[bug] version information is not displayed.

Hi,

at line 227, the getopts call is missing the v parameter, so the switch/case statement's v section is unreachable.

Also, try to separate the version information in the upper section as a variable, so it can easily be updated for the future,
such as the printf string in the v section of the switch/case after getopts doesn't have to change, ever again.

That would be it.

Consistency: proper user id

When we're first in unshare, we are mapped to the root user so that we can mount the directories.
But that is not the actual uid of the caller user, does this matter?
We could use another unshare to map the user id back.

Fails on NixOS w/ btrfs

Running NixOS with brtfs and the following disk layout:

$ lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
sda           8:0    0   2.7T  0 disk  
└─sda1        8:1    0   2.7T  0 part  
sdb           8:16   0   2.7T  0 disk  
└─sdb1        8:17   0   2.7T  0 part  
sdc           8:32   0 476.9G  0 disk  
└─sdc1        8:33   0 476.9G  0 part  
sdd           8:48   1     7M  0 disk  
└─sdd1        8:49   1     7M  0 part  
nvme0n1     259:0    0 238.5G  0 disk  
├─nvme0n1p1 259:1    0   512M  0 part  /boot
├─nvme0n1p2 259:2    0   192G  0 part  /home
│                                      /nix/store
│                                      /
└─nvme0n1p3 259:3    0    46G  0 part  
  └─enclave 254:0    0    46G  0 crypt /swap

Executing ./try echo hi on mount-fix branch errors out with warnings that every mount point failed to mount as an overlay. It appears that this is caused by failed uid/gid mappings that must occur due to NixOS's wrapper.c. Full command output and contents of the referenced tmp file are included below.

$ ./try echo hi
/tmp/tmp.AOXiqDxls5: line 4:     3 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /bin as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:     7 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /etc as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    10 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /mnt as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    12 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /nix as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    15 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /root as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    18 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /srv as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    22 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /tmp as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    24 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /usr as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4:    26 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /var as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20:    30 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /run/user/1000/doc as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20:    31 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /nix/store as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20:    32 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /swap as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20:    33 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20:    34 Aborted                 (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /home as an overlay, see /tmp/tmp.dh9r3FP2pr
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
/tmp/tmp.AOXiqDxls5: line 28:    35 Aborted                 (core dumped) mount --rbind /dev "$SANDBOX_DIR/temproot/dev"
/tmp/tmp.AOXiqDxls5: line 31:    36 Aborted                 (core dumped) mount --rbind --read-only /run "$SANDBOX_DIR/temproot/run" 2> /dev/null
unshare: failed to execute /bin/bash: No such file or directory

$ cat tmp.dh9r3FP2pr 
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.

Running the same command on future branch, after running setup.sh as root, gives:

$ ./try echo hi
nc: Address already in use
./try: line 225: ./gidmapper: cannot execute: required file not found
nc: invalid option -- 'q'
usage: nc [-46cDdFhklNnrStUuvz] [-C certfile] [-e name] [-H hash] [-I length]
	 [-i interval] [-K keyfile] [-M ttl] [-m minttl] [-O length]
	 [-o staplefile] [-P proxy_username] [-p source_port] [-R CAfile]
	 [-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit] [-w timeout]
	 [-X proxy_protocol] [-x proxy_address[:port]] [-Z peercertfile]
	 [destination] [port]
^C

debug mode

A debug mode that writes set -x on try and the two sub-scripts inside.

Testing

Build a test harness and get it in CI.

Summary and Commit break with "bad" filenames

By @mgree:

The logic could break with particularly nasty filenames (e.g., newlines). The most robust approach is to null terminate, à la find ... -print0 or xargs -0.

(See the discussion in #83)

Broken after commit 6ee0b1c, No such file or directory

Broken after commit 6ee0b1c

Warning: Failed mounting /boot as an overlay, see /tmp/tmp.nwIl2siLYA
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.nwIl2siLYA
/tmp/tmp.kIsD0QvoHA: line 5: /tmp/tmp.uqN6ZNuDyl: No such file or directory
/tmp/tmp.qU8jIEuvWJ

OS: Archlinux.

Feat: Prompt user if committing a file failed

If we fail to commit a file, we should prompt the user on whether we should commit the rest or abort here. We could also let the user shell into the overlayfs and then rerun summary.

Hide internal variables

Hide all occurences of try-internal variables before running the script.

Michael's implementation proposal:

Okay, sure. Three straightforward ways to hide it:

don't mark SANDBOX_DIR as exported, but manually set it per command that should see it

SANDBOX_DIR="" when calling the internal command or to save the variable in a non-exported one

save and unset SANDBOX_DIR before running the command, then restore it

sync top level dir permissions

We should make sure top level directories also have the right permissions.

ubuntu@pashtestold:~/try$ ./try ls -lah /tmp | head -2
total 1.2M
drwxrwxr-x  1 root   root    4.0K Jun 27 19:03 .

ubuntu@pashtestold:~/try$ ls -lah /tmp | head -2
total 1.3M
drwxrwxrwx 84 root   root    112K Jun 27 19:03 .

Relates to #6

Arguments Quoting Issue

It appears there is an issue with how $@ gets quoted when it is passed along.

Example

$ echo 'test | cat'
test | cat
$ try echo 'test | cat'
test

It seems that the string gets unquoted along the way, so it actually ends up executing echo test | cat. Not sure what the cleanest solution to escaping the individual arguments is. My typical approach would be to use printf '%q' $arg for each argument in ${@}, but TIL %q isn't supported by the GNU utils version of printf.

problems when there are top level filesystem mount points

In the code that tries to mount the overlays, there is a check for top level directory mount points that is a little too aggressive for systems the have user filesystems mounted at locations like /srv and /home (which is the custom of the system administrators where I work).

this line

       if [ -d "$top_dir_abs" ] && ! mountpoint -q "$top_dir_abs"; then

excludes the LVM volumes mounted at /srv/and /home on my system via the "! mountpoint" clause.
When I run try from my home directory (/home/mccahill) it fails like this:

        /tmp/tmp.P5nVCaSZ5L: line 4: cd: /home/mccahill: No such file or directory

Try does run correctly when run from a directory for which it has created an overlay.
I can see why try wants to exclude mounts like /boot, /dev, /proc, /run, /sys, and so on, but user filesystem mounts need to have overlays.

commit can't mkdir on an existing file

try/try

Line 129 in adc117d

mkdir "${local_file}"

Above line fails if directory already exists

touch x
echo 'rm x; mkdir x; touch x/y' > test.sh
./try bash test.sh
mkdir: cannot create directory ‘/home/ubuntu/trymkdir/x’: File exists
couldn't commit /tmp/tmp.qT6BjMKMLb/upperdir/home/ubuntu/trymkdir/x

Offer also for macOS?

Would be cool if it also worked for macOS. I just downloaded and tried to run but obviously this cannot work without tools like unshare :)

Versioning?

Hi there,

I would like to create an aur package (arch linux users repo) for try but I saw that there is no version at all or any git tag.

Do you have in plan to release any version soon?

thanks

ps may I also suggest bats for the testing part?

Whiteout detection should be more robust

Right now we detect whiteout files with [ -c "$changed_file" ] && ! [ -s "$changed_file" ]... but we should also check that the major/minor numbers are 0/0 in case someone has some non-whiteout, empty character device file. (Hard to imagine this happening, but safety first.)

Running intermediate try scripts with the original shell

try currently runs the intermediate temporary scripts that it creates using /bin/sh. This causes a problem if we want the internal script to run using a different shell and therefore inherit its state, e.g., bash functions.

A running example of the wanted behavior follows:

$ func() { echo hi; }
$ export -f func
$ bash ./deps/try/try func
hi

I think that a good portable solution would be to run the intermediate scripts with whatever shell try is running too. What is a portable way to determine which shell we are running on? Here are some alternatives:

The $SHELL variable will contain the name of the login shell (it doesn't work if the subprocess is different than the login shell)
Using ps, e.g., ps -o args= -p "$$" or ps -o command= -p "$$". This seems to me like the most portable and correct solution.

Here are some SO posts that discuss this issue:

Note that we don't really care about the underlying shell, we just want the executable (or even a link to it), so if try was invoked using /bin/sh we can just use that, we don't care that it was bash under the hood.

binpash / try Goto Github PK

try's People

Contributors

Stargazers

Watchers

Forkers

try's Issues

Recommend Projects

Recommend Topics

Recommend Org

Jobs