binpash / try Goto Github PK
View Code? Open in Web Editor NEWInspect a command's effects before modifying your live system
License: MIT License
Inspect a command's effects before modifying your live system
License: MIT License
Just start the user's default login shell in the overlay.
I've tried the following (as a normal user) on my Ubuntu 22.04 64bit machine on a "nested-mount" branch:
$ git switch nested-mount
$ bash -x try pip install click
+ TRY_VERSION=0.1.0
+ NO_COMMIT=interactive
+ getopts :yvnD: opt
+ shift 0
+ '[' 3 -eq 0 ']'
+ case "$1" in
+ try pip install click
+ START_DIR=/home/adam/tmp/try
+ '[' '' ']'
++ mktemp -d
+ SANDBOX_DIR=/tmp/tmp.YMBs4wsY3M
+ export SANDBOX_DIR
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir /tmp/tmp.YMBs4wsY3M/workdir /tmp/tmp.YMBs4wsY3M/temproot
++ findmnt --real -r -o target -n
++ grep -v '^/$'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /bin ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//bin /tmp/tmp.YMBs4wsY3M/workdir//bin /tmp/tmp.YMBs4wsY3M/temproot//bin
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /boot ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//boot /tmp/tmp.YMBs4wsY3M/workdir//boot /tmp/tmp.YMBs4wsY3M/temproot//boot
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /dev ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//dev /tmp/tmp.YMBs4wsY3M/workdir//dev /tmp/tmp.YMBs4wsY3M/temproot//dev
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /etc ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//etc /tmp/tmp.YMBs4wsY3M/workdir//etc /tmp/tmp.YMBs4wsY3M/temproot//etc
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /home ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//home /tmp/tmp.YMBs4wsY3M/workdir//home /tmp/tmp.YMBs4wsY3M/temproot//home
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /lib ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//lib /tmp/tmp.YMBs4wsY3M/workdir//lib /tmp/tmp.YMBs4wsY3M/temproot//lib
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /lib32 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//lib32 /tmp/tmp.YMBs4wsY3M/workdir//lib32 /tmp/tmp.YMBs4wsY3M/temproot//lib32
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /lib64 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//lib64 /tmp/tmp.YMBs4wsY3M/workdir//lib64 /tmp/tmp.YMBs4wsY3M/temproot//lib64
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /libx32 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//libx32 /tmp/tmp.YMBs4wsY3M/workdir//libx32 /tmp/tmp.YMBs4wsY3M/temproot//libx32
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /media ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//media /tmp/tmp.YMBs4wsY3M/workdir//media /tmp/tmp.YMBs4wsY3M/temproot//media
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /mnt ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//mnt /tmp/tmp.YMBs4wsY3M/workdir//mnt /tmp/tmp.YMBs4wsY3M/temproot//mnt
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /opt ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//opt /tmp/tmp.YMBs4wsY3M/workdir//opt /tmp/tmp.YMBs4wsY3M/temproot//opt
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /Passwords2.kdbx ']'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /photoprism ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//photoprism /tmp/tmp.YMBs4wsY3M/workdir//photoprism /tmp/tmp.YMBs4wsY3M/temproot//photoprism
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /proc ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//proc /tmp/tmp.YMBs4wsY3M/workdir//proc /tmp/tmp.YMBs4wsY3M/temproot//proc
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /root ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//root /tmp/tmp.YMBs4wsY3M/workdir//root /tmp/tmp.YMBs4wsY3M/temproot//root
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /run ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//run /tmp/tmp.YMBs4wsY3M/workdir//run /tmp/tmp.YMBs4wsY3M/temproot//run
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /sbin ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//sbin /tmp/tmp.YMBs4wsY3M/workdir//sbin /tmp/tmp.YMBs4wsY3M/temproot//sbin
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap /tmp/tmp.YMBs4wsY3M/workdir//snap /tmp/tmp.YMBs4wsY3M/temproot//snap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /srv ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//srv /tmp/tmp.YMBs4wsY3M/workdir//srv /tmp/tmp.YMBs4wsY3M/temproot//srv
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /@swap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//@swap /tmp/tmp.YMBs4wsY3M/workdir//@swap /tmp/tmp.YMBs4wsY3M/temproot//@swap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /swap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//swap /tmp/tmp.YMBs4wsY3M/workdir//swap /tmp/tmp.YMBs4wsY3M/temproot//swap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /swap.img ']'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /sys ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//sys /tmp/tmp.YMBs4wsY3M/workdir//sys /tmp/tmp.YMBs4wsY3M/temproot//sys
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /tmp ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//tmp /tmp/tmp.YMBs4wsY3M/workdir//tmp /tmp/tmp.YMBs4wsY3M/temproot//tmp
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /usr ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//usr /tmp/tmp.YMBs4wsY3M/workdir//usr /tmp/tmp.YMBs4wsY3M/temproot//usr
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /var ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//var /tmp/tmp.YMBs4wsY3M/workdir//var /tmp/tmp.YMBs4wsY3M/temproot//var
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/acrordrdc/62 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/acrordrdc/62 /tmp/tmp.YMBs4wsY3M/workdir//snap/acrordrdc/62 /tmp/tmp.YMBs4wsY3M/temproot//snap/acrordrdc/62
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/audacity/1051 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/audacity/1051 /tmp/tmp.YMBs4wsY3M/workdir//snap/audacity/1051 /tmp/tmp.YMBs4wsY3M/temproot//snap/audacity/1051
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/bare/5 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/bare/5 /tmp/tmp.YMBs4wsY3M/workdir//snap/bare/5 /tmp/tmp.YMBs4wsY3M/temproot//snap/bare/5
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/blender/3584 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/blender/3584 /tmp/tmp.YMBs4wsY3M/workdir//snap/blender/3584 /tmp/tmp.YMBs4wsY3M/temproot//snap/blender/3584
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/chromium/2497 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/chromium/2497 /tmp/tmp.YMBs4wsY3M/workdir//snap/chromium/2497 /tmp/tmp.YMBs4wsY3M/temproot//snap/chromium/2497
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/clion/237 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/clion/237 /tmp/tmp.YMBs4wsY3M/workdir//snap/clion/237 /tmp/tmp.YMBs4wsY3M/temproot//snap/clion/237
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/code/132 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/code/132 /tmp/tmp.YMBs4wsY3M/workdir//snap/code/132 /tmp/tmp.YMBs4wsY3M/temproot//snap/code/132
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core/14946 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core/14946 /tmp/tmp.YMBs4wsY3M/workdir//snap/core/14946 /tmp/tmp.YMBs4wsY3M/temproot//snap/core/14946
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core18/2785 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core18/2785 /tmp/tmp.YMBs4wsY3M/workdir//snap/core18/2785 /tmp/tmp.YMBs4wsY3M/temproot//snap/core18/2785
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/cups/872 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/cups/872 /tmp/tmp.YMBs4wsY3M/workdir//snap/cups/872 /tmp/tmp.YMBs4wsY3M/temproot//snap/cups/872
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core20/1891 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core20/1891 /tmp/tmp.YMBs4wsY3M/workdir//snap/core20/1891 /tmp/tmp.YMBs4wsY3M/temproot//snap/core20/1891
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/core22/750 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/core22/750 /tmp/tmp.YMBs4wsY3M/workdir//snap/core22/750 /tmp/tmp.YMBs4wsY3M/temproot//snap/core22/750
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/ffmpeg/1286 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/ffmpeg/1286 /tmp/tmp.YMBs4wsY3M/workdir//snap/ffmpeg/1286 /tmp/tmp.YMBs4wsY3M/temproot//snap/ffmpeg/1286
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/firefox/2710 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/firefox/2710 /tmp/tmp.YMBs4wsY3M/workdir//snap/firefox/2710 /tmp/tmp.YMBs4wsY3M/temproot//snap/firefox/2710
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gnome-3-28-1804/198 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gnome-3-28-1804/198 /tmp/tmp.YMBs4wsY3M/workdir//snap/gnome-3-28-1804/198 /tmp/tmp.YMBs4wsY3M/temproot//snap/gnome-3-28-1804/198
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gimp/393 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gimp/393 /tmp/tmp.YMBs4wsY3M/workdir//snap/gimp/393 /tmp/tmp.YMBs4wsY3M/temproot//snap/gimp/393
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gnome-3-34-1804/93 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gnome-3-34-1804/93 /tmp/tmp.YMBs4wsY3M/workdir//snap/gnome-3-34-1804/93 /tmp/tmp.YMBs4wsY3M/temproot//snap/gnome-3-34-1804/93
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gtk2-common-themes/13 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gtk2-common-themes/13 /tmp/tmp.YMBs4wsY3M/workdir//snap/gtk2-common-themes/13 /tmp/tmp.YMBs4wsY3M/temproot//snap/gtk2-common-themes/13
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gnome-3-38-2004/140 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gnome-3-38-2004/140 /tmp/tmp.YMBs4wsY3M/workdir//snap/gnome-3-38-2004/140 /tmp/tmp.YMBs4wsY3M/temproot//snap/gnome-3-38-2004/140
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/gtk-common-themes/1535 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/gtk-common-themes/1535 /tmp/tmp.YMBs4wsY3M/workdir//snap/gtk-common-themes/1535 /tmp/tmp.YMBs4wsY3M/temproot//snap/gtk-common-themes/1535
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/inkscape/10536 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/inkscape/10536 /tmp/tmp.YMBs4wsY3M/workdir//snap/inkscape/10536 /tmp/tmp.YMBs4wsY3M/temproot//snap/inkscape/10536
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/intellij-idea-ultimate/430 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/intellij-idea-ultimate/430 /tmp/tmp.YMBs4wsY3M/workdir//snap/intellij-idea-ultimate/430 /tmp/tmp.YMBs4wsY3M/temproot//snap/intellij-idea-ultimate/430
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/kf5-5-104-qt-5-15-8-core22/9 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/kf5-5-104-qt-5-15-8-core22/9 /tmp/tmp.YMBs4wsY3M/workdir//snap/kf5-5-104-qt-5-15-8-core22/9 /tmp/tmp.YMBs4wsY3M/temproot//snap/kf5-5-104-qt-5-15-8-core22/9
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/kde-frameworks-5-core18/35 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/kde-frameworks-5-core18/35 /tmp/tmp.YMBs4wsY3M/workdir//snap/kde-frameworks-5-core18/35 /tmp/tmp.YMBs4wsY3M/temproot//snap/kde-frameworks-5-core18/35
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/losslesscut/114 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/losslesscut/114 /tmp/tmp.YMBs4wsY3M/workdir//snap/losslesscut/114 /tmp/tmp.YMBs4wsY3M/temproot//snap/losslesscut/114
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/krita/90 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/krita/90 /tmp/tmp.YMBs4wsY3M/workdir//snap/krita/90 /tmp/tmp.YMBs4wsY3M/temproot//snap/krita/90
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/lxd/24322 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/lxd/24322 /tmp/tmp.YMBs4wsY3M/workdir//snap/lxd/24322 /tmp/tmp.YMBs4wsY3M/temproot//snap/lxd/24322
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/marp-cli-carroarmato0/33 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/marp-cli-carroarmato0/33 /tmp/tmp.YMBs4wsY3M/workdir//snap/marp-cli-carroarmato0/33 /tmp/tmp.YMBs4wsY3M/temproot//snap/marp-cli-carroarmato0/33
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/rubymine/365 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/rubymine/365 /tmp/tmp.YMBs4wsY3M/workdir//snap/rubymine/365 /tmp/tmp.YMBs4wsY3M/temproot//snap/rubymine/365
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/pycharm-professional/336 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/pycharm-professional/336 /tmp/tmp.YMBs4wsY3M/workdir//snap/pycharm-professional/336 /tmp/tmp.YMBs4wsY3M/temproot//snap/pycharm-professional/336
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/snapd/19361 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/snapd/19361 /tmp/tmp.YMBs4wsY3M/workdir//snap/snapd/19361 /tmp/tmp.YMBs4wsY3M/temproot//snap/snapd/19361
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/scantailor-advanced/3 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/scantailor-advanced/3 /tmp/tmp.YMBs4wsY3M/workdir//snap/scantailor-advanced/3 /tmp/tmp.YMBs4wsY3M/temproot//snap/scantailor-advanced/3
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/sharik-app/9 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/sharik-app/9 /tmp/tmp.YMBs4wsY3M/workdir//snap/sharik-app/9 /tmp/tmp.YMBs4wsY3M/temproot//snap/sharik-app/9
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/sweethome3d-homedesign/15 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/sweethome3d-homedesign/15 /tmp/tmp.YMBs4wsY3M/workdir//snap/sweethome3d-homedesign/15 /tmp/tmp.YMBs4wsY3M/temproot//snap/sweethome3d-homedesign/15
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /var/snap/firefox/common/host-hunspell ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//var/snap/firefox/common/host-hunspell /tmp/tmp.YMBs4wsY3M/workdir//var/snap/firefox/common/host-hunspell /tmp/tmp.YMBs4wsY3M/temproot//var/snap/firefox/common/host-hunspell
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/vlc/3078 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/vlc/3078 /tmp/tmp.YMBs4wsY3M/workdir//snap/vlc/3078 /tmp/tmp.YMBs4wsY3M/temproot//snap/vlc/3078
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/telegram-desktop/4743 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/telegram-desktop/4743 /tmp/tmp.YMBs4wsY3M/workdir//snap/telegram-desktop/4743 /tmp/tmp.YMBs4wsY3M/temproot//snap/telegram-desktop/4743
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/wine-platform-runtime/349 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/wine-platform-runtime/349 /tmp/tmp.YMBs4wsY3M/workdir//snap/wine-platform-runtime/349 /tmp/tmp.YMBs4wsY3M/temproot//snap/wine-platform-runtime/349
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /snap/wine-platform-6-stable/19 ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//snap/wine-platform-6-stable/19 /tmp/tmp.YMBs4wsY3M/workdir//snap/wine-platform-6-stable/19 /tmp/tmp.YMBs4wsY3M/temproot//snap/wine-platform-6-stable/19
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /swap ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//swap /tmp/tmp.YMBs4wsY3M/workdir//swap /tmp/tmp.YMBs4wsY3M/temproot//swap
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /boot ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//boot /tmp/tmp.YMBs4wsY3M/workdir//boot /tmp/tmp.YMBs4wsY3M/temproot//boot
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /boot/efi ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//boot/efi /tmp/tmp.YMBs4wsY3M/workdir//boot/efi /tmp/tmp.YMBs4wsY3M/temproot//boot/efi
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /var/lib/docker/btrfs ']'
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /home/adam ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//home/adam /tmp/tmp.YMBs4wsY3M/workdir//home/adam /tmp/tmp.YMBs4wsY3M/temproot//home/adam
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /home/Adama-docs ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//home/Adama-docs /tmp/tmp.YMBs4wsY3M/workdir//home/Adama-docs /tmp/tmp.YMBs4wsY3M/temproot//home/Adama-docs
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /run/user/1000/doc ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//run/user/1000/doc /tmp/tmp.YMBs4wsY3M/workdir//run/user/1000/doc /tmp/tmp.YMBs4wsY3M/temproot//run/user/1000/doc
+ for mointpoint in /* $(findmnt --real -r -o target -n | grep -v "^/$")
+ '[' -d /media/adam-minipc/videos ']'
+ mkdir -p /tmp/tmp.YMBs4wsY3M/upperdir//media/adam-minipc/videos /tmp/tmp.YMBs4wsY3M/workdir//media/adam-minipc/videos /tmp/tmp.YMBs4wsY3M/temproot//media/adam-minipc/videos
++ mktemp
+ mount_and_execute=/tmp/tmp.tHOQLkXJB1
++ mktemp
+ export chroot_executable=/tmp/tmp.4d5roj1rEM
+ chroot_executable=/tmp/tmp.4d5roj1rEM
++ mktemp
+ export try_mount_log=/tmp/tmp.oMWt0UuKh7
+ try_mount_log=/tmp/tmp.oMWt0UuKh7
+ cat
+ cat
+ chmod +x /tmp/tmp.tHOQLkXJB1 /tmp/tmp.4d5roj1rEM
+ unshare --mount --map-root-user --user --pid --fork /tmp/tmp.tHOQLkXJB1
Warning: Failed to mount /boot via mergerfs
Warning: Failed to mount /home via mergerfs
Warning: Failed to mount /media via mergerfs
Warning: Failed to mount /run via mergerfs
Warning: Failed to mount /snap via mergerfs
Warning: Failed to mount /sys via mergerfs
Warning: Failed to mount /var via mergerfs
Warning: Failed to mount /run/user/1000/doc via mergerfs
Warning: Failed to mount /boot via mergerfs
Warning: Failed to mount /boot/efi via mergerfs
The process then hangs for at least 5 minutes (much, much longer than it takes to do pip install click
.
The issue is re-opened upon request of @ericzty .
It failed without a comprehensive error message (folder /home/Adama-docs/Adam/linux/tmp/try obviously exists, as this is the place the repository was cloned).
It seems that try
blocks any kind of network access:
$ try "ping -c3 www.google.com"
mount: /tmp/tmp.l06qs0JdDT/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.l06qs0JdDT/temproot/var: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
ping: www.google.com: Temporary failure in name resolution
$ try curl www.google.com
mount: /tmp/tmp.8hpad1vI2s/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.8hpad1vI2s/temproot/var: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
curl: (6) Could not resolve host: www.google.com
Despite this, unshare --mount --map-root-user --user --pid --fork curl www.google.com
runs successfully.
Also, double checked that we are not unsharing the network namespace anywhere.
We should have tests that run multiple commands in the same sandbox. (Not quite the same as try explore
from #5, but related.)
Run tests with vagrant VMs on github actions to be able to test nested mounts and the other bugfixes.
Things that we want to test
SELinux?
Other distros
Basic LVM setups (with /home mounted separately, and other nested mounts) #19
More curl | bash scripts
OS info:
➜ try git:(main) ✗ cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.2 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.2 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
Minimal Reproducible Script:
#!/usr/bin/bash
cur=$(pwd)
sudo rm -rf /tmp/tmp.*
$cur/try -y touch $HOME/testfile
ls -l /tmp/testfile
ls -l /tmp/tmp.*
rm -rf /tmp/tmp.*
$cur/try -y rm $HOME/testfile
ls -l /tmp/testfile
ls -l /tmp/tmp.*
rm -rf /tmp/tmp.*
Output logs:
➜ try git:(main) ✗ sh a.sh
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.iWAZWwEcHw
Warning: Failed mounting /snap as an overlay, see /tmp/tmp.iWAZWwEcHw
Warning: Failed mounting /var as an overlay, see /tmp/tmp.iWAZWwEcHw
Warning: Failed mounting /snap/bare/5 as an overlay, see /tmp/tmp.iWAZWwEcHw
...
Warning: Failed mounting /snap/firefox/2800 as an overlay, see /tmp/tmp.iWAZWwEcHw
ls: cannot access '/tmp/testfile': No such file or directory
-rw------- 1 yiran yiran 2668 6月 25 17:28 /tmp/tmp.iWAZWwEcHw
-rwx--x--x 1 yiran yiran 120 6月 25 17:28 /tmp/tmp.pU1iJHkqNZ
-rwx--x--x 1 yiran yiran 1824 6月 25 17:28 /tmp/tmp.ZJln7EqgWV
/tmp/tmp.a5YeVGkibC:
total 12
drwxrwxr-x 29 yiran yiran 4096 6月 25 17:28 temproot
drwxrwxr-x 29 yiran yiran 4096 6月 25 17:28 upperdir
drwxrwxr-x 29 yiran yiran 4096 6月 25 17:28 workdir
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /var as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/bare/5 as an overlay, see /tmp/tmp.1amwhWmW0M
...
Warning: Failed mounting /var/snap/firefox/common/host-hunspell as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/snapd/19361 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/core18/2785 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/slack/79 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/gnome-42-2204/111 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/snapd/19457 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/core20/1950 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/core22/766 as an overlay, see /tmp/tmp.1amwhWmW0M
Warning: Failed mounting /snap/firefox/2800 as an overlay, see /tmp/tmp.1amwhWmW0M
ls: cannot access '/tmp/testfile': No such file or directory
-rw------- 1 yiran yiran 2668 6月 25 17:28 /tmp/tmp.1amwhWmW0M
-rwx--x--x 1 yiran yiran 117 6月 25 17:28 /tmp/tmp.iNGI2499F3
-rwx--x--x 1 yiran yiran 1824 6月 25 17:28 /tmp/tmp.LjL0GhNZOQ
/tmp/tmp.j8aZKEw1zb:
total 12
drwxrwxr-x 29 yiran yiran 4096 6月 25 17:28 temproot
drwxrwxr-x 29 yiran yiran 4096 6月 25 17:28 upperdir
drwxrwxr-x 29 yiran yiran 4096 6月 25 17:28 workdir
rm: cannot remove '/tmp/tmp.j8aZKEw1zb/workdir/home/work': Permission denied
The file path operated by the try command will remain, and then cannot be deleted by the current user.
We want a test that first starts an interactive command, e.g., try bash
, and then run a few more commands and exit, to make sure that the summary function does not get sent to the background after the user's process finishes.
On a docker container, --privileged
is required for unshare to work.
When running try, mount fails in the overlayfs.
❯ ./try echo hi
mount: /tmp/tmp.nFUDbAZ10u/temproot/bin: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.nFUDbAZ10u/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.nFUDbAZ10u/temproot/etc: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
<snip>
unshare: failed to execute /bin/bash: No such file or directory
I've tried the following (as normal user) on my Ubuntu 22.04 64bit machine:
$ bash -x ./try pip install ipython
+ TRY_VERSION=0.1.0
+ NO_COMMIT=interactive
+ getopts :yvnD: opt
+ shift 0
+ '[' 3 -eq 0 ']'
+ case "$1" in
+ try pip install ipython
+ START_DIR=/home/Adama-docs/Adam/linux/tmp/try
+ '[' '' ']'
++ mktemp -d
+ SANDBOX_DIR=/tmp/tmp.zehcnpM68I
+ export SANDBOX_DIR
+ mkdir -p /tmp/tmp.zehcnpM68I/upperdir /tmp/tmp.zehcnpM68I/workdir /tmp/tmp.zehcnpM68I/temproot
+ for top_dir in /*
+ '[' -d /bin ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//bin /tmp/tmp.zehcnpM68I/workdir//bin /tmp/tmp.zehcnpM68I/temproot//bin
+ for top_dir in /*
+ '[' -d /boot ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//boot /tmp/tmp.zehcnpM68I/workdir//boot /tmp/tmp.zehcnpM68I/temproot//boot
+ for top_dir in /*
+ '[' -d /dev ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//dev /tmp/tmp.zehcnpM68I/workdir//dev /tmp/tmp.zehcnpM68I/temproot//dev
+ for top_dir in /*
+ '[' -d /etc ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//etc /tmp/tmp.zehcnpM68I/workdir//etc /tmp/tmp.zehcnpM68I/temproot//etc
+ for top_dir in /*
+ '[' -d /home ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//home /tmp/tmp.zehcnpM68I/workdir//home /tmp/tmp.zehcnpM68I/temproot//home
+ for top_dir in /*
+ '[' -d /lib ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//lib /tmp/tmp.zehcnpM68I/workdir//lib /tmp/tmp.zehcnpM68I/temproot//lib
+ for top_dir in /*
+ '[' -d /lib32 ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//lib32 /tmp/tmp.zehcnpM68I/workdir//lib32 /tmp/tmp.zehcnpM68I/temproot//lib32
+ for top_dir in /*
+ '[' -d /lib64 ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//lib64 /tmp/tmp.zehcnpM68I/workdir//lib64 /tmp/tmp.zehcnpM68I/temproot//lib64
+ for top_dir in /*
+ '[' -d /libx32 ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//libx32 /tmp/tmp.zehcnpM68I/workdir//libx32 /tmp/tmp.zehcnpM68I/temproot//libx32
+ for top_dir in /*
+ '[' -d /media ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//media /tmp/tmp.zehcnpM68I/workdir//media /tmp/tmp.zehcnpM68I/temproot//media
+ for top_dir in /*
+ '[' -d /mnt ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//mnt /tmp/tmp.zehcnpM68I/workdir//mnt /tmp/tmp.zehcnpM68I/temproot//mnt
+ for top_dir in /*
+ '[' -d /opt ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//opt /tmp/tmp.zehcnpM68I/workdir//opt /tmp/tmp.zehcnpM68I/temproot//opt
+ for top_dir in /*
+ '[' -d /Passwords2.kdbx ']'
+ for top_dir in /*
+ '[' -d /photoprism ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//photoprism /tmp/tmp.zehcnpM68I/workdir//photoprism /tmp/tmp.zehcnpM68I/temproot//photoprism
+ for top_dir in /*
+ '[' -d /proc ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//proc /tmp/tmp.zehcnpM68I/workdir//proc /tmp/tmp.zehcnpM68I/temproot//proc
+ for top_dir in /*
+ '[' -d /root ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//root /tmp/tmp.zehcnpM68I/workdir//root /tmp/tmp.zehcnpM68I/temproot//root
+ for top_dir in /*
+ '[' -d /run ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//run /tmp/tmp.zehcnpM68I/workdir//run /tmp/tmp.zehcnpM68I/temproot//run
+ for top_dir in /*
+ '[' -d /sbin ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//sbin /tmp/tmp.zehcnpM68I/workdir//sbin /tmp/tmp.zehcnpM68I/temproot//sbin
+ for top_dir in /*
+ '[' -d /snap ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//snap /tmp/tmp.zehcnpM68I/workdir//snap /tmp/tmp.zehcnpM68I/temproot//snap
+ for top_dir in /*
+ '[' -d /srv ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//srv /tmp/tmp.zehcnpM68I/workdir//srv /tmp/tmp.zehcnpM68I/temproot//srv
+ for top_dir in /*
+ '[' -d /@swap ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//@swap /tmp/tmp.zehcnpM68I/workdir//@swap /tmp/tmp.zehcnpM68I/temproot//@swap
+ for top_dir in /*
+ '[' -d /swap ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//swap /tmp/tmp.zehcnpM68I/workdir//swap /tmp/tmp.zehcnpM68I/temproot//swap
+ for top_dir in /*
+ '[' -d /swap.img ']'
+ for top_dir in /*
+ '[' -d /sys ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//sys /tmp/tmp.zehcnpM68I/workdir//sys /tmp/tmp.zehcnpM68I/temproot//sys
+ for top_dir in /*
+ '[' -d /tmp ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//tmp /tmp/tmp.zehcnpM68I/workdir//tmp /tmp/tmp.zehcnpM68I/temproot//tmp
+ for top_dir in /*
+ '[' -d /usr ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//usr /tmp/tmp.zehcnpM68I/workdir//usr /tmp/tmp.zehcnpM68I/temproot//usr
+ for top_dir in /*
+ '[' -d /var ']'
+ mkdir /tmp/tmp.zehcnpM68I/upperdir//var /tmp/tmp.zehcnpM68I/workdir//var /tmp/tmp.zehcnpM68I/temproot//var
++ mktemp
+ mount_and_execute=/tmp/tmp.vu7KwDCiXR
++ mktemp
+ export chroot_executable=/tmp/tmp.o2GNp8OpGq
+ chroot_executable=/tmp/tmp.o2GNp8OpGq
++ mktemp
+ export try_mount_log=/tmp/tmp.HYUBzRN8rm
+ try_mount_log=/tmp/tmp.HYUBzRN8rm
+ cat
+ cat
+ chmod +x /tmp/tmp.vu7KwDCiXR /tmp/tmp.o2GNp8OpGq
+ unshare --mount --map-root-user --user --pid --fork /tmp/tmp.vu7KwDCiXR
Warning: Failed mounting /home as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /media as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /snap as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /var as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /run/user/1000/doc as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /snap/acrordrdc/62 as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /snap/bare/5 as an overlay, see /tmp/tmp.HYUBzRN8rm
...
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /var/lib/docker/btrfs as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /home/adam as an overlay, see /tmp/tmp.HYUBzRN8rm
Warning: Failed mounting /home/Adama-docs as an overlay, see /tmp/tmp.HYUBzRN8rm
/tmp/tmp.o2GNp8OpGq: line 4: cd: /home/Adama-docs/Adam/linux/tmp/try: No such file or directory
+ exitcode=1
+ case "$NO_COMMIT" in
+ summary /tmp/tmp.zehcnpM68I
+ '[' -d /tmp/tmp.zehcnpM68I ']'
+ '[' -d /tmp/tmp.zehcnpM68I/upperdir ']'
++ find /tmp/tmp.zehcnpM68I/upperdir/ -type f -or '(' -type c -size 0 ')'
++ ignore_changes
++ grep -v -e .rkr -e Rikerfile
+ changed_files=
+ '[' -z '' ']'
+ return 1
+ '[' 1 -eq 0 ']'
+ exit 1
/tmp/tmp.RqaXJrG4E1: line 4: cd: /home/Adama-docs/Adam/linux/tmp/try: No such file or directory
It failed without a comprehensive error message (folder /home/Adama-docs/Adam/linux/tmp/try
obviously exists, as this is the place the repository was cloned).
This looks like a nice tool. Thanks for sharing it.
You may not be aware of an old tool named checkinstall
, which works similarly: changes to the filesystem are intercepted, they are collected into a distro-specific package, and installed with the distro's package manager; then the package can be removed to undo the changes. It's been available in Debian, Red Hat, etc. for a long time.
It would be good to mention it in the readme as an alternative: http://checkinstall.izto.org/
Currently try
with apt install fails both with sudo in and out of the try:
$ ./try sudo apt install tmux
sudo: error in /etc/sudo.conf, line 0 while loading plugin "sudoers_policy"
sudo: /usr/lib/sudo/sudoers.so must be owned by uid 0
sudo: fatal error, unable to load plugins
$ sudo ./try apt install tmux
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
tmux
1 upgraded, 0 newly installed, 0 to remove and 227 not upgraded.
Need to get 292 kB of archives.
After this operation, 0 B of additional disk space will be used.
E: setgroups 65534 failed - setgroups (1: Operation not permitted)
E: setegid 65534 failed - setegid (22: Invalid argument)
E: seteuid 105 failed - seteuid (22: Invalid argument)
E: setgroups 0 failed - setgroups (1: Operation not permitted)
Ign:1 http://us.archive.ubuntu.com/ubuntu focal-updates/main amd64 tmux amd64 3.0a-2ubuntu0.4
Err:1 http://security.ubuntu.com/ubuntu focal-updates/main amd64 tmux amd64 3.0a-2ubuntu0.4
Could not open file /var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb - open (13: Permission denied) [IP: 91.189.91.39 80]
W: chown to _apt:root of directory /var/cache/apt/archives/partial failed - SetupAPTPartialDirectory (22: Invalid argument)
W: chmod 0700 of directory /var/cache/apt/archives/partial failed - SetupAPTPartialDirectory (1: Operation not permitted)
W: chown to _apt:root of directory /var/lib/apt/lists/auxfiles failed - SetupAPTPartialDirectory (22: Invalid argument)
W: chmod 0700 of directory /var/lib/apt/lists/auxfiles failed - SetupAPTPartialDirectory (1: Operation not permitted)
E: setgroups 65534 failed - setgroups (1: Operation not permitted)
E: setegid 65534 failed - setegid (22: Invalid argument)
E: seteuid 105 failed - seteuid (22: Invalid argument)
W: Download is performed unsandboxed as root as file '/var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
E: setgroups 0 failed - setgroups (1: Operation not permitted)
W: Problem unlinking the file /var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb - PrepareFiles (13: Permission denied)
W: Problem unlinking the file /var/cache/apt/archives/partial/tmux_3.0a-2ubuntu0.4_amd64.deb - PrepareFiles (13: Permission denied)
Changes detected in the following files:
/tmp/tmp.neLW9gBc4r/upperdir/var/cache/apt/archives/lock
/tmp/tmp.neLW9gBc4r/upperdir/var/lib/dpkg/lock
/tmp/tmp.neLW9gBc4r/upperdir/var/lib/dpkg/lock-frontend
Commit these changes? [y/N]
Perhaps a flag for a hardened mode which uses a separate network stack and only expose some /dev files (e.g., null, (u)random, zero).
Something that makes sudo ./try rm -rf /
not affect the host system.
Add a -v
flag to get the version.
We currently summarize changes in terms of complete paths into the upperdir:
Changes detected in the following files:
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/ast.py (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/_dash.py (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__init__.py (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/printer.cpython-310.pyc (modified/added)
/tmp/tmp.zHCkY9jtIT/upperdir/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/ast.cpython-310.pyc (modified/added)
...
We should hide everything through upperdir
, i.e., showing:
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/ast.py (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/_dash.py (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__init__.py (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/printer.cpython-310.pyc (modified/added)
/home/gliargovas/.local/lib/python3.10/site-packages/libdash/__pycache__/ast.cpython-310.pyc (modified/added)
We should allow the user to choose what they want to commit.
One way to do this is to list all the changes in the upperdir in a file, open up and editor so user can delete the files that they don't wish to commit, and then commit the rest. In the prompt file we could also describe the type of change, (modify/create or delete).
$ try ls
/bin/bash: error while loading shared libraries: libreadline.so.8: cannot open shared object file: No such file or directory
I'm in an up-to-date Arch Linux.
After cloning the repo and running ./try cb
, I'm getting these errors:
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /home as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /run/user/1000/doc as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /home/jackson/SecondDrive as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /recovery as an overlay, see /tmp/tmp.NVsp08HPwA
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.NVsp08HPwA
/tmp/tmp.gLlM2WMSzk: line 4: cd: /home/jackson/try: No such file or directory
From dmesg
:
[21415.387716] overlayfs: failed to set xattr on upper
[21415.387718] overlayfs: ...falling back to xino=off.
[21415.387718] overlayfs: try mounting with 'userxattr' option
[21415.388733] overlayfs: failed to set xattr on upper
[21415.388734] overlayfs: ...falling back to xino=off.
[21415.388735] overlayfs: try mounting with 'userxattr' option
[21415.388737] overlayfs: failed to clone lowerpath
[21415.390575] overlayfs: failed to set xattr on upper
[21415.390576] overlayfs: ...falling back to xino=off.
[21415.390577] overlayfs: try mounting with 'userxattr' option
[21415.391556] overlayfs: failed to set xattr on upper
[21415.391557] overlayfs: ...falling back to xino=off.
[21415.391557] overlayfs: try mounting with 'userxattr' option
[21415.391559] overlayfs: failed to clone lowerpath
[21415.392856] overlayfs: failed to set xattr on upper
[21415.392857] overlayfs: ...falling back to xino=off.
[21415.392857] overlayfs: try mounting with 'userxattr' option
[21415.394656] overlayfs: failed to set xattr on upper
[21415.394658] overlayfs: ...falling back to xino=off.
[21415.394658] overlayfs: try mounting with 'userxattr' option
[21415.395746] overlayfs: failed to set xattr on upper
[21415.395747] overlayfs: ...falling back to xino=off.
[21415.395748] overlayfs: try mounting with 'userxattr' option
[21415.397045] overlayfs: failed to set xattr on upper
[21415.397047] overlayfs: ...falling back to xino=off.
[21415.397048] overlayfs: try mounting with 'userxattr' option
[21415.398331] overlayfs: failed to set xattr on upper
[21415.398332] overlayfs: ...falling back to xino=off.
[21415.398333] overlayfs: try mounting with 'userxattr' option
[21415.399696] overlayfs: failed to set xattr on upper
[21415.399698] overlayfs: ...falling back to xino=off.
[21415.399698] overlayfs: try mounting with 'userxattr' option
[21415.401035] overlayfs: failed to set xattr on upper
[21415.401037] overlayfs: ...falling back to xino=off.
[21415.401037] overlayfs: try mounting with 'userxattr' option
[21415.402049] overlayfs: failed to set xattr on upper
[21415.402050] overlayfs: ...falling back to xino=off.
[21415.402051] overlayfs: try mounting with 'userxattr' option
[21415.403984] overlayfs: failed to set xattr on upper
[21415.403985] overlayfs: ...falling back to xino=off.
[21415.403985] overlayfs: try mounting with 'userxattr' option
[21415.405473] overlayfs: failed to set xattr on upper
[21415.405475] overlayfs: ...falling back to xino=off.
[21415.405475] overlayfs: try mounting with 'userxattr' option
[21415.406477] overlayfs: failed to set xattr on upper
[21415.406478] overlayfs: ...falling back to xino=off.
[21415.406479] overlayfs: try mounting with 'userxattr' option
[21415.407962] overlayfs: failed to set xattr on upper
[21415.407963] overlayfs: ...falling back to xino=off.
[21415.407963] overlayfs: try mounting with 'userxattr' option
[21415.408990] overlayfs: failed to set xattr on upper
[21415.408992] overlayfs: ...falling back to xino=off.
[21415.408992] overlayfs: try mounting with 'userxattr' option
[21415.410003] overlayfs: failed to set xattr on upper
[21415.410004] overlayfs: ...falling back to xino=off.
[21415.410005] overlayfs: try mounting with 'userxattr' option
[21415.411689] overlayfs: failed to resolve '/tmp/tmp.sw78B8qrlH/upperdir/run/user/1000/doc': -2
[21415.412428] overlayfs: failed to resolve '/tmp/tmp.sw78B8qrlH/upperdir/home/jackson/SecondDrive': -2
[21415.413072] overlayfs: failed to set xattr on upper
[21415.413073] overlayfs: ...falling back to xino=off.
[21415.413074] overlayfs: try mounting with 'userxattr' option
[21415.413075] overlayfs: filesystem on '/recovery' not supported
[21415.413607] overlayfs: failed to resolve '/tmp/tmp.sw78B8qrlH/upperdir/boot/efi': -2
I'm using Pop!_OS 22.04. Is this a known issue?
It seems like mount --rbind -o ro,noload --read-only /run "$SANDBOX_DIR/temproot/run"
is not making /run mount as readonly.
We should also try to get this mounted in overlayfs aswell so we can track changes in run.
Motivation: running try rm -rf --no-preserve-root /*
will break the system until the system is power-cycled as removing entries in /run breaks systemd.
Relates to #20
It would be nice if we were able to mount the /dev
directory to the overlay as well. Currently, this fails, and as a result commands that write to /dev/null
are doomed to fail.
$ try git clone https://github.com/binpash/try.git
mount: /tmp/tmp.Q15MleyJXP/temproot/boot: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
mount: /tmp/tmp.Q15MleyJXP/temproot/var: wrong fs type, bad option, bad superblock on overlay, missing codepage or helper program, or other error.
fatal: could not open '/dev/null' for reading and writing: No such file or directory
Works on Ubuntu 20.04.6 5.4.0-152-generic
Works on Ubuntu 23.04 6.2.0-23-generic
Works on Rocky 9 5.14.0-284.11.1.el9_2
Works on Centos 9 Stream 5.14.0-325.el9
Works on Debian 12 6.1.0-9-amd64
Works on Arch 6.1.33-1-lts
Works on Alpine 6.1.34-1-lts
Fails on Debian 10 5.10.0-21-amd64
Fails on Debian 10 4.19.0-24-amd64
Fails on Debian 11 5.10.0-23-amd64
Fails on Centos 7 3.10.0-1160.90.1.el7
Fails on Centos 8 Stream 4.18.0-496.el8
Note: systems where unprivileged userns is disabled by default (e.g., debian 10) we can run sysctl -w kernel.unprivileged_userns_clone=1
to let unshare --user work.
At the beginning of appropriate routines, (e.g., try()
), we should ensure that any non-obvious binaries we need (e.g., findmnt
) exist and fail early if they do not. Bonus points for appropriate depext suggestions.
Right now ignore_changes
is using logic that's only appropriate for the hs
stuff. We should (a) have nothing be ignored by default and (b) let the user specify what to ignore.
I imagine:
$ try -i '*~' -i '#*#' -- emacs -nw foo.txt
...
We should allow multiple instances of the -i
flag, with the expectation that these will be passed as patterns to grep -v
.
Somewhat related to #25.
On arch and alpine cloud images, /tmp is tempfs, so the inner unshare would fail since the $chroot_executable
is not accessible. $chroot_executable
is however visible in the first unshare.
If fuse-overlayfs is available, it would make sense to use it instead of the kernel overlayfs. This would be especially useful on systems where overlayfs is not available for non-root users.
This is the strategy used by rootless podman (see https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md).
Write a manpage!
do the thing
Do we want to cleanup the tempdir and tempfiles that we make?
Currently FreeBSD missing unshare
and maybe other unaddressed issues?
Should we look into a better CI system that could support testing on multiple distros and mount setups.
Currently for linux, github actions only works for Ubuntu 20 and Ubuntu 22.
https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners#supported-runners-and-hardware-resources
Things that we want to test
curl | bash
scriptsHi,
at line 227, the getopts call is missing the v
parameter, so the switch/case statement's v
section is unreachable.
Also, try to separate the version information in the upper section as a variable, so it can easily be updated for the future,
such as the printf string in the v
section of the switch/case after getopts doesn't have to change, ever again.
That would be it.
When we're first in unshare, we are mapped to the root user so that we can mount the directories.
But that is not the actual uid of the caller user, does this matter?
We could use another unshare to map the user id back.
Running NixOS with brtfs and the following disk layout:
$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 2.7T 0 disk
└─sda1 8:1 0 2.7T 0 part
sdb 8:16 0 2.7T 0 disk
└─sdb1 8:17 0 2.7T 0 part
sdc 8:32 0 476.9G 0 disk
└─sdc1 8:33 0 476.9G 0 part
sdd 8:48 1 7M 0 disk
└─sdd1 8:49 1 7M 0 part
nvme0n1 259:0 0 238.5G 0 disk
├─nvme0n1p1 259:1 0 512M 0 part /boot
├─nvme0n1p2 259:2 0 192G 0 part /home
│ /nix/store
│ /
└─nvme0n1p3 259:3 0 46G 0 part
└─enclave 254:0 0 46G 0 crypt /swap
Executing ./try echo hi
on mount-fix branch errors out with warnings that every mount point failed to mount as an overlay. It appears that this is caused by failed uid/gid mappings that must occur due to NixOS's wrapper.c. Full command output and contents of the referenced tmp file are included below.
$ ./try echo hi
/tmp/tmp.AOXiqDxls5: line 4: 3 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /bin as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 7 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /etc as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 10 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /mnt as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 12 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /nix as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 15 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /root as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 18 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /srv as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 22 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /tmp as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 24 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /usr as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 4: 26 Aborted (core dumped) mount -t overlay overlay -o lowerdir=/"$top_dir",upperdir="$SANDBOX_DIR"/upperdir/"$top_dir",workdir="$SANDBOX_DIR"/workdir/"$top_dir" "$SANDBOX_DIR"/temproot/"$top_dir" 2>> "$try_mount_log"
Warning: Failed mounting /var as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20: 30 Aborted (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /run/user/1000/doc as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20: 31 Aborted (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /nix/store as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20: 32 Aborted (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /swap as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20: 33 Aborted (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.dh9r3FP2pr
/tmp/tmp.AOXiqDxls5: line 20: 34 Aborted (core dumped) mount -t overlay overlay -o lowerdir="$mount_dir",upperdir="$SANDBOX_DIR"/upperdir"$mount_dir",workdir="$SANDBOX_DIR"/workdir"$mount_dir" "$SANDBOX_DIR"/temproot"$mount_dir" 2>> "$try_mount_log"
Warning: Failed mounting /home as an overlay, see /tmp/tmp.dh9r3FP2pr
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
/tmp/tmp.AOXiqDxls5: line 28: 35 Aborted (core dumped) mount --rbind /dev "$SANDBOX_DIR/temproot/dev"
/tmp/tmp.AOXiqDxls5: line 31: 36 Aborted (core dumped) mount --rbind --read-only /run "$SANDBOX_DIR/temproot/run" 2> /dev/null
unshare: failed to execute /bin/bash: No such file or directory
$ cat tmp.dh9r3FP2pr
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Assertion `!(st.st_mode & S_ISUID) || (st.st_uid == geteuid())` in NixOS's wrapper.c failed.
Running the same command on future branch, after running setup.sh as root, gives:
$ ./try echo hi
nc: Address already in use
./try: line 225: ./gidmapper: cannot execute: required file not found
nc: invalid option -- 'q'
usage: nc [-46cDdFhklNnrStUuvz] [-C certfile] [-e name] [-H hash] [-I length]
[-i interval] [-K keyfile] [-M ttl] [-m minttl] [-O length]
[-o staplefile] [-P proxy_username] [-p source_port] [-R CAfile]
[-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit] [-w timeout]
[-X proxy_protocol] [-x proxy_address[:port]] [-Z peercertfile]
[destination] [port]
^C
A debug mode that writes set -x
on try and the two sub-scripts inside.
Build a test harness and get it in CI.
Broken after commit 6ee0b1c
Warning: Failed mounting /boot as an overlay, see /tmp/tmp.nwIl2siLYA
Warning: Failed mounting /boot/efi as an overlay, see /tmp/tmp.nwIl2siLYA
/tmp/tmp.kIsD0QvoHA: line 5: /tmp/tmp.uqN6ZNuDyl: No such file or directory
/tmp/tmp.qU8jIEuvWJ
OS: Archlinux.
If we fail to commit a file, we should prompt the user on whether we should commit the rest or abort here. We could also let the user shell into the overlayfs and then rerun summary.
Hide all occurences of try-internal variables before running the script.
Michael's implementation proposal:
Okay, sure. Three straightforward ways to hide it:
- don't mark SANDBOX_DIR as exported, but manually set it per command that should see it
- SANDBOX_DIR="" when calling the internal command or to save the variable in a non-exported one
- save and unset SANDBOX_DIR before running the command, then restore it
We should make sure top level directories also have the right permissions.
ubuntu@pashtestold:~/try$ ./try ls -lah /tmp | head -2
total 1.2M
drwxrwxr-x 1 root root 4.0K Jun 27 19:03 .
ubuntu@pashtestold:~/try$ ls -lah /tmp | head -2
total 1.3M
drwxrwxrwx 84 root root 112K Jun 27 19:03 .
Relates to #6
It appears there is an issue with how $@
gets quoted when it is passed along.
Example
$ echo 'test | cat'
test | cat
$ try echo 'test | cat'
test
It seems that the string gets unquoted along the way, so it actually ends up executing echo test | cat
. Not sure what the cleanest solution to escaping the individual arguments is. My typical approach would be to use printf '%q' $arg
for each argument in ${@}
, but TIL %q
isn't supported by the GNU utils version of printf
.
In the code that tries to mount the overlays, there is a check for top level directory mount points that is a little too aggressive for systems the have user filesystems mounted at locations like /srv and /home (which is the custom of the system administrators where I work).
this line
if [ -d "$top_dir_abs" ] && ! mountpoint -q "$top_dir_abs"; then
excludes the LVM volumes mounted at /srv/and /home on my system via the "! mountpoint" clause.
When I run try from my home directory (/home/mccahill) it fails like this:
/tmp/tmp.P5nVCaSZ5L: line 4: cd: /home/mccahill: No such file or directory
Try does run correctly when run from a directory for which it has created an overlay.
I can see why try wants to exclude mounts like /boot, /dev, /proc, /run, /sys, and so on, but user filesystem mounts need to have overlays.
Would be cool if it also worked for macOS. I just downloaded and tried to run but obviously this cannot work without tools like unshare :)
Hi there,
I would like to create an aur package (arch linux users repo) for try
but I saw that there is no version at all or any git tag.
Do you have in plan to release any version soon?
thanks
ps may I also suggest bats for the testing part?
Right now we detect whiteout files with [ -c "$changed_file" ] && ! [ -s "$changed_file" ]
... but we should also check that the major/minor numbers are 0/0 in case someone has some non-whiteout, empty character device file. (Hard to imagine this happening, but safety first.)
try
currently runs the intermediate temporary scripts that it creates using /bin/sh
. This causes a problem if we want the internal script to run using a different shell and therefore inherit its state, e.g., bash functions.
A running example of the wanted behavior follows:
$ func() { echo hi; }
$ export -f func
$ bash ./deps/try/try func
hi
I think that a good portable solution would be to run the intermediate scripts with whatever shell try is running too. What is a portable way to determine which shell we are running on? Here are some alternatives:
$SHELL
variable will contain the name of the login shell (it doesn't work if the subprocess is different than the login shell)ps
, e.g., ps -o args= -p "$$"
or ps -o command= -p "$$"
. This seems to me like the most portable and correct solution.Here are some SO posts that discuss this issue:
Note that we don't really care about the underlying shell, we just want the executable (or even a link to it), so if try was invoked using /bin/sh
we can just use that, we don't care that it was bash under the hood.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.