You are not logged in.
Hello guys,
It is required to be root to successfully build archiso (this is mentioned several times in Archiso Wiki: https://wiki.archlinux.org/index.php/Archiso).
I've had success building archiso in a virtual machine (being a root there). However, virtual machine is not suitable for my use case.
I tried using Docker for that, but it requires privileged container (even though it is already being ran as root inside the container).
I get this error:
==> Creating install root at work/x86_64/airootfs
mount: /github/workspace/archiso/releng/work/x86_64/airootfs/proc: permission denied.
==> ERROR: failed to setup chroot work/x86_64/airootfs
As you can see, I'm playing around with Github runners, where I've set up an Arch Linux based Docker.
I've seen someone had success doing this, but they are running docker with the --privileged flag: https://github.com/nlhomme/archiso-builder
Does anyone have a clue about that?
Last edited by kyak (2020-08-13 14:16:18)
Offline
Yeah, I had the same issue today while trying to build a custom archiso config as an automated task on a k8s cluster. Clearly, a container is not my best bet.
Offline
https://gitlab.archlinux.org/archlinux/ … /issues/40 lists the places where mkarchiso currently needs root.
Biggest issue is that pacstrap, by default, requires running as root.
While it has a new unshare mode (option -N), we need to preserve the UIDs and GIDs inside the root file system image, so the whole thing (mkarchiso) would need to run in unshare.
Also from what I've seen, `pacstrap -K -N /tmp/test base linux` will fail at various steps where some pacman hook or install scripts tries to access /dev, e.g. a file descriptor /dev/fd/* or /dev/stdin.
All of this is probably solvable in one way or another, but just lacks someone willing to put in the effort to sort it all out.
Offline
Any news on this? I'm very interested in running mkarchiso in an unprivileged container
Offline