Profile

Cover photo
50 followers|22,660 views
AboutPosts

Stream

PRoot

Shared publicly  - 
 
Hi all,

We are pleased to announce PRoot v5.1.0 (http://proot.me/#downloads).  In a couple of words, this release fixes some critical regressions that were introduced in the v5.0.0 release.  This is also the first release that preserves the name of prooted programs.

More details: https://groups.google.com/forum/#!topic/proot_me/6UI-ffSiZys
5
4
Rémi Duraffort's profile photoChristophe Lyon's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
Hi all!

We are pleased to announce PRoot v5.0.0 (http://proot.me/#downloads).

This version uses its own program loader (ELF) instead of the one shipped in Glibc. That means a lot of bugs were fixed, and it is now possible to proot into systems that don't provide an ELF loader, like Android. More details: https://github.com/cedric-vincent/PRoot/blob/v5.0.0/doc/proot/changelog.txt
6
2
Rémi Duraffort's profile photoChristophe Lyon's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
Hi all,

A new bug fix release (v4.0.2) is now available: http://proot.me/#downloads

Changelog:

+ Fix how the very first program is launched by PRoot.  Previously, argv[0] was not preserved when the very first program was launched through a symbolic link.  This old  behavior used to bug programs like Busybox and python-exec.  Thanks to "hhm", Ivailo "fluxer" Monev, and Joakim Tjernlund for the bug reports.

+ Fix renameat(2) sysexit support.  There was a bug in PRoot that was exposed by the Aarch64 (a.k.a arm64) port only but that might affect other architectures.

+ Fix build for AArch64.  Thanks to Rémi Duraffort for the patches and for the Debian/arm64 testing platform.

+ Fix support for "long" socket paths.  These can only be 108 bytes long; this limit might be easily reached with PRoot since the path to the rootfs is always prepended.  The solution was to automatically bind this long path to a shorter path.  This bug was exposed by LibreOffice and Yocto's pseudo.  Thanks to Christophe Guillon for the bug report.

Enjoy!
1
1
Rémi Duraffort's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
We are pleased to announce PRoot v4.0.0.

In a couple of words, this is the first release that makes possible to use programs based on ptrace, like GDB or Strace.  Also, the fake_id0 extension ("-0" option) has been improved, and it is enabled by the new "-S" option, which also binds a minimal set of paths.  The "-S" option is now the recommended way to safely install packages into the guest rootfs, for example:

      $ proot -S ubuntu-14.04-rootfs/ apt-get install samba

  or:

      $ proot -S ubuntu-14.04-rootfs/
      # apt-get install samba

Downloads: http://proot.me/#downloads
Changelog: https://groups.google.com/forum/#!topic/proot_me/K_DsLNI8UlY
5
1
Rémi Duraffort's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
We are pleased to announce PRoot v3.2.2.  Fixes are:

- Remove a useless memory layout constraint on x86_64 that bugs some programs like java and or qemu.

- It is now possible to launch the initial program from a relative path without specifying the "./" prefix, for example:

    $ proot path/to/program

- Don't discard fcntl(F_DUPFD_CLOEXEC) systematically when the kompat extension is enabled (-k option).

- Don't use syscalls that require Linux >= 2.6.16 anymore.

Packages are not ready yet because build servers are stuck (https://build.opensuse.org/package/show/home:cedric-vincent/PRoot).  In the mean time, please use the following binaries:

    http://static.proot.me/proot-x86_64

    http://static.proot.me/proot-x86
2
2
Christophe Lyon's profile photoRémi Duraffort's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
We are pleased to announce the first public version of CARE, a new tool based on PRoot!

CARE monitors the execution of the specified command to create an archive that contains all the material required to re-execute it in the same context.  That way, the command will be reproducible everywhere, even on Linux systems that are supposed to be not compatible with the original Linux system.  CARE is typically useful to get reliable bug reports, demonstrations, academic experiences, tutorials, portable applications, minimal rootfs, file-system coverage, ...

-- http://reproducible.io
CARE monitors the execution of the specified command to create an archive that contains all the material required to re-execute it in the same context. That way, the command will be reproducible everywhere, even on Linux systems that are supposed to be not compatible with the original Linux system. CARE is typically useful to get reliable bug reports, demonstrations, academic experiences, tutorials, portable applications, minimal rootfs, file-s...
5
3
Ludovic Desroches's profile photoJean-Philippe André's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
We are looking for an intern to implement or extend a new file-system abstraction (a.k.a VFS) in PRoot.  This VFS would be used:

- to improve the root privileges emulation ("-0" option)

- to implement a translation cache (speed-up)

- to implement a copy-on-write tool, à la http://pdos.csail.mit.edu/~taesoo/pubs/2013/mbox/mbox.pdf

- <insert your own idea here>

Due to legal reasons, the intern has to come from a French school and has to work in our offices in Grenoble, although English language is OK.  Feel free to contact <cedric.vincent@gmail.com> for further details.
1
2
Rémi Duraffort's profile photoNicolas Toromanoff's profile photo
Add a comment...
Have them in circles
50 people
Alexander Kanevskiy's profile photo
Robert Alm's profile photo
Martin Novy's profile photo
Hideki Yamane's profile photo
Daisuke NAKATANI's profile photo
Ludovic Desroches's profile photo
Yvan Roux's profile photo
Clément Bazin's profile photo
Christophe Guillon's profile photo

PRoot

Shared publicly  - 
 
Hi all,

We are pleased to announce PRoot v4.0.3 (http://proot.me/#downloads).  This release contains the following fixes:

+ Heap emulation is disabled when a "suspicious" call to brk(2) is actually legit, as it might be the case when launching the very
  first program.

+ The "-0" and "-S" options ("root" identity emulation) now fake success of mknodat(2), as it was the case for mknod(2) previously.
  This missing feature was revealed by the AArch64 port.

+ The "-k" option (kernel compatibility emulation) now works on Linux/AArch64.

Thanks to Rémi Duraffort for the bug reports and for his LAVA testing platform!
3
1
Christophe Lyon's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
A bug fix release (v4.0.1) is now available: http://proot.me/#downloads

Changelog:

+ Fix a couple of portability issues in the testsuite. Thanks to Rémi Duraffort for all the tests he made on his instance of Linaro LAVA.

+ Set $PWD to the value specified by the -w option, otherwise Bash pwd   builtin might be confused under some specific circumstances. Thanks to Jérémy Bobbio for the bug report.

+ Fix support for accessat and fchmodat syscalls: they have only three parameters, not four. This bug was exposed by Gentoo's sandbox:

      proot -S gentoo-amd64-rootfs emerge util-linux
3
1
Rémi Duraffort's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
I'm happy to share this announce about Debian noroot, an Android project using PRoot :)  You can now use your Android device like a desktop system since it is shipped with XFCE, and a X server of course.  Follow these two links to get more details:
* https://plus.google.com/u/0/+SergiiPylypenko/posts/grw2Y3MsgNa
* https://play.google.com/store/apps/details?id=com.cuntubuntu
This app will install Debian Wheezy. You do not need to root your device, i...
3
1
Martin Novy's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
We will give a lightning talk during FOSDEM 2014 about PRoot, CARE, and another tool.  We hope to see you there :)
PRoot is initially a user-mode implementation of some kernel features: chroot, mount --bind, binfmtmisc, ... Its original purpose is to build and to validate programs on systems that are supposed to be not compatible (distro, kernel, CPU, ...). PRoot does not require any privileges since it ...
2
3
Rémi Duraffort's profile photoLudovic Desroches's profile photo
Add a comment...

PRoot

Shared publicly  - 
 
While working on PRoot to improve the extension that fake the root user, I (re)discovered an old article that I never published before. So let's focus on the fake_id0 feature and
2
Add a comment...
People
Have them in circles
50 people
Alexander Kanevskiy's profile photo
Robert Alm's profile photo
Martin Novy's profile photo
Hideki Yamane's profile photo
Daisuke NAKATANI's profile photo
Ludovic Desroches's profile photo
Yvan Roux's profile photo
Clément Bazin's profile photo
Christophe Guillon's profile photo
Contact Information
Contact info
Email
Story
Tagline
chroot, mount --bind, and binfmt_misc without privilege/setup
Introduction
PRoot is a user-space implementation of chroot, mount --bind, and binfmt_misc. This means that users don't need any privilege or setup to do things like: using an arbitrary directory as the new root file-system or making files accessible somewhere else in the file-system hierarchy or executing programs built for another CPU architecture transparently through QEMU user-mode. Technically PRoot relies on ptrace, an unprivileged system-call available in every Linux kernel.
Links