Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#58329 - {arch-install-scripts} Does pacstrap need access to /dev?

Attached to Project: Arch Linux
Opened by Philip Abernethy (Chais) - Tuesday, 24 April 2018, 00:21 GMT
Last edited by freswa (frederik) - Sunday, 13 September 2020, 13:34 GMT
Task Type General Gripe
Category Arch Projects
Status Assigned
Assigned To Eli Schwartz (eschwartz)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 2
Private No


I'm tinkering with lxc and noticed that pacstrap fails in an unprivileged container.
Digging a little deeper I narrowed it down to this line:
chroot_add_mount udev "$1/dev" -t devtmpfs -o mode=0755,nosuid
I don't see why a fully initialised devfs is necessary for installing packages. Useful devs like null or urandom could either be used from the host or initialised separately,
but I'd be surprised and suspicious if a package required direct access to, say, a block device during installation.
Am I missing something here? Or was this just the simplest solution and nobody tried building a chroot in an unprivileged lxc, yet?
This task depends upon

Comment by Dave Reisner (falconindy) - Saturday, 05 January 2019, 16:22 GMT
Doesn't grub need access to real devices in order to be useful?
Comment by dplusplus (dplusplus) - Wednesday, 01 December 2021, 00:06 GMT
I am trying to set up an unprivileged lxc container for automated PKGBUILD package building in clean chroots, and am hitting this same issue too (specifically, I try to run `pacstrap /home/archbuilding/arch-chroot` and I get the error message `mount: /home/archbuilding/arch-chroot/dev: permission denied.`). I guess the Arch Linux official build systems, and everyone else doing Arch package building in clean chroots, use virtual machines so they do not have this problem.

Things like GRUB certainly need access to real devices, but is GRUB useful in a chroot environment?