💾 Archived View for unixcat.coffee › techne › void.gmi captured on 2022-01-08 at 13:45:58. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
This is just a quick recap of the guide from tuxliban, published here for longevity and expediency.
sudo mkdir /glibc sudo env XBPS_ARCH=x86_64 xbps-install --repository=http://alpha.de.repo.voidlinux.org/current -r /glibc -S base-voidstrap
Create glibc.c, which will make a new mount namespace:
#define _GNU_SOURCE #include <stdio.h> #include <sched.h> #include <sys/mount.h> #include <unistd.h> #define e(n,f) if (-1 == (f)) {perror(n);return(1);} #define SRC "/glibc" int main(int argc, const char const *argv[]) { const char const *shell[] = { "/bin/sh", NULL }; // move glibc stuff in place e("unshare",unshare(CLONE_NEWNS)); e("mount",mount(SRC "/usr", "/usr", NULL, MS_BIND, NULL)); e("mount",mount(SRC "/var/db/xbps", "/var/db/xbps", NULL, MS_BIND, NULL)); // drop the rights suid gave us e("setuid",setreuid(getuid(),getuid())); e("setgid",setregid(getgid(),getgid())); argv++; if (!argv[0]) argv = shell; e("execv",execvp(argv[0], argv)); }
Compile the code:
gcc -s -o glibc glibc.c
Copy the compiled binary to PATH:
sudo cp -v glibc /usr/bin/
Set ownership of compiled binary to root:
sudo chown root:root /usr/bin/glibc
Set executable permissions on the binary for user and group
sudo chmod +sx /usr/bin/glibc
To enter the container:
glibc
While in container, become root and upgrade the system:
su xbps-install -Su