Main Page

From Fakeroot NG


April 12 2013: Version 0.18 of fakeroot-ng is out. The biggest change is support for ptrace_scope option in the kernel. Fakeroot-ng now correctly works with a settings of 1 (default on Ubuntu). Sadly, it does not, and cannot, work with a setting of 2, as that is fundamentally incompatible with its mode of operation.

What is Fakeroot Next Generation (NG)

Fakeroot-ng is a clean re-implementation of fakeroot. The core idea is to run a program, but wrap all system calls that program performs so that it thinks it is running as root, while it is, in practice, running as an unprivileged user. When the program is trying to perform a privileged operation (such as modifying a file's owner or creating a block device), this operation is emulated, so that an unprivileged operation is actually carried out, but the result of the privileged operation is reported to the program whenever it attempts to query the result.

Technical differences between Fakeroot and Fakeroot-ng

Fakeroot uses the LD_PRELOAD mechanism to wrap system calls. This is fairly simple (relatively speaking) to implement, and is equivalent of placing a hook between the program and the runtime library. Among other disadvantages, LD_PRELOAD is unable to track system calls performed by statically compiled files.

Fakeroot-ng, on the other hand, uses the PTRACE mechanism, the mechanism used by debuggers, to track the program's system calls. This is equivalent of placing a hook between the user space and the kernel. It is not possible to bypass the monitoring performed by fakeroot-ng, even if one attempts to do so on purpose. The down side is that the hooks themselves are much more platform dependent, and are more difficult to program and debug.

More details about the technical differences between LD_PRELOAD and PTRACE system calls monitoring can be found in the PTRACE LD_PRELOAD comparison page.

Functional differences between Fakeroot and Fakeroot-ng

On the functional level, there are many differences between fakeroot and fakeroot-ng. Some of these differences are a result of the different technologies used by the two programs, and some are more derivatives of the above. The differences cover such areas as default ownership of unknown files, handling of SUID executables and chroot support. The differences are covered in more depth in the fakeroot vs fakeroot-ng comparison page.

Drawing the Line

Some features, though technically possible, are out of scope for the project.

Technical documentation

Who is Responsible for Fakeroot-ng

Fakeroot-ng is written and maintained by Shachar Shemesh.

Getting support

Support is available through the mailing list. The list archives are available here. Posting to the list requires subscribing to it first. You can subscribe to the list here.

Commercial support is available from Shachar's company, Lingnu Open Source Consulting Ltd.

Getting fakeroot-ng

The latest version of fakeroot-ng is 0.18. It can be downloaded from the SourceForge project's page.

Relevant discussion

A thread at the utrace development mailing list about utrace support for PTRACE_GETSIGINFO (or its lack there of), and the bugzilla bug filed.