FAKECHROOT(1)FAKECHROOT(1)NAMEfakechroot - gives a fake chroot environment
SYNOPSISfakechroot [-s|--use-system-libs] [-l|--lib library] [--] [command]
DESCRIPTIONfakechroot runs a command in an environment were is additional
possibility to use chroot(8) command without root privileges. This is
useful for allowing users to create own chrooted environment with
possibility to install another packages without need for root
fakechroot replaces more library functions (chroot(2), open(2), etc.)
by ones that simulate the effect the real library functions would have
had, had the user really been in chroot. These wrapper functions are
in a shared library /usr/lib/fakechroot/libfakechroot.so which is
loaded through the LD_PRELOAD mechanism of the dynamic loader. (See
In fake chroot you can install Debian bootstrap with `debootstrap
--variant=fakechroot' command. In this environment you can use i.e.
apt-get(8) command to install another packages from common user's
In the current version, the fakechroot does not provide the fakeroot(1)
functionality! You might to call fakechroot with fakeroot command, if
you want to emulate root environment, i.e.:
$ fakeroot fakechroot /usr/sbin/chroot /tmp/debian /bin/sh
uid=0(root) gid=0(root) groups=0(root)OPTIONS-l library|--lib library
Specify an alternative wrapper library.
Use system libraries before chroot's libraries. This might be a
workaround if system dynamic linker (/lib/ld-linux.so.2 for Linux)
can not load libc.so from fake chroot.
Try this setting if you noticed following errors:
$ fakechroot /usr/sbin/chroot /tmp/sarge /bin/true
/bin/true: relocation error: /srv/sarge/lib/tls/libc.so.6: symbol _dl
_starting_up, version GLIBC_PRIVATE not defined in file ld-linux.so.2
with link time reference
$ fakechroot /usr/sbin/chroot /tmp/centos4 /bin/true
Any command you want to be ran as fakechroot. Use '--' if in the
command you have other options that may confuse fakechroot's option
-h Display help.
-v Display version.
An example session with fakechroot:
$ export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin
$ fakeroot -s fakechroot.save fakechroot debootstrap --variant=fakech
root lenny /tmp/lenny
$ fakeroot -i fakechroot.save fakechroot chroot /tmp/lenny /bin/bash
# cd /
# sh /usr/share/doc/fakechroot/examples/savemode.sh
# echo deb http://ftp.debian.org/debian lenny main contrib non-free >
# echo deb-src http://ftp.debian.org/debian lenny main contrib non-fr
ee >> /etc/apt/sources.list
# apt-get update
# apt-get install adduser whiptail build-essential devscripts
# adduser --uid 1001 user
# cd /tmp
# apt-get source hello
# cd hello-*
# debuild --preserve-env -b
SECURITY ASPECTSfakechroot is a regular, non-setuid program. It does not enhance a
user's privileges, or decrease the system's security.
The shared library containing the wrapper functions.
The value is true for fake chroot environment.
The version of current fakechroot library.
The root directory for fake chroot environment.
The list of directories which are excluded from being chrooted.
The elements of list are separated with colon.
A list of command substitutions. If a program tries to execute one
of the commands given (path relative to the chroot) then the
substitute command runs instead (path to substitute command is not
will substitute "/tmp/ldconfig-wrapper" for "/sbin/ldconfig".
Give as many substitute commands as you want, separated by ":"
Fakechroot is implemented by wrapping system calls. This is
accomplished by setting LD_LIBRARY_PATH=/usr/lib/fakechroot and
LD_PRELOAD=libfakechroot.so. That library is loaded before the
system's C library, and so most of the library functions are
intercepted by it. If you need to set either LD_LIBRARY_PATH or
LD_PRELOAD from within a fakechroot environment, it should be set
relative to the given paths, as in
o /lib/ld-linux.so.2 is always loaded from real environment. This
path is hardcoded by linker for all binaries.
o Every command executed within fakechroot needs to be linked to the
same version of the C library as fakechroot itself. If the
libraries in chroot are not compatible, try to use
o You can provide symlinks to the outside. The symlink have to be
created before chroot is called. It can be useful for accessing
the real /proc and /dev directory. You can also set the
FAKECHROOT_EXCLUDE_PATH environment variable:
$ export FAKECHROOT_EXCLUDE_PATH=/tmp:/proc:/dev:/var/run
o Statically linked binaries doesn't work, especially ldconfig(8), so
you have to wrap this command with dummy version and i.e. set the
dpkg diversion, see: dpkg-divert(8).
o ldd(1) also doesn't work. You have to use "alias
ldd='LD_TRACE_LOADED_OBJECTS=1'" or to use a wrapper instead. The
example wrapper is available at scripts/ directory in fakechroot's
source package and it is located at
o The full screen applications hangs up if /dev/tty file is not a
real device. Link /dev/tty file or whole /dev directory to the
real one or remove it from fake chroot environment.
o lckpwdf() and ulckpwdf() are ignored so passwd(1) command should
o Your real uid should exist in /etc/passwd. Create it with adduser
--uid realuid realuser.
o debuild(1) cleans environment. Use --preserve-env option to
prevent this behaviour.
COPYINGfakechroot is distributed under the GNU Lesser General Public License
(LGPL 2.1 or greater).
Copyright (c) 2003-2008 Piotr Roszatycki <email@example.com>
Copyright (c) 2006-2007 Lionel Tricon <firstname.lastname@example.org>
Copyright (c) 2007 Mark Eichin <email@example.com>
SEE ALSOfakeroot(1), dpkg-buildpackage(1), debuild(1), debootstrap(8),
Debian 17 Jul 2008 FAKECHROOT(1)