Setuid binaries not working under proot

[Paweł Radtke]

Hi,

I have a rootfs (a directory in my HOME folder) that contains a setuid-enabled binary owned by root. It's a test binary that calls setuid internally and tries to read a root-readable file /dev/cpu/0/msr.

I am able to use fakechroot to chroot into my rootfs folder and use my setuid-enabled binary. I was expecting that proot will work too, but it doesn't. My setuid-enabled binary reports that the setuid() call is unsuccessful.

Note that the setuid-enabled binary does not need to be jailed (I know it's not possible to PTRACE setuid processes from a regular user process), it just needs to be able to use setuid() to (truly) elevate its privilege level when called from within a proot session.

I invoke proot with the -R flag and no other flags.

Is my use case, at least in principle, supported by proot? If not, is this an inherent limitation of the PTRACE approach, or just an implementation detail (i.e. a bug)?

Many thanks,
Pawel