abroot

Switch between A/B root partitions

TLDR

Add packages to the local image (Note: After executing this command, you need to apply these changes.)

$ sudo abroot pkg add [package]

Remove packages from the local image (Note: After executing this command, you need to apply these changes.)

$ sudo abroot pkg remove [package]

List packages in the local image

$ sudo abroot pkg list

Apply changes in the local image (Note: You need to reboot your system for these changes to be applied)

$ sudo abroot pkg apply

Rollback your system to previous state

$ sudo abroot rollback

Edit/View kernel parameters

$ sudo abroot kargs [edit|show]

Display status

$ sudo abroot status

Display help

$ abroot --help

SYNOPSIS

abroot [OPTION]... NEWROOT [COMMAND [ARG]...]

--chroot
    Change root to NEWROOT and execute the command.

--chdir=DIR
    Change working directory to DIR before executing the command.

--groups=GROUP
    Set supplementary groups to GROUP.

--keep-privs
    Keep supplemental group privileges.

--login
    Simulate a login shell

--mount-proc
    Mount /proc inside the chroot, making process information available to processes within the chroot

--netns=NAMESPACE
    Join network namespace NAME.

--personality=PER
    Set the personality of the process. This can affect how the kernel interacts with the process, particularly regarding system calls and signals.

--private
    Mount tmpfs root filesystem and change root directory to it, making sure nothing can be written to the normal root filesystem.

--private-dev
    Mount tmpfs at /dev

--private-etc
    Mount tmpfs at /etc

--private-tmp
    Mount tmpfs at /tmp

--seccomp
    Enable secure computing mode

--tmpfs-size=SIZE
    The tmpfs size.

--user=USER
    Set the user to USER before executing the command.

--utsns=NAMESPACE
    Join UTS namespace NAME.

--version
    Display version and exit.

--help
    Display help and exit.

DESCRIPTION

The abroot command is used to change the root directory of a process to a specified directory. It executes a given command with the specified new root and allows for changing the user and group IDs before execution.

It's primarily used in system administration for tasks like creating isolated environments, building chroots for package management, or running programs with restricted access.

The command ensures that the running process operates within a restricted filesystem, enhancing security and preventing potential modifications outside the chroot environment. The abroot command performs operations which are somewhat similar to chroot but has some different features like, running a new command after chrooting.

CAVEATS

abroot requires root privileges to execute most of its functionalities, especially when using features like changing users or groups, and altering network namespaces. Improper usage can lead to system instability or security vulnerabilities.

DIFFERENCES FROM CHROOT

While abroot and chroot both change the root directory, abroot offers additional functionalities like automatic mounting of /proc, changing users and groups before executing the command, and creating private filesystems. This makes abroot more versatile for creating isolated environments.

MOUNTING POINTS

When creating a chroot environment, ensure that all necessary files and libraries are available within the NEWROOT directory. This often involves copying or mounting essential system files, like dynamic libraries, configuration files, and device nodes.