LinuxCommandLibrary

fakeroot-tcp

Run commands faking root privileges over TCP

SYNOPSIS

fakeroot-tcp [-h] [-d] [-i] [-k] [-l logfile] [-s socketfile] [-v] [port]

PARAMETERS

-h, --help
    Print a short usage message and exit.

-d, --daemon
    Fork into the background (daemon mode).

-i, --inetd
    Operate under inetd or similar super server.

-k, --kill
    Kill the running fakeroot-tcp server.

-l logfile, --logfile=logfile
    Log server activity to the specified logfile.

-s socketfile, --socket=socketfile
    Use Unix domain socket instead of TCP port.

-v, --verbose
    Increase verbosity of output.

port
    TCP port to listen on (default: FAKEROOTKEY env or 5000).

DESCRIPTION

fakeroot-tcp provides the TCP-based backend server for the fakeroot utility, enabling fake root privileges in a networked or multi-session setup. It intercepts system calls related to file ownership, permissions, and capabilities, simulating root access without actual privileges.

Primarily used when fakeroot is invoked with --server=tcp or TCP+fork, it listens on a TCP port (default 5000 or FAKEROOTKEY environment) for client connections. Clients like fakeroot commands connect to maintain a shared fake environment state.

This backend is useful for distributed builds, containers, or scenarios where shared memory (default backend) isn't feasible. However, it introduces network overhead and requires careful firewalling due to remote access potential. The server can run as a daemon, under inetd, or log activities for debugging.

CAVEATS

TCP exposes the fake root state over network; use firewalls and bind to localhost if possible. Not suitable for untrusted networks due to potential exploitation. Unix socket (-s) is safer for local use.

INVOCATION EXAMPLE

Daemon mode: fakeroot-tcp -d 5001
Kill server: fakeroot-tcp -k
Client usage: FAKEROOTKEY=tcp:localhost:5001 fakeroot make install

ENVIRONMENT

Uses FAKEROOTKEY to specify server (e.g., tcp:host:port). Check with env | grep FAKEROOT.

HISTORY

Developed as part of fakeroot by Joost Witteveen in the late 1990s for Debian packaging without root. TCP backend added for networked/multi-process support; maintained in fakeroot package (version 1.20+ as of 2020s).

SEE ALSO

fakeroot(1), fakeroot-sysv(1)

Copied to clipboard