Rework how we handle binfmt_misc so it will work inside a user
namespace.
* Use a custom mountpoint (only accessible inside the mount namespace),
this is the crux of the change, allowing us to mount it as non-root
and avoid messing with any host configs too!
* No longer explicitly modprobe binfmt_misc, any modern system should
probe it automatically when we try to mount it... I think so anyways
heh
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
This really needs to be fixed up properly, basically we want to map
ourselves in as root, then support the groups <1000 (e.g. abuild uses
group id 300) and finally use our UID namespace (the biiig UIDs) for the
pmos user.
You need "USER:100000:65536" in your /etc/subuid and /etc/subgid files
where "USER" is your username.
This basically results in the chroot perms matching your user for root
and some freaky UIDs for the build user.
Signed-off-by: Casey Connolly <kcxt@postmarketos.org>
