15

I am working as user, and I would like to create a tar archive, which when unpacked (by root) will extract its files with root ownership (otherwise root would have to change the ownership manually for each file, after the files have been extracted to its destination).

I have found fakeroot which seems to do exactly that. But i am not able to find the syntax which I need to use to create my archive.

How can I create a tar.xz archive, so that the files have root ownership when unpacked by root?

do something with fakeroot ...
tar cfpJ foo.tar.xz foo/
Improve this question

2 Answers 2

Reset to default
17

How can I create a tar.xz archive, so that the files have root ownership when unpacked by root?

That's up to the root who unpacks:

tar --no-same-owner -xf ...

If you want to make them all root to start with, you can use 

tar --owner=root --group=root -cf ...
Improve this answer
5
  • that does not work for me: tar --owner=root --group=root cfpJ files.tar.xz files/ gives me error tar: You must specify one of the -Acdtrux' or --test-label' options Try tar --help' or tar --usage' for more information.
    – user1968963
    Commented Apr 18, 2014 at 19:13
  • You need a - before your short options string: tar --owner=root --group=root -cfpJ ... I.e. -cfpJ, not cfpJ.
    – goldilocks
    Commented Apr 18, 2014 at 19:16
  • tar --owner=root --group=root -cfpJ files.tar.xz files/ gives me another error: tar: files.tar.xz: Cannot stat: No such file or directory tar: Exiting with failure status due to previous errors and moreover, it creates a file called pJ.
    – user1968963
    Commented Apr 18, 2014 at 19:19
  • 3
    Okay. I always put the f at the end (because it makes more sense, intuitively) and low and behold, I get the same failure with -cfpJ BUT -cpJf works.
    – goldilocks
    Commented Apr 18, 2014 at 20:23
  • 1
    @user1968963: f should always be just before the filename, as it means "the next parameter is the filename". If you don't put it just before the filename, tar will think the filename is "", and then it tries to open a "" file, which it cannot stat (of course).
    – Olivier Dulac
    Commented Feb 9, 2016 at 13:46
9

Fakeroot

The fakeroot utility, or the newer utility fakeroot-ng (same purpose, different implementation technique) runs a program and pretends to the program that it is running as root and that system calls such as chown succeeded. Only the program believes that these calls succeeded, nothing is actually reflected in the filesystem (it can't be since fakeroot has no extra privileges). However, if the program changes the ownership of a file and then takes some action based on the ownership of that file, this can change the behavior of the program.

A typical way to get useful work out of fakeroot by running a fakeroot environment where the following happens:

  1. Create some files, move them around, change their ownership and modes, etc.
  2. Create an archive of these files.

Example:

fakeroot sh -c '
    chown root:root usr/bin/foo
    tar cf foo.tar usr
'

You need to use a single invocation of fakeroot, since there is no memory between invocations.

Linux namespaces

Just for completeness, I'll mention that if you have a Linux kernel ≥3.8, then namespaces are another way to create a pretend-root environment. The userland support isn't quite there yet so I won't go into more detail.

Mount the archive

A different way to solve your problem is to mount the archive as a directory. You can use archivemount, which is capable of modifying several archive formats via libarchive, including compressed tar.

mkdir mnt
archivemount foo.tar.xz mnt
chown root:root mnt/usr/bin/foo
fusermount -u mnt
Improve this answer
1
  • Nice trick with archivemount, but it still requires privilege elevation, and even if the user is in a trusted group that is allowed to mount and unmount, the process fails at chown, so some kind of third-party tools like fakeroot or namespaces need be to be used, too.
    – Anton Samsonov
    Commented Apr 27, 2016 at 15:32

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .