0

I'm creating an ISO of a Debian system with:

mkisofs -V "Debian ISO" -cache-inodes -J -l -o file.iso debian-system/

The problem is: when I mount the ISO (mount -o loop) ping and sudo don't work because their suid bits have not been set.

I know that special bis are cleared by the -r flag. This flag generates the "rationalized Rock Ridge directory information" which enables to retain the original file permissions, but also clears any set-id bits.

But if I don't use -r, file permissions will be the same for all files, as specified at runtime when the ISO is mounted.

Question: how to add set-id files like ping and sudo to a linux "live" ISO?

Eric
  • 1,138
  • 11
  • 24

1 Answers1

1

You need to use an alternate file system, that supports those permissions.

The way a LiveCD/DVD works is there is a squashfs file that is mounted with changes made in RAM.

You could "fake" the same by creating a file full of zeros using dd, make a file system on it wtih mkfs.ext4, mount it, and copy the files onto it. Then on your custom disk, mount it as loop (mount -o loop /path/to/file /mnt/point) and symlink/etc the binaries over.

ivanivan
  • 2,155
  • 2
  • 10
  • 11
  • Sure, I don't need it to be an ISO absolutely. A "raw partition" in a file is a good idea. thanks! – Eric Jan 11 '18 at 01:26
  • ivanivan you need to edit your post so that the "-1" goes away (sorry for that it's a mistake I don't recall having clicked on "-1"). Because when I click "+1" the website replies "Your vote is now locked-in unless this answer is edited." – Eric Jan 12 '18 at 03:16