Demi Marie Obenour writes: > On 12/8/25 12:28, Alyssa Ross wrote: >> Demi Marie Obenour writes: >> >>> On 12/8/25 10:47, Alyssa Ross wrote: >>>> This assumed it would be run as root, so has been broken since we >>>> stopped running application scripts as root inside img/app VMs. >>>> >>>> Reported-by: Johannes Süllner >>>> Link: https://matrix.to/#/!xSysqhzbOZImdvGpix:fairydust.space/$9psDI3BIP00EIzW-qOqzJswkwzgYyQLKpbfDDp0uo6k?via=fairydust.space&via=matrix.org&via=dataaturservice.se >>>> Fixes: 8bfcbf9 ("img/app: run applications as non-root") >>>> Signed-off-by: Alyssa Ross >>>> --- >>>> vm/app/systemd-sysupdate/download-update | 1 + >>>> 1 file changed, 1 insertion(+) >>>> >>>> diff --git a/vm/app/systemd-sysupdate/download-update b/vm/app/systemd-sysupdate/download-update >>>> index eada41c..335e389 100755 >>>> --- a/vm/app/systemd-sysupdate/download-update >>>> +++ b/vm/app/systemd-sysupdate/download-update >>>> @@ -3,6 +3,7 @@ >>>> # SPDX-FileCopyrightText: 2025 Demi Marie Obenour >>>> export LC_ALL C >>>> export LANGUAGE C >>>> +unshare -rUm >>> >>> -r implies -U, and it would be more readable to use the long forms >>> of these options. >>> >> >> And yet mount -o and -t, and mktemp -d? (I can change it, but I have a >> general preference for short options to stop lines getting too long, and >> for portability when necessary.) > > I use mount and mktemp often enough that I have these options > memorized. I had to look up the options to unshare. Not a very objective standard! (I use unshare enough that I had these options memorized.) We should possibly come up with some well-reasoned guidelines for this, but until then I'd like to continue using short options for consistency, so that it's at least not up for debate every time.