How to run a command in a chroot jail not as root and without sudo?

Question

I\'m setting up a minimal chroot and want to avoid having sudo or su in it but still run my processes as non-root. This is a bit of a trick as running chroot requiers root.

Answer 1

You could use Linux Containers to create a chroot environment that is in a totally different namespace (IPC, filesytem, and even network)

There is even LXD which is able to manage the creation of image-based containers and configure them to run as unprivileged users so that if the untrusted code manages to somehow escape the container, it will only be able to execute code as the unprivileged user and not as the system's root.

Search 'Linux Containers' and 'LXD' on your favorite search engine ;)