• Boomkop3@reddthat.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          13 days ago

          Su isn’t on windows, and does the exact opposite to restricting filesystem access to a specific subset

          • hemko@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            3
            ·
            13 days ago

            su allows you to swap to another user in shell, not just make yourself root.

            ‘runas’ looks like it’d do just the job

            • Boomkop3@reddthat.com
              link
              fedilink
              English
              arrow-up
              2
              ·
              13 days ago

              runas can do that, yes. Now how are you planning yo also create that user in the same command line? And to dispose of it automatically when the process ends?

              • Boomkop3@reddthat.com
                link
                fedilink
                English
                arrow-up
                2
                ·
                13 days ago

                runas can do that, yes. But it won’t make you a virtual file system, or give you a nat firewall.

                One use case for this is the backblaze backup utility. It’s kinda stupid in that it has an all-or-nothing approach to backups.

                Putting it in a container restricts it in a much easier and reliable way than running it with a special user account.