https://wiki.debian.org/DontBreakDebian ... nkenDebian
However, those who have elected to run systemd as their init system can take advantage of it's inbuilt namespace isolation scheme, systemd-nspawn, to run a Debian sid system in a lightweight, simple container within the stable system.
To set this up, first install the necessary packages:
Code: Select all
# apt install debootstrap systemd-container
Code: Select all
# mkdir -p /var/lib/container/sid
Then install a basic sid system there:
Code: Select all
# debootstrap sid /var/lib/container/sid https://deb.debian.org/debian
Code: Select all
# systemd-nspawn --directory=/var/lib/container/sid
Code: Select all
# adduser $user
Now install sudo and add the user to that group:
Code: Select all
apt install sudo
gpasswd -a $user sudo
Once this is done, log in to the system as the normal user with:
Code: Select all
# systemd-nspawn --boot --directory=/var/lib/container/sid
To run a program from the container, simply set $DISPLAY explicitly; for example, to run `foobar`:
Code: Select all
DISPLAY=:0 foobar
Code: Select all
# systemctl enable systemd-nspawn@sid.service
Code: Select all
# systemd-nspawn --directory=/var/lib/container/sid --setenv=DISPLAY=:0 --user=$user $application
https://forums.bunsenlabs.org/viewtopic ... 230#p34230
Further parameters may be needed depending on the application, consult systemd-nspawn(1)
For users who elect not to run systemd as their init system, see this guide by @fsmithred:
http://forums.debian.net/viewtopic.php?p=622055#p622055