PRoot: Lightweight Userland Linux Distros Without Root

Need to build and run applications in a different Linux distribution than your host, but can’t use root, Docker or Podman containers, or virtualization on your system (e.g. on shared HPC, constrained cloud VMs)?

Enter PRoot, a lightweight, rootless isolation solution that is:

  • More isolated than Conda
  • Less privileged than Docker/Podman (which need root)

What is PRoot?

PRoot is a user-space implementation of chroot, mount --bind, and binfmt_misc, all carried out without special privileges. You can “fake” running almost any Linux distribution as a sub-root in a different root filesystem. It’s not an emulator or a full virtual machine. All processes run natively on your kernel, using the same CPU architecture, but isolated in a “virtualized” root.

How To Run a Userland Linux Distro with PRoot

Build PRoot

Refer to this tutorial.

Download a Minimal Root Filesystem

For example:

1
curl -O https://partner-images.canonical.com/core/bionic/current/ubuntu-bionic-core-cloudimg-amd64-root.tar.gz

Unpack it into a folder

For example:

1
2
3
mkdir ~/ubuntu-rootfs
# Ignore warnings about missing device files
tar -xpf ubuntu-bionic-core-cloudimg-amd64-root.tar.gz -C ~/ubuntu-rootfs

Run PRoot

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
proot \
	-0 \
	-b /dev/ \
	-b /etc/group \
	-b /etc/host.conf \
	-b /etc/hosts \
	-b /etc/mtab \
	-b /etc/networks \
	-b /etc/nsswitch.conf \
	-b /etc/passwd \
	-b /etc/resolv.conf \
	-b /etc/localtime \
	-b /proc/ \
	-b /run/ \
	-b /sys/ \
	-b /var/run/dbus/system_bus_socket \
	-r ~/ubuntu-rootfs \
	-w / \
	/bin/bash

Let’s break that down:

  • -0: fake root user (UID 0)
  • -b: bind-mount host system files for basic functionality (network, system info)
  • -r: set the root directory to our extracted mini-Ubuntu
  • -w: set working directory after “chroot”
  • /bin/bash: start a bash shell as if this were a real Ubuntu system!

Use Your Distro

You’re now inside a minimal Ubuntu environment! You can apt update, install packages, build anything you want - totally isolated from your host system.

But:

  • No process, user, or network namespaces: All processes run as your user, on the host kernel, with the host’s IP.
  • No systemd, no daemons.
  • Root is faked: You’re “root” inside the userland, but you don’t have actual kernel privileges.
DevOps, SysAdmin
#Reference
PRoot: Lightweight Userland Linux Distros Without Root
https://jifengwu2k.github.io/2026/02/11/PRoot-Lightweight-Userland-Linux-Distros-Without-Root/
Author
Jifeng Wu
Posted on
February 11, 2026
Licensed under