A public Lisp programming interface provide feature like `guix environment --container`

A public Lisp programming interface provide feature like `guix environment --container`

[Zhu Zihao]

[-- Attachment #1: Type: text/plain, Size: 585 bytes --]


"guix environment --container" is a very useful feature for me to
isolate the untrusted software. But sadly it lacks a interface for user
to use it in Lisp programming.

In (guix scripts environment), only `guix-environment` is exported. but
it process unix style command line option.

I'm wondering it's good to expose some interface suitable for Lisp, just
like the internal function `launch-environment/container`. This can
encourage me to port more container entry script from shell to Guile.

-- 
Retrieve my PGP public key: https://meta.sr.ht/~citreu.pgp

Zihao

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 515 bytes --]

A public Lisp programming interface provide feature like `guix environment --container`

[Leo Prikler]

Hello,

Am Mittwoch, den 04.11.2020, 11:49 +0800 schrieb Zhu Zihao
> "guix environment --container" is a very useful feature for me to
> isolate the untrusted software. But sadly it lacks a interface for
> user
> to use it in Lisp programming.
> 
> In (guix scripts environment), only `guix-environment` is exported.
> but
> it process unix style command line option.
(guix scripts …) *is* the command line interface, so it makes sense,
that its interface handles command line arguments.

> I'm wondering it's good to expose some interface suitable for Lisp,
> just
> like the internal function `launch-environment/container`. This can
> encourage me to port more container entry script from shell to Guile.
launch-environment/container still assumes the command to be a shell
script, which I think is not quite what you want.  You probably want to
take a look at call-with-container from (guix build linux-container) or
child-hurds.
I currently don't know of any procedure, that "directly" invokes Scheme
code through Guix environments, so you'd have to build that on your
own.  However, given that your stated goal is to port container entry
scripts [I read this as "the script called by the container at entry"]
to Guile, would it not make sense to have

  (guix-environment [ENVIRONMENT OPTIONS] "--" "guile" "entry.scm")

WDYT?

Regards, Leo

Re: A public Lisp programming interface provide feature like `guix environment --container`

[Zhu Zihao]

[-- Attachment #1: Type: text/plain, Size: 1084 bytes --]


Leo Prikler writes:

> launch-environment/container still assumes the command to be a shell
> script, which I think is not quite what you want.  You probably want to
> take a look at call-with-container from (guix build linux-container) or
> child-hurds.

I just read the source code of call-with-container. IMO, it just run
code in container, without any settings. It's quite inconvenient for my
usage. For example: I have to setup mount binding of my package closure manually. 

> I currently don't know of any procedure, that "directly" invokes Scheme
> code through Guix environments, so you'd have to build that on your
> own.  However, given that your stated goal is to port container entry
> scripts [I read this as "the script called by the container at entry"]
> to Guile, would it not make sense to have
>
>   (guix-environment [ENVIRONMENT OPTIONS] "--" "guile" "entry.scm")
>
> WDYT?
>
> Regards, Leo

Hmmm, maybe this is the solution, tho it's not very very elegant.


-- 
Retrieve my PGP public key: https://meta.sr.ht/~citreu.pgp

Zihao

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 515 bytes --]

Re: A public Lisp programming interface provide feature like `guix environment --container`

[Leo Prikler]

Am Mittwoch, den 04.11.2020, 18:05 +0800 schrieb Zhu Zihao:
> Leo Prikler writes:
> 
> > launch-environment/container still assumes the command to be a
> > shell
> > script, which I think is not quite what you want.  You probably
> > want to
> > take a look at call-with-container from (guix build linux-
> > container) or
> > child-hurds.
> 
> I just read the source code of call-with-container. IMO, it just run
> code in container, without any settings. It's quite inconvenient for
> my
> usage. For example: I have to setup mount binding of my package
> closure manually. 
Indeed, but in my opinion it also has much of what you'd want for an
entry script, does it not?  You start with zero settings, then
configure the environment in whichever fashion you need, then call some
other function.
I think like this could be a stepping stone for some higher level
abstraction, that you would have to write on your own once, but could
then reuse more or less indefinitely.  Particularly, you would have to
copy the parts of Guix that create the environment and then just figure
out how to securely spawn a function inside it, that can't escape the
container environment, instead of running shell code.

> > I currently don't know of any procedure, that "directly" invokes
> > Scheme
> > code through Guix environments, so you'd have to build that on your
> > own.  However, given that your stated goal is to port container
> > entry
> > scripts [I read this as "the script called by the container at
> > entry"]
> > to Guile, would it not make sense to have
> > 
> >   (guix-environment [ENVIRONMENT OPTIONS] "--" "guile" "entry.scm")
> > 
> > WDYT?
> > 
> > Regards, Leo
> 
> Hmmm, maybe this is the solution, tho it's not very very elegant.
For the record, what you do want is something à la
(call-in-container-environment THUNK MANIFEST . KWARGS)
where manifest is the Guix environment manifest, THUNK is a procedure
to call with 0 arguments and KWARGS is a list of options for things you
might want to set up, e.g. just the GUIX_ENVIRONMENT variable or more
than that.

Is that about right?

Regards, Leo

Re: A public Lisp programming interface provide feature like `guix environment --container`

[Zhu Zihao]

[-- Attachment #1: Type: text/plain, Size: 892 bytes --]


Leo Prikler writes:

> For the record, what you do want is something à la
> (call-in-container-environment THUNK MANIFEST . KWARGS)
> where manifest is the Guix environment manifest, THUNK is a procedure
> to call with 0 arguments and KWARGS is a list of options for things you
> might want to set up, e.g. just the GUIX_ENVIRONMENT variable or more
> than that.
>
> Is that about right?
>
> Regards, Leo

Yes, that's what I want. KWARGS may accept something like user-mappings,
network?, namepsaces etc. like `launch-environment/container`. So I can
create container entry script for different executable in batch with
more confidence in code reuse. It's ugly to 
concatenate string argument (For example: `(string-append "--expose="
xxxx "=" yyy)`) when I want to reuse some path variable.


-- 
Retrieve my PGP public key: https://meta.sr.ht/~citreu.pgp

Zihao

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 515 bytes --]

Re: A public Lisp programming interface provide feature like `guix environment --container`

[Ludovic Courtès]

Hi,

Zhu Zihao <all_but_last@163.com> skribis:

> "guix environment --container" is a very useful feature for me to
> isolate the untrusted software. But sadly it lacks a interface for user
> to use it in Lisp programming.

The interface to containers is in (gnu build linux-container), though
it’s a bit lower-level compared to what ‘guix environment’ does.

See also the example at
<https://lists.gnu.org/archive/html/help-guix/2018-01/msg00118.html>,
which is precisely about your use case.

Thanks,
Ludo’.