From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ricardo Wurmus <rekado@elephly.net>
Subject: Hacks to install Guix packages without root
Date: Thu, 26 Oct 2017 23:46:52 +0200
Message-ID: <874lqlmvjn.fsf@elephly.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49059)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rekado@elephly.net>) id 1e7qEZ-000824-TN
	for guix-devel@gnu.org; Thu, 26 Oct 2017 18:02:41 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rekado@elephly.net>) id 1e7qEX-0001Nd-Jy
	for guix-devel@gnu.org; Thu, 26 Oct 2017 18:02:39 -0400
Received: from sender-of-o51.zoho.com ([135.84.80.216]:21052)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <rekado@elephly.net>) id 1e7qEX-0001N6-Cr
	for guix-devel@gnu.org; Thu, 26 Oct 2017 18:02:37 -0400
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org
Cc: Pjotr Prins <pjotr2017@thebird.nl>

Hi,

this blog post contains many great examples of how to deploy Guix
applications without root access:

    http://guix-hpc.bordeaux.inria.fr/blog/2017/10/using-guix-without-being=
-root/

I think that all of these methods should be wrapped up by Guix itself,
so that none of this has to be done manually.  I=E2=80=99d also like to inc=
lude
Pjotr=E2=80=99s hack in this, which involves rewriting /gnu/store reference=
s.
It=E2=80=99s icky but effective and one of the reasons why Conda is so popu=
lar
(they rewrite references in their binaries as well, but less principled
than, say, grafts).

How about an extension of =E2=80=9Cguix pack=E2=80=9D that will rewrite the=
 /gnu/store
references to a user-provided directory before bundling things up in a
tarball?  I=E2=80=99d *really* like to be able to just use the tarball bund=
le
=E2=80=9Cguix pack=E2=80=9D produces by default, but currently deploying it=
 requires
root access or proot shenanigans at runtime.

How about making manual hacking with unshare and chroot obsolete by
including a simple executable in the pack that handles this rewriting
for the user=E2=80=A6?  With that we would be one step closer to the user
experience of Docker =E2=80=94 without having a runtime dependency on Docke=
r.

What do you think?

--
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net