From mboxrd@z Thu Jan 1 00:00:00 1970 From: Martin Castillo Subject: Re: Help understand some guix concepts Date: Mon, 1 Jan 2018 22:04:25 +0100 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:48504) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eW7GA-00039z-Da for guix-devel@gnu.org; Mon, 01 Jan 2018 16:04:39 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eW7G6-00064y-DL for guix-devel@gnu.org; Mon, 01 Jan 2018 16:04:38 -0500 Received: from gabriel-vm-2.zfn.uni-bremen.de ([134.102.50.10]:49308 helo=smtp.uni-bremen.de) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eW7G5-00060z-W6 for guix-devel@gnu.org; Mon, 01 Jan 2018 16:04:34 -0500 In-Reply-To: Content-Language: en-US List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: Amirouche Boubekki , guix-devel Hi, I'll give it a shot. On 01.01.2018 20:31, Amirouche Boubekki wrote: > H=C3=A9llo, >=20 > It's a long time I did not read the manual. So I read he manual this > afternoon. >=20 > I have to say that I don't really understand some guix concepts and how > they map to the rest of the world. >=20 > Can someone try to explain to me how the following concepts are related > to each other: >=20 > Environments, profiles, gc roots, root filesystem, chroot, containers, > docker and lxc >=20 > TIA Environment: Every process has an environment. It consists of key-value pairs, where both are c-strings. A process can change it's own environment and passes it to it's children. This can is used to pass options to programs without the need to pass them on the commandline. Profiles: A bit ambigous, but I think you mean guix profiles. One feature of guix is that it allows every user to install the package they want. Every such set of installed programs is a (generation of a) profile. Your current profile (or generation) is linked to by ~/.guix-profile. Profiles consist of generations. Every time you add or remove a package, you create a new generation. (You can have several packages. Check the -p flag of `guix package`. If you want to switch to it, make ~/.guix-profile link to the new profile.) gc roots: Everything you install/build with guix gets stored in the store. When you delete e.g. old profile generations, some files in the store aren't used anymore. To find out what files can be removed from the store, the garbage collector looks for all files in the store, that are being referred to directly or indirectly by any link in or under /var/guix/gcroots. Those are the live files. The other ones can be removed to make space. root filesystem: this is the filesystem that is mounted under `/`. it has nothing to do with gc roots. chroot: This is a mechanism to isolate programs And prevent them from accessing (even seeing) some/many files. It works by changing the path resolution mechanism. you can create one with chroot(1). A chroot makes a chosen path to look like `/`. If you have a shelle in a chroot under /var, `ls /` shows you the contents of /var; and `ls /../` shows the same as `ls /`. IIRC, guix uses chroots to create a better isolation for build processes (for better reproducibility). chroot helps to prevent builds to access inputs (e.g. a library), that weren't declared in the (package) definition. container: not sure if I can explain that correct. I won't attempt it to avoid confusion. docker: Before guix was a thing (;-)), people used docker to assemble a set of programs and files ("docker images") that would work always the same way, no matter where they get executed. I think docker is one form of container. IIRC, docker has some drawbacks: statically linked programs -> big images, after a library updates, you need to create a new image. guix provides another way to get reproducibility. and it allows you to create docker images from guix profiles for systems that don't have guix installed. lxc: no idea. LinuXContainer? Martin --=20 GPG: 7FDE 7190 2F73 2C50 236E 403D CC13 48F1 E644 08EC