From: Stefan via Guix-patches via <guix-patches@gnu.org>
To: 53912@debbugs.gnu.org
Subject: [bug#53912] [PATCH 0/5] WIP Add WSL support.
Date: Thu, 11 Aug 2022 23:32:27 +0200 [thread overview]
Message-ID: <9B03DD4B-4699-40CB-95A6-C0369F1E7663@vodafonemail.de> (raw)
In-Reply-To: <875ypndznv.fsf@ajgrf.com>
Hi!
The problems with sudo etc. in /run/setuid-programs/ stem from the nosuid and noexec flags, which WSL sets when mounting /run as tmpfs.
I use a guile script which remounts /run with these flags removed.
But there is another mount-problem. When WSL is using root as the default user, then the default mounts of local drives like /mnt/c/ use uid=0 and gid=0. This is problematic, when a script is changing the user with sudo. So my script is unmounting all local drives and mounting them again with /sbin/mount.drvfs of WSL with the uid and gid of that user and the metadata flag. By the way, I was not able to use the type drvfs with the mount command from Guix for this. But I didn’t try the type 9p for this yet, which it actually seems to be.
Changing the default user to prevent problems with local drives seems possible with an /etc/wsl.conf file. But then it will not be possible to use root’s shell entry for the script anymore.
Hm, I guess that even if the sudo problem is solved, then still a “sudo -i” won’t be possible with the patch. Is that right?
Another possible problem with the patch might be the current-directory. I guess that a “wsl -d guix -e ls” will not list the directory from which the wsl command got invoked, but the user’s home directory.
My setup is using a gnu.bat file, which invokes a guile script named gnu.scm in WSL, which – if needed – does the re-mounts and starts shepherd, and calls sudo to login the user and change the directory before executing further commands from the user. It is retaining some environment variables like TERM, and the content of WSLENV. So from the Windows side it is possible to call “gnu.bat ls -lA” etc. or just “gnu.bat” to get a shell.
I’m experimenting with another script, which like busybox evaluates its name, and put symlinks to it in /usr/local/bin/, which is in the default WSL search path. That script invokes the mentioned gnu.scm script. With this it is possible to call e.g. “wsl -d guix -e ls -l” for the Windows user in USERNAME.
With the WSL version I’m using on Windows 10 its /init requires a group cache for nscd, too.
With Windows 11 there is a boot option for the /etc/wsl.config, which might be the optimal place for a script to do re-mounts and start shepherd.
All in all WSL assumes the Filesystem Hierarchie Standard and /etc/environment and makes it hard to launch arbitrary commands as intended with just “wsl -e ls” in Guix. In such a case no shell is involved and no /etc/profile or ~/.profile is sourced, so ls won’t be found. This all seems to be far from perfect to me.
Bye
Stefan
next prev parent reply other threads:[~2022-08-11 21:33 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-10 6:05 [bug#53912] [PATCH 0/5] WIP Add WSL support Alex Griffin via Guix-patches via
2022-02-10 6:12 ` [bug#53912] [PATCH 1/5] scripts: Fix typo Alex Griffin via Guix-patches via
2022-02-10 6:22 ` [bug#53912] [PATCH 2/5] system: image: Add tarball support Alex Griffin via Guix-patches via
2022-04-11 10:34 ` [bug#53912] [PATCH 0/5] WIP Add WSL support Ludovic Courtès
2022-02-10 6:27 ` [bug#53912] [PATCH 3/5] system: image: Add wsl-tarball support Alex Griffin via Guix-patches via
2022-02-15 14:10 ` Liliana Marie Prikler
2022-02-15 16:28 ` Maxime Devos
2022-02-15 16:31 ` Maxime Devos
2022-02-10 6:31 ` [bug#53912] [PATCH 4/5] system: Add wsl module Alex Griffin via Guix-patches via
2022-02-10 6:35 ` [bug#53912] [PATCH 5/5] image: Add wsl image Alex Griffin via Guix-patches via
2022-04-11 10:41 ` [bug#53912] [PATCH 0/5] WIP Add WSL support Ludovic Courtès
2022-04-26 7:15 ` Mathieu Othacehe
2022-06-04 0:31 ` Christine Lemmer-Webber
2022-09-11 12:23 ` Mathieu Othacehe
2022-09-25 11:56 ` bug#53912: " Mathieu Othacehe
2022-08-11 16:27 ` [bug#53912] " Jacob MacDonald
2022-08-11 21:32 ` Stefan via Guix-patches via [this message]
2022-08-11 22:31 ` [bug#53912] [PATCH 0/5] WIP Add " Jacob MacDonald
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9B03DD4B-4699-40CB-95A6-C0369F1E7663@vodafonemail.de \
--to=guix-patches@gnu.org \
--cc=53912@debbugs.gnu.org \
--cc=stefan-guix@vodafonemail.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).