Include Proot-static with binary releases

Include Proot-static with binary releases

[YOANN P]

[-- Attachment #1: Type: text/plain, Size: 521 bytes --]

Hi Guix Team,

Is there any plan to include "proot-static" with Guix Binary releases ?

My request is motivated by the fact i'm looking for a way to use/install Guix only with the bin release on a non-privileged environnement (HPC, non root user) without the need to use guix pack on another computer to create a "pack" only for this package for every architecture i would like to install Guix on.

This way, if namespaces are not available, we could use Guix with Proot without any more efforts.

Best regards,

[-- Attachment #2: Type: text/html, Size: 1125 bytes --]

Re: Include Proot-static with binary releases

[Ludovic Courtès]

Hello,

YOANN P <yoann_mac_donald@hotmail.com> skribis:

> Is there any plan to include "proot-static" with Guix Binary releases ?

Good question!

> My request is motivated by the fact i'm looking for a way to use/install Guix only with the bin release on a non-privileged environnement (HPC, non root user) without the need to use guix pack on another computer to create a "pack" only for this package for every architecture i would like to install Guix on.
>
> This way, if namespaces are not available, we could use Guix with Proot without any more efforts.

Indeed.  (I assume you read
<https://guix-hpc.bordeaux.inria.fr/blog/2017/10/using-guix-without-being-root/>,
which is about running software from a pack, rather than running Guix
itself.  Pjotr has a very good writeup on this topic, which includes
running Guix itself under PRoot:
<https://gitlab.com/pjotrp/guix-notes/blob/master/GUIX-NO-ROOT.org>.)

Including proot-static makes a lot of sense and easily done (it adds
3 MiB to the result.)  We’d need to document it properly though,
probably with a new section under “Setting Up the Daemon”.  We could
mention user namespaces as another option for non-root users.

Thoughts?  Ricardo?

Ludo’.

Re: Include Proot-static with binary releases

[Pjotr Prins]

On Thu, Jan 18, 2018 at 11:44:03AM +0100, Ludovic Courtès wrote:
> Including proot-static makes a lot of sense and easily done (it adds
> 3 MiB to the result.)  We’d need to document it properly though,
> probably with a new section under “Setting Up the Daemon”.  We could
> mention user namespaces as another option for non-root users.

I think with 3Mb only we should do it.

We also need a channels mechanism. My itch is getting so large I may
actually start coding at some point ;)

Pj.
-- 

Re: Include Proot-static with binary releases

[Ricardo Wurmus]

Ludovic Courtès <ludovic.courtes@inria.fr> writes:

> Including proot-static makes a lot of sense and easily done (it adds
> 3MiB to the result.)  We’d need to document it properly though,
> probably with a new section under “Setting Up the Daemon”.  We could
> mention user namespaces as another option for non-root users.
>
> Thoughts?  Ricardo?

I think it’s fine to include it.  I wouldn’t know how to document its
use, though.  Is the idea to run the daemon under proot?

-- 
Ricardo

GPG: BCA6 89B6 3655 3801 C3C6  2150 197A 5888 235F ACAC
https://elephly.net

Re: Include Proot-static with binary releases

[Pjotr Prins]

On Sun, Jan 21, 2018 at 03:50:12PM +0100, Ricardo Wurmus wrote:
> 
> Ludovic Courtès <ludovic.courtes@inria.fr> writes:
> 
> > Including proot-static makes a lot of sense and easily done (it adds
> > 3MiB to the result.)  We’d need to document it properly though,
> > probably with a new section under “Setting Up the Daemon”.  We could
> > mention user namespaces as another option for non-root users.
> >
> > Thoughts?  Ricardo?
> 
> I think it’s fine to include it.  I wouldn’t know how to document its
> use, though.  Is the idea to run the daemon under proot?

Documented on my page guix-no-root.

Pj.

Re: Include Proot-static with binary releases

[Efraim Flashner]

[-- Attachment #1: Type: text/plain, Size: 799 bytes --]

On Thu, Jan 18, 2018 at 03:21:53PM +0100, Pjotr Prins wrote:
> On Thu, Jan 18, 2018 at 11:44:03AM +0100, Ludovic Courtès wrote:
> > Including proot-static makes a lot of sense and easily done (it adds
> > 3 MiB to the result.)  We’d need to document it properly though,
> > probably with a new section under “Setting Up the Daemon”.  We could
> > mention user namespaces as another option for non-root users.
> 
> I think with 3Mb only we should do it.
> 

Currently proot only build successfully on x86_64 and i686, so that is
something we would need to fix first.

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: Include Proot-static with binary releases

[Ludovic Courtès]

Efraim Flashner <efraim@flashner.co.il> skribis:

> On Thu, Jan 18, 2018 at 03:21:53PM +0100, Pjotr Prins wrote:
>> On Thu, Jan 18, 2018 at 11:44:03AM +0100, Ludovic Courtès wrote:
>> > Including proot-static makes a lot of sense and easily done (it adds
>> > 3 MiB to the result.)  We’d need to document it properly though,
>> > probably with a new section under “Setting Up the Daemon”.  We could
>> > mention user namespaces as another option for non-root users.
>> 
>> I think with 3Mb only we should do it.
>> 
>
> Currently proot only build successfully on x86_64 and i686, so that is
> something we would need to fix first.

Indeed, that’s a bummer.

Ludo’.

Re: Include Proot-static with binary releases

[Danny Milosavljevic]

[-- Attachment #1: Type: text/plain, Size: 963 bytes --]

On Tue, 23 Jan 2018 15:49:26 +0100
ludovic.courtes@inria.fr (Ludovic Courtès) wrote:

> > Currently proot only build successfully on x86_64 and i686, so that is
> > something we would need to fix first.  

Are you sure that is not just a limitation of the qemu transparent emulation?

I examined the test failures in proot-static and it's clear that qemu will have
some trouble finding out what one wants to happen:

>#include <unistd.h> /* execve(2), */
>#include <stdlib.h> /* exit(3), */
>#include <string.h> /* strcmp(3), */
>
>int main(int argc, char *argv[])
>{
>        if (argc == 0)
>                exit(EXIT_SUCCESS);
>
>        execve("/proc/self/exe", NULL, NULL);
>        exit(EXIT_FAILURE);
>}

Now, qemu transparent emulation still picks up, but then the missing
argv[0] will be a problem.

And indeed,

$ guix environment -s armhf-linux proot-static
[...]
[env]$ ./test-25069c12
qemu: no user program specified

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: Include Proot-static with binary releases

[Ludovic Courtès]

Hi!

Danny Milosavljevic <dannym@scratchpost.org> skribis:

> On Tue, 23 Jan 2018 15:49:26 +0100
> ludovic.courtes@inria.fr (Ludovic Courtès) wrote:
>
>> > Currently proot only build successfully on x86_64 and i686, so that is
>> > something we would need to fix first.  
>
> Are you sure that is not just a limitation of the qemu transparent emulation?

Oh, I hadn’t thought about that.

> I examined the test failures in proot-static and it's clear that qemu will have
> some trouble finding out what one wants to happen:
>
>>#include <unistd.h> /* execve(2), */
>>#include <stdlib.h> /* exit(3), */
>>#include <string.h> /* strcmp(3), */
>>
>>int main(int argc, char *argv[])
>>{
>>        if (argc == 0)
>>                exit(EXIT_SUCCESS);
>>
>>        execve("/proc/self/exe", NULL, NULL);
>>        exit(EXIT_FAILURE);
>>}
>
> Now, qemu transparent emulation still picks up, but then the missing
> argv[0] will be a problem.
>
> And indeed,
>
> $ guix environment -s armhf-linux proot-static
> [...]
> [env]$ ./test-25069c12
> qemu: no user program specified

Are you saying that /proc/self/exe is incorrect when using binfmt_misc?
D’oh!

--8<---------------cut here---------------start------------->8---
$ uname -m
x86_64
$ guix environment --ad-hoc coreutils -s armhf-linux
[env]$ uname -m
armv7l
[env]$ sleep 100 &
[1] 2410
[env]$ ls -l /proc/2410/exe 
lrwxrwxrwx 1 ludo users 0 Mar 25 09:55 /proc/2410/exe -> /gnu/store/6ar48khay4zd435cvkv4bgf1jih7jimq-qemu-3.1.0/bin/qemu-arm
--8<---------------cut here---------------end--------------->8---

So that could well be a problem (potentially in other packages as well;
I didn’t expect /proc/self/exe to be “wrong”.)

We’ll have to check what happens on berlin though, because there we
build on the bare metal.

Thanks,
Ludo’.