From: Jacob MacDonald <jaccarmac@gmail.com>
To: 53912@debbugs.gnu.org
Subject: [bug#53912] [PATCH 0/5] WIP Add WSL support.
Date: Thu, 11 Aug 2022 17:31:14 -0500 [thread overview]
Message-ID: <CACy6W0DVqFrSOayhoTz4Cm8CMKkWuNka4Mfv=60T6iPpR+SdUw@mail.gmail.com> (raw)
In-Reply-To: <875ypndznv.fsf@ajgrf.com>
Stefan wrote:
> The problems with sudo etc. in /run/setuid-programs/ stem from the nosuid and noexec flags, which WSL sets when mounting /run as tmpfs.
Do you know if there was a 5.10->5.15 change on that front? I only saw
the issue after upgrading WSL (and not Guix), even though I had to
work around several mount issues getting Guix set up in the first
place.
> This all seems to be far from perfect to me.
It is less than ideal.
> All in all WSL assumes the Filesystem Hierarchie Standard and /etc/environment
I do have some workarounds for the issues you mention; No long
examples since that work machine is airgapped, but I'll outline my
setup and can follow up with code. The filesystem standard, Linux and
Guix internals are the areas I'm fuzzy on, relying mostly on
third-party advice and a little bit of common-sense tinkering. It's
possible that something other than the WSL upgrade broke /run, but my
image started with a broken Guix and has undergone several successful
revisions.
> I use a guile script which remounts /run with these flags removed.
> With Windows 11 there is a boot option for the /etc/wsl.config, which might be the optimal place for a script to do re-mounts and start shepherd.
That is exactly right based on my experience. My init script doesn't
do any mounts (since the old WSL seemed to let me call sudo just
fine), but it does start as root and make sure the file system is sane
before kicking things off.
> Changing the default user to prevent problems with local drives seems possible with an /etc/wsl.conf file. But then it will not be possible to use root’s shell entry for the script anymore.
I never investigated the ownership of /mnt/c/, but it seemed to work
OK in userspace. I could create files or delete/trash them from a
user-level Emacs.
> Hm, I guess that even if the sudo problem is solved, then still a “sudo -i” won’t be possible with the patch. Is that right?
I haven't used this patch, so I'm not sure how it interacts. However,
/run/setuid-programs/sudo -i fails for me as expected while
/run/current-system/profile/bin/sudo -i works.
> [WSL] makes it hard to launch arbitrary commands as intended with just “wsl -e ls” in Guix. In such a case no shell is involved and no /etc/profile or ~/.profile is sourced, so ls won’t be found.
> Another possible problem with the patch might be the current-directory. I guess that a “wsl -d guix -e ls” will not list the directory from which the wsl command got invoked, but the user’s home directory.
This may be another Win11 feature, but I figured out that --shell-type
is a way around that annoyance. wsl --shell-type login ls in a fresh
PowerShell shows me files in my Windows home. My shell configuration
is small enough that the startup overhead is minimal, and based on
running top that way, there's no shell process that sticks around.
> With the WSL version I’m using on Windows 10 its /init requires a group cache for nscd, too.
The advice I saw on Guix-in-WSL suggested disabling nscd and I found
that to be the case.
> My setup is using a gnu.bat file, which invokes a guile script named gnu.scm in WSL, which – if needed – does the re-mounts and starts shepherd, and calls sudo to login the user and change the directory before executing further commands from the user. It is retaining some environment variables like TERM, and the content of WSLENV. So from the Windows side it is possible to call “gnu.bat ls -lA” etc. or just “gnu.bat” to get a shell.
My /etc/wsl.conf sets the default user and specifies a script to run
at boot. That script sets up /run/current-system, boots from it, and
does those few trivial fs sanity checks. From there, I can start new
shells for my user and everything seems to behave. System
reconfigurations were the biggest footgun prior to this latest
breakage, but this is my only GuixSD experience so that might be a
general problem.
Thanks!
Jacob.
prev parent reply other threads:[~2022-08-11 22:32 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-10 6:05 [bug#53912] [PATCH 0/5] WIP Add WSL support Alex Griffin via Guix-patches via
2022-02-10 6:12 ` [bug#53912] [PATCH 1/5] scripts: Fix typo Alex Griffin via Guix-patches via
2022-02-10 6:22 ` [bug#53912] [PATCH 2/5] system: image: Add tarball support Alex Griffin via Guix-patches via
2022-04-11 10:34 ` [bug#53912] [PATCH 0/5] WIP Add WSL support Ludovic Courtès
2022-02-10 6:27 ` [bug#53912] [PATCH 3/5] system: image: Add wsl-tarball support Alex Griffin via Guix-patches via
2022-02-15 14:10 ` Liliana Marie Prikler
2022-02-15 16:28 ` Maxime Devos
2022-02-15 16:31 ` Maxime Devos
2022-02-10 6:31 ` [bug#53912] [PATCH 4/5] system: Add wsl module Alex Griffin via Guix-patches via
2022-02-10 6:35 ` [bug#53912] [PATCH 5/5] image: Add wsl image Alex Griffin via Guix-patches via
2022-04-11 10:41 ` [bug#53912] [PATCH 0/5] WIP Add WSL support Ludovic Courtès
2022-04-26 7:15 ` Mathieu Othacehe
2022-06-04 0:31 ` Christine Lemmer-Webber
2022-09-11 12:23 ` Mathieu Othacehe
2022-09-25 11:56 ` bug#53912: " Mathieu Othacehe
2022-08-11 16:27 ` [bug#53912] " Jacob MacDonald
2022-08-11 21:32 ` [bug#53912] [PATCH 0/5] WIP Add " Stefan via Guix-patches via
2022-08-11 22:31 ` Jacob MacDonald [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CACy6W0DVqFrSOayhoTz4Cm8CMKkWuNka4Mfv=60T6iPpR+SdUw@mail.gmail.com' \
--to=jaccarmac@gmail.com \
--cc=53912@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.