Difference between revisions of "Development Team/Chroot"

From Sugar Labs
Jump to navigation Jump to search
m (moved Walter is a wanker 12/Chroot to Development Team/Chroot over redirect: revert)
 
(61 intermediate revisions by 8 users not shown)
Line 1: Line 1:
Sugar ought to be easy to run from chroots. For a variety of silly reasons, this isn't yet the case, but it might be soon. Ping [[User:Mstone|Michael]] with questions.
+
=== Status ===
  
=== Chroot Construction ===
+
* sugar-chroot-0.1 released: see [http://dev.laptop.org/git/users/mstone/sugar-chroot sugar-chroot]
  
There are lots of ways to create appropriate chroots; e.g. by hand, with debootstrap, with mock, etc.
+
=== Purpose ===
  
==== debootstrap ====
+
''You want to hack sugar. You don't want to fuss around. '''You want sugar-chroot.'''''
With debootstrap, in order to get a working chroot, you want something like:
 
  
  export CHROOT=`pwd`/sid-root
+
=== Usage ===
  sudo debootstrap --arch i386 sid $CHROOT http://debian.lcs.mit.edu/debian
 
  sudo chroot $CHROOT /bin/bash -l
 
  # and some of the following:
 
  mount -t proc proc $CHROOT/proc
 
  mount -t devpts devpts $CHROOT/dev/pts
 
  mount -t selinuxfs selinux $CHROOT/selinux
 
  
''Reference: http://www.debian.org/doc/manuals/reference/ch-tips.en.html ''
+
As excerpted from the '''[http://dev.laptop.org/git/users/mstone/sugar-chroot/plain/README README]''':
  
==== mock ====
+
sugar-chroot consists of simple scripts. Download and unpack them like so:
With mock, it would be more like:
 
  
  mock -r fedora-devel-i386 --init
+
NV=sugar-chroot-0.1
  mock -r fedora-devel-i386 --shell
+
curl http://dev.laptop.org/~mstone/releases/SOURCES/$NV.tar.xz | tar Zxf $NV.tar.xz
 +
cd $NV
  
=== X11 ===
+
To use them, pick a supported distro:
  
Most X11 servers are configured to disable TCP connections. This means that in order to get a working X connection we can:
+
DISTRO=debian
 +
DISTRO=fedora
  
# bind-mount the X unix socket into the chroot.
+
To configure:
# ssh ''into'' the chroot with X11-forwarding enabled.
 
# Enable TCP on an X server, e.g. a nested Xephyr.
 
  
We're going to try option (3) first:
+
echo $DISTRO > conf/distro
 +
$EDITOR conf/$DISTRO.mk
  
  Xephyr -ac :1    ''outside chroot''
+
Then run
  
::''NB: If you want something more secure, try:''
+
sudo make r/distro
  
DISP=:1  # adjust to suit
+
to install your chroot.
COOKIE=$(mcookie)
 
AUTH=$(mktemp)
 
echo "add :1 . $COOKIE" | xauth -f "$AUTH"
 
echo "add these commands to clients:"
 
echo "export DISPLAY=\"localhost$DISP\""
 
echo "export XAUTHORITY=\"$AUTH\""
 
Xephyr -auth "$AUTH" -reset -terminate ":$DISP"
 
  
And, ''inside'' the chroot:
+
=== History ===
  
  export DISPLAY=localhost:1
+
See http://wiki.sugarlabs.org/index.php?title=Development_Team/Chroot&oldid=36911 for the manual instructions which sugar-chroot automates.
  # or use the commands echoed above
 
 
 
=== D-Bus ===
 
 
 
Sugar wants to be able to use global state stored in both HAL and NetworkManager, both of which live on the system bus. Consequently, we need to bind-mount
 
 
 
  mount --bind /var/run/dbus $CHROOT/var/run/dbus
 
 
 
before entering the chroot. (Mock uses unshare() to enter a new mount-point namespace since this makes garbage collection of mountpoints much easier.)
 
 
 
=== User Account ===
 
 
 
For stupid reasons, it's necessary that Sugar run under a uid inside the chroot which exists as a real account outside the chroot. (Talk to the DBus people.)
 
 
 
Consequently, run something like this ''both'' inside and outside the chroot:
 
 
 
  groupadd -g 64002 sugar
 
  useradd -m -u 64002 -g sugar sugar
 
 
 
Then, inside the chroot, you can happily run sugar as user 'sugar' with something like
 
 
 
cat > as_person <<EOF
 
#!/usr/bin/env python
 
from os import environ, chdir, setgroups, setgid, setuid, execve
 
from sys import argv
 
from pwd import getpwnam
 
user = getpwnam(argv[1])
 
environ['HOME'] = user.pw_dir
 
environ['USER'] = user.pw_name
 
chdir(user.pw_dir)
 
setgroups([user.pw_gid])
 
setgid(user.pw_gid)
 
setuid(user.pw_uid)
 
execve(argv[2], argv[2:], environ)
 
EOF
 
chmod a+x as_person
 
./as_person sugar /usr/bin/sugar
 
 
 
 
 
== Jhbuild ==
 
 
 
After you can also build sugar inside your chroot without compromising your ''main'' system.
 
 
 
*[[Development Team/Jhbuild]]
 

Latest revision as of 20:33, 23 February 2010

Status

Purpose

You want to hack sugar. You don't want to fuss around. You want sugar-chroot.

Usage

As excerpted from the README:

sugar-chroot consists of simple scripts. Download and unpack them like so:

NV=sugar-chroot-0.1
curl http://dev.laptop.org/~mstone/releases/SOURCES/$NV.tar.xz | tar Zxf $NV.tar.xz
cd $NV

To use them, pick a supported distro:

DISTRO=debian
DISTRO=fedora

To configure:

echo $DISTRO > conf/distro
$EDITOR conf/$DISTRO.mk

Then run

sudo make r/distro

to install your chroot.

History

See http://wiki.sugarlabs.org/index.php?title=Development_Team/Chroot&oldid=36911 for the manual instructions which sugar-chroot automates.