Line 1: |
Line 1: |
− | Sugar ought to be easy to run from chroots. For a variety of silly reasons, this isn't yet the case, but it might be soon. Ping [[User:Mstone|Michael]] with questions.
| + | === Status === |
| | | |
− | === Chroot Construction ===
| + | * sugar-chroot-0.1 released: see [http://dev.laptop.org/git/users/mstone/sugar-chroot sugar-chroot] |
| | | |
− | There are lots of ways to create appropriate chroots; e.g. by hand, with debootstrap, with mock, etc.
| + | === Purpose === |
| | | |
− | ==== debootstrap ====
| + | ''You want to hack sugar. You don't want to fuss around. '''You want sugar-chroot.''''' |
− | With debootstrap, in order to get a working chroot, you want something like:
| |
| | | |
− | export CHROOT=`pwd`/sid-root
| + | === Usage === |
− | sudo debootstrap --arch i386 sid $CHROOT http://debian.lcs.mit.edu/debian
| |
− | sudo chroot $CHROOT /bin/bash -l
| |
− | # and some of the following:
| |
− | mount -t proc proc $CHROOT/proc
| |
− | mount -t devpts devpts $CHROOT/dev/pts
| |
− | mount -t selinuxfs selinux $CHROOT/selinux
| |
| | | |
− | ''Reference: http://www.debian.org/doc/manuals/reference/ch-tips.en.html '' | + | As excerpted from the '''[http://dev.laptop.org/git/users/mstone/sugar-chroot/plain/README README]''': |
| | | |
− | ==== mock ====
| + | sugar-chroot consists of simple scripts. Download and unpack them like so: |
− | With mock, it would be more like:
| |
| | | |
− | mock -r fedora-devel-i386 --init
| + | NV=sugar-chroot-0.1 |
− | mock -r fedora-devel-i386 --shell
| + | curl http://dev.laptop.org/~mstone/releases/SOURCES/$NV.tar.xz | tar Zxf $NV.tar.xz |
| + | cd $NV |
| | | |
− | === X11 ===
| + | To use them, pick a supported distro: |
| | | |
− | Most X11 servers are configured to disable TCP connections. This means that in order to get a working X connection we can:
| + | DISTRO=debian |
| + | DISTRO=fedora |
| | | |
− | # bind-mount the X unix socket into the chroot.
| + | To configure: |
− | # ssh ''into'' the chroot with X11-forwarding enabled.
| |
− | # Enable TCP on an X server, e.g. a nested Xephyr.
| |
| | | |
− | We're going to try option (3) first:
| + | echo $DISTRO > conf/distro |
| + | $EDITOR conf/$DISTRO.mk |
| | | |
− | # ''outside chroot''
| + | Then run |
− | DISP=:1 # adjust to suit your configuration
| |
− | COOKIE=$(mcookie)
| |
− | AUTH=$(mktemp)
| |
− | echo "add $DISP . $COOKIE" | xauth -f "$AUTH"
| |
− | echo "add these commands to clients:"
| |
− | echo "export DISPLAY=\"localhost$DISP\""
| |
− | echo "export XAUTHORITY=\"$AUTH\""
| |
− | Xephyr -auth "$AUTH" -reset -terminate "$DISP" && rm "$AUTH"
| |
| | | |
− | And, ''inside'' the chroot, set the <tt>DISPLAY</tt> and <tt>XAUTHORITY</tt> variables as directed by the setup script.
| + | sudo make r/distro |
| | | |
− | === D-Bus ===
| + | to install your chroot. |
| | | |
− | Sugar wants to be able to use global state stored in both HAL and NetworkManager, both of which live on the system bus. Consequently, we need to bind-mount
| + | === History === |
| | | |
− | mount --bind /var/run/dbus $CHROOT/var/run/dbus
| + | See http://wiki.sugarlabs.org/index.php?title=Development_Team/Chroot&oldid=36911 for the manual instructions which sugar-chroot automates. |
− | | |
− | before entering the chroot. (Mock uses unshare() to enter a new mount-point namespace since this makes garbage collection of mountpoints much easier.)
| |
− | | |
− | === User Account === | |
− | | |
− | For stupid reasons, it's necessary that Sugar run under a uid inside the chroot which exists as a real account outside the chroot. (Talk to the DBus people.)
| |
− | | |
− | Consequently, run something like this ''both'' inside and outside the chroot:
| |
− | | |
− | groupadd -g 64002 sugar
| |
− | useradd -m -u 64002 -g sugar sugar
| |
− | | |
− | Then, inside the chroot, you can happily run sugar as user 'sugar' with something like
| |
− | | |
− | cat > as_person <<EOF
| |
− | #!/usr/bin/env python
| |
− | from os import environ, chdir, setgroups, setgid, setuid, execve
| |
− | from sys import argv
| |
− | from pwd import getpwnam
| |
− | user = getpwnam(argv[1])
| |
− | environ['HOME'] = user.pw_dir
| |
− | environ['USER'] = user.pw_name
| |
− | chdir(user.pw_dir)
| |
− | setgroups([user.pw_gid])
| |
− | setgid(user.pw_gid)
| |
− | setuid(user.pw_uid)
| |
− | execve(argv[2], argv[2:], environ)
| |
− | EOF
| |
− | chmod a+x as_person
| |
− | ./as_person sugar /usr/bin/sugar
| |
− | | |
− | | |
− | == Jhbuild ==
| |
− | | |
− | After you can also build sugar inside your chroot without compromising your ''main'' system.
| |
− | | |
− | *[[Development Team/Jhbuild]]
| |