Re: Unprivileged /gnu/store with PRoot

[Maxim Cournoyer]

Hi Ludovic!

address@hidden (Ludovic Courtès) writes:

> Hello Guix!
>
> In hostile environments (read: machines that lack Guix and where you’re
> not root, such as HPC clusters), it can be hard to manage software with
> Guix.
>

[...]

>
> One way to work around the problem is to use PRoot, a ptrace(2)-based
> tool to virtualize the file system².  With the ‘proot-static’ package I
> just pushed, one can run, say, hwloc, on such a hostile machine by
> sending locally-created packs as well as ‘proot’:
>
>   scp $(guix build proot-static)/bin/proot hostile:
>   scp $(guix pack hwloc -S /bin=bin) hostile:hwloc.tgz
>
> and then on the hostile machine:
>
>   mkdir ~/.local
>   cd ~/.local
>   tar xf ~/hwloc.tgz
>   cd
>   ./proot -b .local:/ /bin/lstopo
>
> where “proot -b .local:/” essentially “bind-mounts” ~/.local to /.
>
> Pretty cool no?  :-)

Pretty clever hack! :) I'm almost looking forward my next "hostile"
machine encounter... eh!

>
> PRoot adds overhead since it has to intercept every syscall.  However,
> for a mostly computational process, it should not be much of a problem.
>

Which essentially means when the proot'd software is first loaded from disk?
Am I right to think that the performance would be the same after the
prooted program is all mapped in memory?

Thanks for sharing!

Maxim

signature.asc
Description: PGP signature