[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#34859] [PATCH] pack: "-RR" produces PRoot-enabled relocatable binar
|
From: |
Ludovic Courtès |
|
Subject: |
[bug#34859] [PATCH] pack: "-RR" produces PRoot-enabled relocatable binaries. |
|
Date: |
Fri, 15 Mar 2019 14:41:48 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Hi there!
Ludovic Courtès <address@hidden> skribis:
> @item --relocatable
> @itemx -R
> Produce @dfn{relocatable binaries}---i.e., binaries that can be placed
> -anywhere in the file system hierarchy and run from there. For example,
> -if you create a pack containing Bash with:
> +anywhere in the file system hierarchy and run from there.
> +
> +When this option is passed once, the resulting binaries require support for
> address@hidden namespaces} in the kernel Linux; when passed
> address@hidden@footnote{Here's a trick to memorize it: @code{-RR}, which adds
> +PRoot support, can be thought of as the abbreviation of ``Really
> +Relocatable''. Neat, isn't it?}, relocatable binaries fall to back to PRoot
> +if user namespaces are unavailable, and essentially work anywhere---see below
> +for the implications.
For the record, we had discussed this idea a while back¹, and I was
recently reminded of it when looking at udocker².
Udocker has a third method to achieve file system virtualization, which
is to use Debian’s Fakechroot³. Fakechroot is an LD_PRELOAD-based
thing, so it’s more lightweight than PRoot but also more fragile. I
don’t think it’d be interesting for us to support that method in
addition to user namespaces and PRoot.
Thoughts?
Ludo’.
¹ https://lists.gnu.org/archive/html/guix-devel/2018-04/msg00252.html
² https://github.com/indigo-dc/udocker/
³ https://github.com/dex4er/fakechroot/wiki