Re: How to install guix without root permission

[Ludovic Courtès]

rohit yadav <address@hidden> skribis:

> ​
> On Fri, Jan 6, 2017 at 9:18 AM, Ludovic Courtès <address@hidden> wrote:
>
>  rohit yadav <address@hidden> skribis:
>
>  > ​Thanks for the reply. ​The proot (https://proot-me.github.io/) project
>  > allows you to map $HOME/gnu/store to /gnu/store etc. However, where I am
>  > struggling is the guixbuild users and group creation, and running guix
>  > daemon.
>
>  Yes, though PRoot relies on syscall interception using ptrace(2), which
>  is inefficient (which may or may not be a problem, depending on the
>  application).
>
> ​ I am not greatly familiar with the lower level details of linux kernel yet. 
> How lot of these useful utilities work is not clear to me. I will probably 
> work on it sometime (any references?). For now, the performance
> is not an issue. However, the main issue how to create guixbuild group and 
> users?​

As I wrote to Tobias, it’s probably OK to use --disable-chroot (which
alleviates the need for build users) and ask PRoot to restrict file
system access to /gnu/store.

Still not as good as what you get by running guix-daemon as root
(separate UIDs, access to specific /gnu/store items), but probably “good
enough” as a first approximation.

>  > I am using kernel 4+, which supports namespaces.
>
> ​How should I check it?

Like this:

>  Yes, but some distributions compile it out or turn it off by default.
>  See
>  
> <http://git.savannah.gnu.org/cgit/guix.git/tree/guix/scripts/environment.scm#n517>,
>  for a way to check whether user namespaces are enabled.

HTH!

Ludo’.