[Buildd-tools-devel] schroot question
Roger Leigh
rleigh at codelibre.net
Sat Jan 17 18:28:19 UTC 2009
On Sat, Jan 17, 2009 at 01:13:22PM -0500, Steven Hirsch wrote:
> On Sun, 11 Jan 2009, Roger Leigh wrote:
>
>>> If so, it would be great to have a mechanism for use in such "login"
>>> sessions for running scripts after the fork + chroot() takes place and
>>> prior to root privileges being dropped.
>>
>> You could possibly abuse the "command-prefix" configuration option to
>> do this with a custom script inside the chroot. However, there are
>> likely better alternatives.
>>
>> I already want to take this approach in order to support things such
>> as per-process namespaces. However, these are inherited by child
>> processes and so can't be used at present. I was thinking of having
>> schroot run as a daemon (either just one or one per chroot) which
>> creates a PTY for each chroot, and when you run a command it connects
>> you to the PTY like a screen session would; the user would get
>> stdin/stdout/stderr on their terminal or redirected as expected. This
>> would allow stuff to run persistently inside such as daemons and
>> autofs.
>>
>> This approach is probably also desirable to support KVM/qemu and other
>> virtualisation mechanisms as well in addition to basic chroot
>> virtualisation.
>
> Is the persistent PTY approach slated for implementation, or simply a
> wish-list item?
It is, but I only work on schroot as my PhD allows time for. As a result,
it may be a few months away (it's not a trivial change!).
> If it is not imminent, I'd like to implement a sort of
> init-script facility that runs in the actual process space of the user's
> chroot-ed session.
I'll be happy to consider any patches or suggestions you have to do this
as an interim measure.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`- GPG Public Key: 0x25BFB848 Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20090117/a6fabce6/attachment.pgp
More information about the Buildd-tools-devel
mailing list