[Buildd-tools-devel] schroot question

Roger Leigh rleigh at codelibre.net
Sat Jan 17 18:28:19 UTC 2009 

On Sat, Jan 17, 2009 at 01:13:22PM -0500, Steven Hirsch wrote:
> On Sun, 11 Jan 2009, Roger Leigh wrote:
>
>>> If so, it would be great to have a mechanism for use in such "login"
>>> sessions for running scripts after the fork + chroot() takes place and
>>> prior to root privileges being dropped.
>>
>> You could possibly abuse the "command-prefix" configuration option to
>> do this with a custom script inside the chroot.  However, there are
>> likely better alternatives.
>>
>> I already want to take this approach in order to support things such
>> as per-process namespaces.  However, these are inherited by child
>> processes and so can't be used at present.  I was thinking of having
>> schroot run as a daemon (either just one or one per chroot) which
>> creates a PTY for each chroot, and when you run a command it connects
>> you to the PTY like a screen session would; the user would get
>> stdin/stdout/stderr on their terminal or redirected as expected.  This
>> would allow stuff to run persistently inside such as daemons and
>> autofs.
>>
>> This approach is probably also desirable to support KVM/qemu and other
>> virtualisation mechanisms as well in addition to basic chroot
>> virtualisation.
>
> Is the persistent PTY approach slated for implementation, or simply a  
> wish-list item?

It is, but I only work on schroot as my PhD allows time for.  As a result,
it may be a few months away (it's not a trivial change!).

> If it is not imminent, I'd like to implement a sort of  
> init-script facility that runs in the actual process space of the user's 
> chroot-ed session.

I'll be happy to consider any patches or suggestions you have to do this
as an interim measure.


Regards,
Roger

-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux             http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?       http://gutenprint.sourceforge.net/
   `-    GPG Public Key: 0x25BFB848   Please GPG sign your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20090117/a6fabce6/attachment.pgp

More information about the Buildd-tools-devel mailing list