GNU bug report logs - #34859
[PATCH] pack: "-RR" produces PRoot-enabled relocatable binaries.

Previous Next

Full log

Message #8 received at 34859 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludovic.courtes <at> inria.fr>
To: 34859 <at> debbugs.gnu.org
Subject: Re: [bug#34859] [PATCH] pack: "-RR" produces PRoot-enabled
 relocatable binaries.
Date: Fri, 15 Mar 2019 14:41:48 +0100

Hi there!

Ludovic Courtès <ludo <at> gnu.org> skribis:

>  @item --relocatable
>  @itemx -R
>  Produce @dfn{relocatable binaries}---i.e., binaries that can be placed
> -anywhere in the file system hierarchy and run from there.  For example,
> -if you create a pack containing Bash with:
> +anywhere in the file system hierarchy and run from there.
> +
> +When this option is passed once, the resulting binaries require support for
> +@dfn{user namespaces} in the kernel Linux; when passed
> +@emph{twice}@footnote{Here's a trick to memorize it: @code{-RR}, which adds
> +PRoot support, can be thought of as the abbreviation of ``Really
> +Relocatable''.  Neat, isn't it?}, relocatable binaries fall to back to PRoot
> +if user namespaces are unavailable, and essentially work anywhere---see below
> +for the implications.

For the record, we had discussed this idea a while back¹, and I was
recently reminded of it when looking at udocker².

Udocker has a third method to achieve file system virtualization, which
is to use Debian’s Fakechroot³.  Fakechroot is an LD_PRELOAD-based
thing, so it’s more lightweight than PRoot but also more fragile.  I
don’t think it’d be interesting for us to support that method in
addition to user namespaces and PRoot.

Thoughts?

Ludo’.

¹ https://lists.gnu.org/archive/html/guix-devel/2018-04/msg00252.html
² https://github.com/indigo-dc/udocker/
³ https://github.com/dex4er/fakechroot/wiki

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.