From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6486351797115944960 X-Received: by 10.28.54.90 with SMTP id d87mr235488wma.19.1510342946148; Fri, 10 Nov 2017 11:42:26 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 10.28.19.211 with SMTP id 202ls5501wmt.1.gmail; Fri, 10 Nov 2017 11:42:25 -0800 (PST) X-Google-Smtp-Source: AGs4zMZd9FeoOipCTIL6qgjN1roT0k4PYoJwNYpGHmlGK1WL3d+AVKDq24wSMa7g3CmTPVVhT2HA X-Received: by 10.28.6.198 with SMTP id 189mr237707wmg.26.1510342945755; Fri, 10 Nov 2017 11:42:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1510342945; cv=none; d=google.com; s=arc-20160816; b=aLa/Rw+puGy4cbOhcsXXCan3C/Tx+bY4iSLuCgfvbMMlc2dGjFSdL3fSky9C1y2oOW SXk8a98KfTb10CykXyI3gdhed+vF+eBg4CEWLHlRasNpWexIouXzIWihs21qerdGku9T w0zcE/LSlM36JKqbQa+tYQtBxW+/rOsdtyh7S02w4lSqimI/V57pog01i9d4PU7gJnGD k0aEVSIz9wkf1hAVtAzx5wIYhYZbNmc6jp6ye/k83iSgP1cRqI0PlitQ06+IB1lXDRCN sN9DFYIessq9LzqIjsE6qfEDNC/44jZMEcA5X92cYHw4OxXp6Hyn4mcVmbeIl0dhsrVZ jwgw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:references:to:subject :arc-authentication-results; bh=fQsqjdEG5dsTAQ9Xtwa+1/++3ztzUe5ZVKhiPC0uCy8=; b=WJFqN5+ELDuvmxiKN6m1md6LbVYY2uEVC5bRj7lLttVaAq5k6nU4CYHViE5Fpjzf1j 7unKOftjiEAk3CDEgOqKMoNXMQv98Y4V4a2H3hxpPBX3HhGQKafaS1h/vvNOIJ8qfKlp 1/giX6tsilguaBv/R3Pr/jHW3ohJZ524DOAj3C4MrXI9I4ZaznhI1iZ/grEKds/r6HWo OjwXGyG0zGolrXZ/MnmNa9cSfbn7lr1nMbWYeF21tXvxAIa6MzzLqqt/ZjzdlhqpZk/f tL0Eottp7geCL6KIfThPa/dn9+bA/r0M7DvCxj1lVCQGaBlFx1ChVUsQKy9QlNLsOp+S 9DnQ== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: best guess record for domain of asmirnov@ilbers.de designates 85.214.62.211 as permitted sender) smtp.mailfrom=asmirnov@ilbers.de Return-Path: Received: from aqmola.ilbers.de (aqmola.ilbers.de. [85.214.62.211]) by gmr-mx.google.com with ESMTPS id p4si770453wrh.2.2017.11.10.11.42.25 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 10 Nov 2017 11:42:25 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of asmirnov@ilbers.de designates 85.214.62.211 as permitted sender) client-ip=85.214.62.211; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: best guess record for domain of asmirnov@ilbers.de designates 85.214.62.211 as permitted sender) smtp.mailfrom=asmirnov@ilbers.de Received: from [10.0.2.15] ([188.227.110.165]) (authenticated bits=0) by aqmola.ilbers.de (8.14.4/8.14.4/Debian-4+deb7u1) with ESMTP id vAAJgK8Y027572 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 10 Nov 2017 20:42:23 +0100 Subject: Re: PRoot Isar summary To: Jan Kiszka , isar-users@googlegroups.com References: <1496e693-490f-16d6-0957-c9281ed7dd3e@ilbers.de> From: Alexander Smirnov Message-ID: <7d48c419-34e0-b63a-2542-85a1c03ec764@ilbers.de> Date: Fri, 10 Nov 2017 22:42:15 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-TUID: npxj7n+6u5Pq Hi, On 11/10/2017 09:59 PM, Jan Kiszka wrote: > On 2017-11-09 10:57, Alexander Smirnov wrote: >> Hello everybody, >> >> I've tried to completely switch Isar to PRoot, so here are the problems >> I've faced with: >> >> 1. PRoot doesn't work with UID/GID, all the files in PRoot are owned by >> root. The command 'chown' doesn't have any effect. >> >> 2. Some system commands are failed in PRoot: passwd, chpasswd. I see >> message: System error, no other clues (but for Wheezy these commands work). >> >> 3. mkfs.ext4 doesn't work under proot, lots of files are dropped in >> resulting image. >> >> So, summary: >> ============ >> >> 1. PRoot could be an intermediate option for: >>  + Buildchroot creation. >>  + Packages building. >>  - Drawback: works slowly. > > Aren't issues 1 and 2 from above affecting these use cases as well? > For now I don't have any facts about problems with buildchroot, but my test includes only 'hello' and 'example-raw' applications. - Regarding UID/GID, what I've seen for now, these manipulations are done in postinst scripts. - Passwd/chpasswd commands are also used in postinst scripts (for example initrd package), there is no need to have passwords in buildchroot because we are working under root. So, roughly speaking, buildchroot is only needed to compile and pack the binary package, what doesn't require multi-UID/GID and passwords support. But for sure, it needs to build much more real packages to have more precise statistics. :-( So I've created dedicated branch 'asmirnov/proot' for possible experiments in future. >> >> 2. For image generation the other tool should be considered. >> > > What is plan B now? Plan C remains falling back to VM builds, I suppose. So there are 2 options remain for evaluation: - fakeroot - pseudo I'd like to evaluate these tools for the features, that are uncovered now: - rootfs with UID/GID support: in general PRoot is able to generate multistrap rootfs with just *upacked* Debian packages, all the problems occur when I try to run 'dpkg-configure -a' inside this rootfs. - ext2fs image generation (AFAIK this already is supported by Yocto, but unfortunately I don't know too much, I need to take a look first). From this evaluation I'd like to get two points: 1. Could we somehow implement quick PoC to drop 'sudo' for Isar. This PoC could be based on several tools in parallel. 2. If the item above is possible - then choose one dedicated tool and try to adapt it for our needs. Alex