Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support rootless mode? #862

Open
inklesspen1rus opened this issue Jun 24, 2024 · 1 comment
Open

Support rootless mode? #862

inklesspen1rus opened this issue Jun 24, 2024 · 1 comment

Comments

@inklesspen1rus
Copy link

I think this would be great if we could work without root

Currently I see these points we should adapt to rootless mode:

These points can be adapted via fakechroot, squashfuse and fuseiso

Could u review and accept my changes if I send PR with these adaptions? Without breaking changes, with new options in cli
For example: distrobuilder --rootless ....
@stgraber
Copy link
Member

There is far more than this unfortunately:

  • The entire distrobuilder process runs inside of a mount namespace. That's because a lot of the distributions we build will commonly run postinst/postunpack scripts that perform bind-mounts, mount tmpfs, mount proc/sys/dev, that kind of stuff, so we use at throwable mount namespace to keep things contained.
  • fakechroot/fakeroot works through LD_PRELOAD which only works on processes that use a C library, Go processes do not use a C library so they will be completely immune to fakeroot/fakechroot causing a bunch of issues
  • We commonly read squashfs (squashfuse can do it), ISO (fuseiso can do it) but also ext4 (so would need fuse2fs too).
  • On top of that we also produce full disk images (for VMs) which then require the ability to map partition tables (kpartx type interactions), format and write to both vfat and ext4

I think the namespace and fakeroot/fakechroot issues are going to be the biggest problem here.
As that needs to handle any crazy thing arbitrary packages from arbitrary distribution can throw at out.

There are FUSE based alternatives for pretty much every filesystem we need to interact with so that part should be manageable enough.

The partition handling is a bit more problematic as you obviously can't use kpartx/losetup when unprivileged so you'd need each of the FUSE filesystems to support accessing their filesystem at an offset and then basically read the partition table, calculate the offset and pass that through.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stgraber @inklesspen1rus