From owner-freebsd-hackers@freebsd.org Tue Mar 13 16:53:21 2018 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0BA55F31900 for ; Tue, 13 Mar 2018 16:53:21 +0000 (UTC) (envelope-from theron.tarigo@gmail.com) Received: from mail-qt0-x22f.google.com (mail-qt0-x22f.google.com [IPv6:2607:f8b0:400d:c0d::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 99E9A68A78 for ; Tue, 13 Mar 2018 16:53:20 +0000 (UTC) (envelope-from theron.tarigo@gmail.com) Received: by mail-qt0-x22f.google.com with SMTP id s48so299397qtb.10 for ; Tue, 13 Mar 2018 09:53:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:to:from:subject:message-id:date:user-agent:mime-version :content-transfer-encoding:content-language; bh=GzwcuX7YMHMpJBDjqvhGEFjWFzLLn3ocucSYA4AA08g=; b=O2Mw8YS9O2nra7VpYw8FvZjDLxqKJMT3L0blDuxI9HkLrIQfrhyLQETfV0RFUevMCM q7NTPSVWq5mp3waY0WXe5i6L6D9qnENKlt+d4QvtxrdMPrSWAiI2t67saW5qsG5odt4Y ynbGarqka6wKTB8r07c8vvgByO3JbraHuE3JbsXMA4itNJ6zC88H2qhgo7HOHOOQK3Va HfzaULraTk8txulJtWNTG8b8vPjNwm+KgJx3DZwLa+uzMPa+0JY/M4i7G8kp8Bhugq6d JXzhmwcOmZ8/AMg2lSsqHrfm8seHeBSI6EZkQgSrTBQ/jmrtmbhFXniU0tHEo6Nf4iPm iuKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:to:from:subject:message-id:date :user-agent:mime-version:content-transfer-encoding:content-language; bh=GzwcuX7YMHMpJBDjqvhGEFjWFzLLn3ocucSYA4AA08g=; b=uXrad2a1y2VaiXygKMypXHXKuOsRk0bAJGevnj0p7KJrZR0sui8e1daNzkPVgXaycL QCek2O3xfD/U5pkXf1i3vmRAudK3MBHR9Rshmmn+LXcU7xOqSI7FvJfeP2dPV/SAvMME AUJ9r9Tlc2TBRs97AN7KIVrdn02Z0NsgEnrAP/SfVHTZT6z+S/JbSAuZ+RnNmqDqlixj bRSY0reja1IXi/yBGp+EDJG2SgaF9nvamL3pR4qSiruZzvQZIdhgfIXXHkPNHv9BsoWh 26KYLc1F25dpzu4ySg3tQ3wP1gNhPlpGZvFIYD9QipSgcaP9XIsSdxAOpjA/mEpOr0DC rB6g== X-Gm-Message-State: AElRT7Flih5XS5KD+DwUJD+7DRBZE9l7wWJ0OceTeqAd6bnI9mMg8STb 9f//pF7yxJ4vFOvK0ts08EvYMY1t X-Google-Smtp-Source: AG47ELsDylw7lSfaMX3XUC6ByaxNHdZAgHDWU5v0KP6tg8wHswgK4ZhelyhqHoF7a1usDMQAdlDVhg== X-Received: by 10.200.48.135 with SMTP id v7mr2086993qta.296.1520960000099; Tue, 13 Mar 2018 09:53:20 -0700 (PDT) Received: from [155.41.26.230] (dhcp-wifi-8021x-155-41-26-230.bu.edu. [155.41.26.230]) by smtp.gmail.com with ESMTPSA id m187sm94220qkc.17.2018.03.13.09.53.19 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Mar 2018 09:53:19 -0700 (PDT) Sender: Theron Tarigo To: freebsd-hackers@freebsd.org From: Theron Subject: GSoC Idea: per-process filesystem namespaces for FreeBSD Message-ID: Date: Tue, 13 Mar 2018 12:53:18 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Mar 2018 16:53:21 -0000 Hello All, I am an undergraduate a Boston University looking to contribute to FreeBSD this summer under GSoC. The idea I would like to implement is to bring to FreeBSD a per-process mounting / namespaces functionality similar to that of the Plan9 operating system as a means to give greater flexibility in combination with less overhead than is associated with chroots and jails for purposes of isolating software setups from one another and from the underlying system. For those unfamiliar with Plan9, here is a rough explanation of the namespace feature: unlike in Unix, where all processes share the same virtual filesystem, each process instead has its own view of the filesystem according to what has been mounted, which, unlike Unix mount, as an unpriviliged operation changing only what is seen by the particular process and any processes it later spawns.  Thus it is possible for one process's /bin to be completely different from another process's /bin, and neither need be the same as the system's /bin, should one exist. As an example of its application and potential usefulness, a user may mount on top of /usr/local an overlay pointing to a location owned by the user, allowing existing binary packages which expect a /usr/local PREFIX to be installed and run without any modification either to the binary packages or to the underlying system.  Currently the only ways to achieve this are by recompiling ports with a different PREFIX or by configuring a jail.  Some, but not all, programs will function out-of-place under tweaked PATH and LD_LIBRARY_PATH, but this is not a general solution and leads to messy environments. Although I have not previously worked with kernel programming in particular, I have good experience of high-level practices and low-level details of C programming and I can teach myself new technical details quickly.  In researching how to approach the task, I will study the existing implementation of chroot, jail, and fdescfs as examples of process-specific namespace behavior already supported in FreeBSD kernel.  The nullfs and unionfs may also serve as work to build off of, although unionfs as currently implemented appears to be partially broken. Robustness of the implementation allowing, it should eventually be possible to replace system directories /bin, /sbin, /etc, etc. with bindings configured at boot time to improve the safety of live system upgrades and to provide a means of returning to older configurations which is not dependent on filesystem-specific snapshotting features. Although per-process filesystem namespacing is unconventional in the face of the dominant Unix single-namespace model, introducing the feature to a Unix-like system does not constitute a radical change, as it is compatible with and indeed facilitates the meeting of the reasonable expectation of existing and unmodified software to find resources in predetermined file paths. My attempt here to outline the relevant concepts is to the best of my limited understanding.  Hopefully I am not creating or propagating any misinformation and have not grossly misassessed the complexity of the task. I would greatly appreciate any suggestions of approaches to this task and of who to contact for more expertise and for potential mentorship. Thanks, Theron Tarigo