Date: Sun, 25 Mar 2018 01:54:27 -0400 From: Theron Tarigo <theron.tarigo@gmail.com> To: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: GSoC Idea: Fakechroot on FreeBSD; Ports building in clean non-root environment Message-ID: <eb52f1f7-8802-6571-865c-7d238b704797@gmail.com>
next in thread | raw e-mail | index | archive | help
Hello All, I am an undergraduate a Boston University looking to contribute to FreeBSD this summer under GSoC. I made a posting to this list last week about an idea to implement per-process namespaces, but I have decided that this would be too big in scope for GSoC and I have decided instead to revisit a more manageable idea with similar motivations. The motivation for this idea is to provided a way to safely and cleanly build ports without superuser privileges, jails, or touching the installed system in any way. The project would consist of two parts. The first would be to write a utility providing similar functionality to the "fakechroot" already found on Debian GNU, but compatible with FreeBSD's libc. This utility would intercept calls to open(...) and related libc functions to emulate the behavior of running the program within a modified file namespace, but without requiring any special kernel functionality or superuser priviliges. Once this first part is out of the way, the utility will serve as the basis for a ports building script which is free to operate independently from the installed system. One particular improvement I would like to make is to provide a command for fetching and installing (into a user-owned path) all build dependencies for a port from binary packages, saving space and time that would otherwise be needed to compile these from source. Using the path redirection utility, "/usr/local" can be made to redirect to the user-owned installation, allowing unmodified binaries from the official package repository to function. Furthermore, with such redirection of the PREFIX directory, binary packages may be built with the correct paths such that they may be later installed system-wide (by root) as with binary packages built by the existing processes. The project would consist of a few related small, manageable parts, therefore a proper proposal will be somewhat lengthy, although not representing an overly complex project. Should proper integration with pkg and ports not be achievable in time, the path redirection utility itself and consequent ability to build ports within a clean, non-jail environment at the very least would be useful deliverables. I have several years of experience with programming in C and have previously implemented library function call intercepting tricks as will be needed for the fakechroot part of the project, so the approach is already familiar to me. I have been a user of FreeBSD for the past two years and successfully maintain a personal system running CURRENT with a mix of installed binary packages and builds from ports, so I have familiarized myself with these parts of the system and have encountered some of the gotchas to be aware of. I have previously performed an experiment in which I successfully built a working package of unmodified x11-servers/xorg-server without superuser or jails, which I accomplished through modifying PATH and LD_LIBRARY_PATH and with some other hacks. However, I believe that due to limitations I encountered with this approach, a generalized file path redirection library is a more appropriate solution. Please let me know if you would be interested in mentoring this project or can suggest someone who might be. Thanks, Theron Tarigo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?eb52f1f7-8802-6571-865c-7d238b704797>