Re: [Plash] Using plash to overlay a filesystem

[Mark Seaborn]

Thomas Leonard <address@hidden> wrote:

> I'm trying to use Plash to implement an overlay (like Klik). Some questions:
> 
> Some programs don't like running with a different user ID. e.g.
> 
> (gedit:12710): GLib-WARNING **: getpwuid_r(): failed due to unknown
> user id (2092094)

PlashGlibc has a facility for faking the UID/GID returned from
getuid() and similar calls.  You need to use that.  See
set_fake_uids() in python/plash/pola_run_args.py, which pola-run uses.
It sets the environment variables PLASH_FAKE_{E,}{U,G}ID.

> I tried disabling the PID change with:
> 
> class SameProcessSpec(plash.process.ProcessSpecWithNamespace):
>       def _set_up_sandbox_prog(self):
>               pass
> 
> That works for the process itself, but the process can't spawn any
> child processes. Any fix for that? (I'm not trying for security here;
> this is for friendly programs)

Yes, that won't work completely because execve() calls will still work
as if they are inside the chroot+setuid jail, where they have to
explicitly invoke the ELF chainloader and/or ld.so.  That can be
overridden with environment variables.  See run-uninstalled.sh.  Also
python/scripts/test_wrapper.py does something similar.  Both are
currently used only for testing purposes.

That shouldn't be necessary though if you set up the fake UID/GIDs.


> The union mounts feature looks very useful. Is there a way to access
> it from pola-run, or only though the Python API?

It's not accessible through pola-run because I couldn't think up a
command line interface that wasn't too complicated or too limited.
It's much easier to manipulate objects when you can do so directly.
But suggestions for extending the command line interface are welcome.


> Is it possible to have writes go to the lower level?

Yes, that's what the COW (copy-on-write) directory wrapper is for.
Writes go to one layer, reads can come from either layer.

It's accessible through plash.namespace.make_cow_dir().

It's slightly misnamed because the actual copy-on-write part isn't
implemented: if a file is present in the read layer, opening it for
writing is rejected.  A complete implementation would copy the file
and hand you back a file descriptor to the copy.

> Some packages will probably want to union onto /, but that shouldn't
> affect writes to /home, etc.

There's different ways you could do that.  One way is something like:

namespace = plash.namespace.Namespace()
namespace.attach_at_path("/", plash.namespace.make_union_dir(overlay_root_dir,
                                                             original_root_dir)
namespace.attach_at_path("/home", original_home_dir)

The Namespace object operates like a mount table (I should probably
rename it to reflect that).  ProcessSpecWithNamespace creates one of
these Namespaces for you.

Do you want to post the script that you have so far?

Mark