stgraber
commented
5 months ago There is far more than this unfortunately:
- The entire distrobuilder process runs inside of a mount namespace. That's because a lot of the distributions we build will commonly run postinst/postunpack scripts that perform bind-mounts, mount tmpfs, mount proc/sys/dev, that kind of stuff, so we use at throwable mount namespace to keep things contained.
- fakechroot/fakeroot works through LD_PRELOAD which only works on processes that use a C library, Go processes do not use a C library so they will be completely immune to fakeroot/fakechroot causing a bunch of issues
- We commonly read squashfs (squashfuse can do it), ISO (fuseiso can do it) but also ext4 (so would need fuse2fs too).
- On top of that we also produce full disk images (for VMs) which then require the ability to map partition tables (kpartx type interactions), format and write to both vfat and ext4
I think the namespace and fakeroot/fakechroot issues are going to be the biggest problem here. As that needs to handle any crazy thing arbitrary packages from arbitrary distribution can throw at out.
There are FUSE based alternatives for pretty much every filesystem we need to interact with so that part should be manageable enough.
The partition handling is a bit more problematic as you obviously can't use kpartx/losetup when unprivileged so you'd need each of the FUSE filesystems to support accessing their filesystem at an offset and then basically read the partition table, calculate the offset and pass that through.
I think this would be great if we could work without root
Currently I see these points we should adapt to rootless mode:
These points can be adapted via fakechroot, squashfuse and fuseiso
Could u review and accept my changes if I send PR with these adaptions? Without breaking changes, with new options in cli For example: distrobuilder --rootless ....