Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

RFE: --copy-up remap #256

Open
Swivelgames opened this issue Jun 4, 2021 · 3 comments
Open

RFE: --copy-up remap #256

Swivelgames opened this issue Jun 4, 2021 · 3 comments
Labels
enhancement New feature or request

Comments

@Swivelgames
Copy link

It might be useful to expand the --copy-up argument to accept syntax for remapping the source to a different destination.

For instance, my particular use-case involves chrooting on entry, but simply due to the nature of chrooting, critical directories (like /run/, /etc/, and others) are not available in the chrooted filesystem.

For additional context, my overall goal of this is to create an isolated system that can be modified without affecting the host filesystem. Specifically, I have a directory structure that mimics a Linux installation, including things like /home. I'd like changes to the user dir to be isolated to this particular directory structure, rather than having file changes/additions/deletions affecting the actual /home dir on the host system. Currently, I'm not fully aware of a way to accomplish this without creating hard-links to the directories that I want to "copy-up". I'm about to test this method, but it's also not entirely ideal.

Feature Request

Argument --copy-up could accept a syntax like: rootlesskit --copy-up=/etc:./etc. Or, a new argument that would accept this type of logic, like --map-up or something.

@Swivelgames
Copy link
Author

Swivelgames commented Jun 4, 2021

This may be more involved than simply allowing for a remapping, given the functionality of chroot. So instead, the approach may be to explore chroot-friendly functionality when used with rootlesskit? The overall ideal solution would be to abstract changes to the rootlesskit-ed system away from the host filesystem so that changes are isolated and do not ultimately affect the host. This may require a more custom solution outside of the scope of rootlesskit, but it would certainly allow for improved functionality.

For instance, I'm genuinely torn between the functionality of proot and rootlesskit. With rootlesskit, although it's appears outside of the scope of the project, I find myself handicapped due to the inability to protect the host system from changes. While proot allows for "chrooting" of images, it doesn't provide the exceptional functionality of rootlesskit, including slirp, systemd, etc...

@Swivelgames
Copy link
Author

It just occurred to me that I should be able to achieve this with a bind mount. However, adding this as a built-in capability would be particularly useful for a streamlined process. Maybe something like --bind=/etc:./etc? But, given that chrooting isn't an inherent feature built into rootlesskit, it might not make sense to implement this feature without also implementing an autochroot feature. That's probably out of scope, but again, it would be a great addition to rootlesskit for the same reasons already mentioned!

@AkihiroSuda
Copy link
Member

SGTM

@AkihiroSuda AkihiroSuda added the enhancement New feature or request label Jun 5, 2021
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants