Skip to content

docs: A tip on using rootfs #104

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
danobi merged 2 commits into from
Dec 9, 2024
Merged

docs: A tip on using rootfs #104

danobi merged 2 commits into from
Dec 9, 2024

Conversation

@bjackman
Copy link
Contributor

@bjackman bjackman commented Dec 5, 2024

With this trick I've been able to use rootfs directories built using mkosi, without needing root on the host system.

I guess people who are running this via Docker etc effectively already have this in place.

@bjackman
docs: A tip on using rootfs
92bc011 
With this trick I've been able to use rootfs directories built using
[mkosi](https://github.com/systemd/mkosi), without needing root on the
host system.

I guess people who are running this via Docker etc effectively already
have this in place.
danobi
danobi reviewed Dec 5, 2024
View reviewed changes
Copy link
Owner

@danobi danobi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What error do you get otherwise? I'm trying to get a sense of whether or not vmtest could automatically do this.

Btw, might be good to hint about building images with mkosi. IMO usually useful to leave an example when leaving hints

@bjackman
Copy link
Contributor Author

bjackman commented Dec 6, 2024

What error do you get otherwise?

In my case the error is: mount: /proc: must be superuser to use mount. I guess this is because the mount is setuid but not to the root user. i did briefly try mounting root with nosuid, it didn't work but that could easily just be I did something wrong or there could be some other similar workarond.

I'm trying to get a sense of whether or not vmtest could automatically do this.

Yeah I was also thinking about this, like maybe there would be some benefit to having vmtest itself remain in the original namespace and just running QEMU in the namespace. It definitely could the question is just about should I think.

I think it would probably have to be configurable, otherwise it could cause pain for someone who wants direct control over the rootfs? I dunno though I might just be creating speculative complexity with that statement.

Btw, might be good to hint about building images with mkosi. IMO usually useful to leave an example when leaving hints

I didn't add it coz a) I don't think I can provide instructions that I'm confident will work on multiple distros and b) I think (?) mkosi is a bit of an overpowered tool for this problem, I am using it because I also want to be able to build the same thing into a disk image complete with bootloader etc for booting on HW.

Anyway, I can definitely dump what I know and an example config :) I'll do it in a separate PR to decouple.

bjackman added a commit to bjackman/vmtest that referenced this pull request Dec 6, 2024
@bjackman
docs: Add some tips on getting a rootfs
1258e2f 
danobi#104 (review)
prompted me to try an experimentm it turns out conatiner runtimes
provide a super lightweight way to produce a rootfs.

Also provide a minimal example for mkosi.

This won't work without a user namespace so I guess we shouldn't merge
this until after danobi#104 or something
simliar is in place.
@bjackman
Copy link
Contributor Author

bjackman commented Dec 6, 2024

I'll do it in a separate PR to decouple.

On 2nd thoughts, those tips aren't useful without the user namesapce so no point in decoupling.

I think (?) mkosi is a bit of an overpowered tool for this problem

Yeah, I tried an experiment and it seems an OCI container image works fine for this. I think those are incomplete systems, like I don't think they have a full systemd etc, but I guess that's not an issue for vmtest.

@bjackman
Copy link
Contributor Author

bjackman commented Dec 6, 2024
edited
Loading

CC @DaanDeMeyer :), maybe he can provide extra tips / point out potential issues

danobi
danobi reviewed Dec 6, 2024
View reviewed changes
docs/rootfs.md
Copy link
Owner

@danobi danobi Dec 6, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sweet! great doc

@DaanDeMeyer
Copy link

DaanDeMeyer commented Dec 7, 2024

The latest virtiofsd will have uid mapping built in without needing user namespaces. vmtest can use that so you don't have to mess around with namespaces since I vaguely remember reading about vmtest using virtiofsd as a library.

bjackman added a commit to bjackman/vmtest that referenced this pull request Dec 7, 2024
@bjackman
docs: Add some tips on getting a rootfs
3efce7f 
danobi#104 (review)
prompted me to try an experimentm it turns out conatiner runtimes
provide a super lightweight way to produce a rootfs.

Also provide a minimal example for mkosi.

This won't work without a user namespace so I guess we shouldn't merge
this until after danobi#104 or something
simliar is in place.
bjackman
bjackman commented Dec 7, 2024
View reviewed changes
@bjackman
docs: Add some tips on getting a rootfs
4eb83aa 
danobi#104 (review)
prompted me to try an experimentm it turns out conatiner runtimes
provide a super lightweight way to produce a rootfs.

Also provide a minimal example for mkosi.

This won't work without a user namespace so I guess we shouldn't merge
this until after danobi#104 or something
simliar is in place.
@bjackman bjackman requested a review from danobi December 9, 2024 11:20
@danobi
Copy link
Owner

danobi commented Dec 9, 2024

The latest virtiofsd will have uid mapping built in without needing user namespaces. vmtest can use that so you don't have to mess around with namespaces since I vaguely remember reading about vmtest using virtiofsd as a library.

Yep, that's being worked on in #88. Should remember to delete the hint when we merge it

@danobi danobi mentioned this pull request Dec 9, 2024
Open
@danobi danobi merged commit f4b1182 into danobi:master Dec 9, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danobi danobi danobi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bjackman @DaanDeMeyer @danobi