[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How to install guix without root permission
From: |
Ludovic Courtès |
Subject: |
Re: How to install guix without root permission |
Date: |
Sat, 07 Jan 2017 22:06:53 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
rohit yadav <address@hidden> skribis:
>
> On Fri, Jan 6, 2017 at 9:18 AM, Ludovic Courtès <address@hidden> wrote:
>
> rohit yadav <address@hidden> skribis:
>
> > Thanks for the reply. The proot (https://proot-me.github.io/) project
> > allows you to map $HOME/gnu/store to /gnu/store etc. However, where I am
> > struggling is the guixbuild users and group creation, and running guix
> > daemon.
>
> Yes, though PRoot relies on syscall interception using ptrace(2), which
> is inefficient (which may or may not be a problem, depending on the
> application).
>
> I am not greatly familiar with the lower level details of linux kernel yet.
> How lot of these useful utilities work is not clear to me. I will probably
> work on it sometime (any references?). For now, the performance
> is not an issue. However, the main issue how to create guixbuild group and
> users?
As I wrote to Tobias, it’s probably OK to use --disable-chroot (which
alleviates the need for build users) and ask PRoot to restrict file
system access to /gnu/store.
Still not as good as what you get by running guix-daemon as root
(separate UIDs, access to specific /gnu/store items), but probably “good
enough” as a first approximation.
> > I am using kernel 4+, which supports namespaces.
>
> How should I check it?
Like this:
> Yes, but some distributions compile it out or turn it off by default.
> See
>
> <http://git.savannah.gnu.org/cgit/guix.git/tree/guix/scripts/environment.scm#n517>,
> for a way to check whether user namespaces are enabled.
HTH!
Ludo’.