Bug#355898: [Buildd-tools-devel] Bug#355898: schroot: Please allow plain chroots with setup scripts not to be session managed

Roger Leigh rleigh at whinlatter.ukfsn.org
Wed Mar 8 17:39:51 UTC 2006 

Clément Stenac <zorglub at via.ecp.fr> writes:

> Since 0.2.4, "plain" chroots are session-managed if setup scripts are
> enabled. I would like either this behaviour to be configurable, or for
> "run-session" to be much easier to use.
>
> I run a set of plain schroots for which I want to 
> 1/ Run setup scripts when someone enters the chroot
> 2/ Run daemons in the chroot
>
> Session-management does not allow 2/ to be carried out, as the
> bind filesystems can't be unmounted anymore. --begin-session and
> --run-session might make this possible, but they are very clumsy to use,
> as you need to keep the session ID.
>
> Do you think the session-management-with-setup-script could be
> disableable via a command-line switch or configuration option ?

This hasn't been something I've considered during the design of
schroot, but if we can support it without trouble, I will try to.

For security reasons (schroot runs setuid root), a command-line option
to configure this would not be a good idea.  A configuration option is
a possibility, but I'm not sure yet how to fit it in cleanly.

The change was made because you can't safely run the setup scripts on
a plain chroot multiple times: you have no way of knowing when it's
safe to clean up or unmount, for example.  This is the reason why we
introduced the bind mounts, because having a separate location for
each session made this reliable.  This does have the side effect that
schroot is now a bit stricter about what is allowed, but the previous
behaviour was not strictly intended to be used in the way you are
using it, since it breaks the model for usage:

chroot setup scripts set up session
  chroot exec(session) scripts run to do set up for command
    command run in chroot
  chroot exec(session) scripts run to do clean up for command

  chroot exec(session) scripts run to do set up for command
    command run in chroot
  chroot exec(session) scripts run to do clean up for command

  ...

chroot setup scripts clean up session

By having the daemon carry on running during and after cleanup, you
are breaking it.  This is a fairly fundamental part of the design.

There are a number of possibilities here:

1) Don't run the setup scripts.  You can still run the exec scripts in
   /etc/schroot/exec.d, but it will disable the session management.

2) Modify the setup scripts.  You are free to customise them to meet
   your needs.  A complete list of variables is documented in
   sbuild-setup(5).  You can add a script to run just for particular
   chroot types, or individual chroots.

3) Write a wrapper script to start and stop the daemon.  This can do
   the session management for you, and write the session id into
   /var/run.  It can be the same as a pid file.

(3) is the easiest, and the one I'd recommend.

Which scripts do you need to run, or have you written your own?


Regards,
Roger

-- 
Roger Leigh
                Printing on GNU/Linux?  http://gutenprint.sourceforge.net/
                Debian GNU/Linux        http://www.debian.org/
                GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20060308/5bf5e9a6/attachment.pgp

More information about the Buildd-tools-devel mailing list