tech-kern: Re: feature request: root file system change

Subject: Re: feature request: root file system change
To: Hubert Feyrer <hubert@feyrer.de>
From: Lubomir Sedlacik <salo@Xtrmntr.org>
List: tech-kern
Date: 04/16/2005 21:23:11
--+jSQVS1cnOkN9brn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Apr 16, 2005 at 08:46:06PM +0200, Hubert Feyrer wrote:
> Looking at the pivot_root(2) manpage, I don't understand how it is
> different from chroot(2):
>=20
> ``pivot_root moves the root file system of the current process to the
> directory put_old and makes new_root the new root file system of the
> current process.''

moves, not changes.  it's roughly equivalent to:

  umount /
  mount what_was_/_fs_before /put_old
  mount new_/_fs /

> What will happen with other processes already running at that point?

"pivot_root may or may not change the current root and the current
working directory (cwd) of any processes or threads which use the old
root directory. The caller of pivot_root must ensure that processes with
root or cwd at the old root operate correctly in either case. An easy
way to ensure this is to change their root and cwd to new_root before
invoking pivot_root."

the current implementation does change it.

> Seeing that init(8) tries to be smart about getting started twice, the
> whole cgd-procedure needs to be started from there, somehow (I haven't
> looked what init(8) checks exactly to determine it's already running):
>=20
> 	miyu# chroot /usr/sandbox /sbin/init
> 	init: already running

there is no reason to run init(8) twice and i've never said i want to do
that.  the /etc/rc in md(4) would simply source /etc/rc from the new / fs
after the change.

> I've wondered about how (but never tried!) to do what you propose a few=
=20
> times, but always thought that doing something like a "chroot -c /newroot=
=20
> /bin/sh /etc/rc" or similar would be enough, esp. as NetBSD hides the old=
=20
> root, and new processes will see "/" as their root filesystem:
>=20
> 	miyu# df
> 	Filesystem  512-blocks     Used     Avail Capacity  Mounted on
> 	/dev/wd0a      6696396  5349538   1012040    84%    /
> 	/dev/wd1e    475212206 190232774 261218822    42%    /home
> 	mfs:339         387726     6728    361612     1%    /tmp
> 	kernfs               2        2         0   100%    /kern
> 	procfs               8        8         0   100%    /proc
> 	procfs               8        8         0   100%   =20
> 	/usr/pkg/emul/linux/proc
>=20
> 	miyu# chroot /usr/sandbox/
> 	# df
> 	Filesystem  512-blocks      Used     Avail Capacity  Mounted on
> 	/dev/wd0a      6696396   5349538   1012040    84%    /
> 	#

i know how chroot works.  it might be enough for sandboxes but it's a
mess for my purpose.  e.g.,

- you don't fool kernel with chroot(2), things like savecore or mount -a
  don't work properly
- after /etc/rc finishes, the shell executed from chroot(8) exits


regards,

--=20
-- Lubomir Sedlacik <salo@{NetBSD,Xtrmntr,silcnet}.org>   --

--+jSQVS1cnOkN9brn
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iD8DBQFCYWYfiwjDDlS8cmMRAkpRAJ0ZnKW+cUunG9e0S/b7/rGXGFa9uQCeKIV8
W1jcCyAzLYGYhT1nh91b4P8=
=1HIa
-----END PGP SIGNATURE-----

--+jSQVS1cnOkN9brn--