current-users: Re: Emulation: selecting emulation root at runtime?

Subject: Re: Emulation: selecting emulation root at runtime?
To: John Nemeth <jnemeth@victoria.tc.ca>
From: Bill Stouder-Studenmund <wrstuden@netbsd.org>
List: current-users
Date: 08/27/2007 16:24:18

--mxv5cy4qt+RJ9ypb
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Aug 24, 2007 at 02:06:14AM -0700, John Nemeth wrote:
> On Jan 14,  4:24am, =3D?ISO-8859-15?Q?Joachim_K=3DF6nig?=3D wrote:
> }=20
> } Now that pkgsrc has a powerful emulation handling infrastructure
> } I'd like to know if it is possible to have different emulation roots
> } installed in parallel (for a given emulation, e.g. linux) and select
> } the emulation root for running a foreign binary at runtime, e.g.
> } having
> }=20
> }   /emul/suse9
> }   /emul/suse10
> }   /emul/debian-sarge
> }   /emul/debian-etch
> }   ...
> }=20
> } and let the emulation root be specified at runtime, e.g. by an
> } enivronment variable (LINUX_EMUL_ROOT?). From looking
> } at the sources, this does not seem to be possible, but I might
> } have overlooked it.
> }=20
> } Would be easy to add such a functionality or is the fixed emulation root
> }  hardwired in many places?
>=20
>      Inside the kernel...  The kernel looks in /emul/<emulated OS>, so
> you would have to somehow convince the kernel to have a per binary
> emulation root.

One way you could do this would be:

1) teach the kernel about multiple emulation roots. So that say=20
/emulation/debian gets handled as if it's linux. For extra credit, make=20
sysctl defaults per root.

Yes, I said /emulation, not /emul.

You'd select such an emulation by running=20
/emulation/debian/usr/local/bin/foo.

2) Teach the magic symlink code to handle using an environment variable in=
=20
magic symlinks, and make /emul/linux be a magic symlink.

This would avoid a lot of the user-triggered security issues as root still=
=20
has to set the emulation up. Yes, you're still vunlerable to security=20
issues in the emulated OS, but you'll have that concern whenever you run=20
that OS; supporting multiple Linux distros at once won't change that.

Take care,

Bill

--mxv5cy4qt+RJ9ypb
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (NetBSD)

iD8DBQFG010hWz+3JHUci9cRAgHeAJ9X9ZoxW0zrgPaHrFmJLbOl4p5t8ACgivHZ
BERN3qZx3EbM6ija4b2lzto=
=SDMb
-----END PGP SIGNATURE-----

--mxv5cy4qt+RJ9ypb--