[systemd-devel] [PATCH 1/2] nspawn: --populate to run static binaries on empty target directory

Shawn Landden shawn at churchofgit.com
Fri Dec 13 14:54:02 PST 2013


On Tue, Dec 10, 2013 at 2:18 PM, Lennart Poettering
<lennart at poettering.net> wrote:
> On Mon, 02.12.13 09:41, Shawn Landden (shawn at churchofgit.com) wrote:
>
>>
>> On Mon, Dec 2, 2013 at 8:27 AM, Lennart Poettering
>> <lennart at poettering.net> wrote:
>> > On Sat, 30.11.13 10:20, Shawn Landden (shawn at churchofgit.com) wrote:
>> >
>> >> nspawn has been called "chroot on steroids".
>> >>
>> >> Continue that tradition by supporting target directories that
>> >> are not root directories.
>> >>
>> >> This patch handles the simple case: a static binary.
>> >
>> > Hmm, I am not sure how I feel about this. This appears a bit too
>> > specific for me, and given the requirement for static binaries this is
>> > also so limited.
>> The next patch is the series adds support for dynamic libraries. This patch
>> also doesn't need bind mounts, and it executes through /proc/self/fd/%n, but
>> support for one-file scripts and dynamic libraries in the next patch does
>> require bind mounts. I feel you don't really understand my patch. :/
>> I'll sum up what I'm doing:
>>
>> If --populate is passed, analyze the executable, which opens it and set the
>> exec path to /proc/self/fd/%n. If executable is static this is all you
>> have to do.
>>
>> If it has a shebang, analyze that. If either the shebang or executable
>> is dynamic,
>> test if the linker is the GNU linker, and if it is have the linker
>> tell use what libraries the
>> executable needs. Then bind mount the linker, shebang (if there is one), and
>> libraries into the target.
>
> But somethinglike this will never fully work,
Agreed.


More information about the systemd-devel mailing list