Forum: developers
Monitor Forum | 
Start New Thread
| RE: chroot version [ Reply ] By: Bernadette Perrin-Riou on 2011-06-24 14:14 | [forum:13366] |
|
Thanks a lot. It is also a good think to clarify what we can do, what we can't , but it should be done, etc ... I will try in other messages to talk about some other files and options. If some of them could also look at all the scripts, comments them if not,etc. Bernadette |
|
| RE: chroot version [ Reply ] By: joke evers on 2011-06-23 20:32 | [forum:13364] |
|
I think -for the time being- it's very hard to produce a sound 'automated_build_from_source' chroot build-system. For FreeBSD -and many others- there is the 'ports' collection. All software needed to build a project is automatically downloaded & patched and compiled. But I quess this is way too complicated for our limited goal. Please note that the X. Gang chroot is -after 9 years- still operating 24x7 So a chroot with the latest version of pari/maxima/gnuplot/etc will probably last as long...getting close to my retirement :) I will try -but I'm not even a parttime developer- to make a new chroot. And if things go well (...) I will let you know... Joke |
|
| RE: chroot version [ Reply ] By: Bernadette Perrin-Riou on 2011-06-23 14:37 | [forum:13363] |
|
An answer of Karim Belabas (in fact, he answers to a mail Joke has sent to me, but the subject is the same.) > >Why does the "configure" script check if Pari/GP is installed ? > >It's no needed at compile time... and it makes no sense if the > >server uses a chroot... > >Besides Maxima is fairly important too. The actual requirements need to be precisely documented then, according to one of the possible scenarios : 1) building wims for a chroot bundle 2) building wims for a clean server install 3) building wims for a server update 4) building wims for a personal computer / laptop [ for testing purposes ] etc. Some of the above scenarios may not be needed and then would be explicitly forbidden / unsupported, but the prerequisites for what IS supported should be documented; if only by making 'configure' aware of the actual scenario (e.g. configure --build-chroot, etc.) and letting the configure script enforce the corresponding prerequisites. To my taste, there are currently far too many tools / scripts interacting in non-trivial, usually undocumented, ways in wims. As an occasional developper, I would very much favour a "natural selection process", where clearly inferior, duplicate, or useless legacy tools / code fragments are simply removed. As well as unneeded dependencies. > > I don't understand why anyone would prefer the never ending > >version_chaos over these obvious advantages :( No argument there, this is a very worthy goal. Provided that the chroot creation process is automated (and documented), and thus easily reproducible by any wims maintainer. It would be VERY helpful if this process would not hardwire any particular properties of the distribution used to create the chroot. The original wims-chroot built by Xiao quickly went unmaintained, then hopelessly outdated. We want to avoid that. >The permissions set by the "~/bin/setchroot" script are not ok > >The "chroot" will not work...permission denied > >The permissions should be: > >chown root:root ~/public_html/bin/ch..root > >chmod 6755 ~/public_html/bin/ch..root > >#-rwsr-sr-x This script bin/setchroot should be made part of a proper chroot build process, and cleanly separated from the rest. I originally changed it 3 months ago because it was indiscriminately being applied in the Debian package, and unacceptable in that context. My understanding at the time was that the wims-chroot distribution was dead and would not be revived. (And I had unfortunately no way to test this particular change.) Cheers, K.B. |
|
| RE: chroot version [ Reply ] By: joke evers on 2011-06-23 08:29 | [forum:13362] |
|
The compile script (or configure) assumes pari/gp to be installed. It will exit the compilation when no "gp" is found. --- if test -z "`eval echo '$'GP`"; then echo ERROR: WIMS requires Pari/GP echo Please install this package then restart configure. exit 1 fi --- On a chroot enabled server there is no need for "/usr/local/bin/gp" Besides: there is no need for Pari/gp at compile time. Even LaTex --which is needed at compile time for the the generation of math_font_images-- could be removed from the compile dependencies, if we would supply the images via svn... The precence and usability of software is already covered by the admin module. |
|
| RE: chroot version [ Reply ] By: Bernadette Perrin-Riou on 2011-06-23 07:51 | [forum:13361] |
|
You say : The latest wims-version assumes it to be obsolete... That was true b when wewrote the comment, I did not know you will propose to make another one. Of course, I will change the comment. |
|
| chroot version [ Reply ] By: joke evers on 2011-06-23 07:09 | [forum:13360] |
|
Dear wims-collegues, I would like discuss with you the importance of using a 'chroot' or 'jail' for the external software wims may adress , like latex,pari, maxima, octave ,scilab etc etc The latest wims-version assumes it to be obsolete... -a chroot is a complete functional secure execution environment , separated from the base server system. The chroot contains only the software (preferably static binaries) needed to execute the call from wims; using random user-id's for security - in the Leiden mirror we use since 2004 exclusively the chroot produced by X. Gang. This version is outdated (pari ,maxima,gnuplot ) and should be rebuild with the latest stable versions. This chroot (32bit debian based) install runs very stable on this fairly busy Leiden mirror server. Ofcourse I'm using it on our school intranet servers and personal systems. -using a chroot is not limited to linux ; all unix-like systems on which wims may be installed implement it. However I think Linux is the preferred default... -using a chroot is only usefull on real servers ; personal computers used for development could use locally installed software. The developer must ofcourse check if version related (syntax etc) changes have occured. (between the chroot version and the locally installed version) -A chroot version will give wims-module-developers the benifit of unified syntax to adress the software over a long period. Being independant of all different linux distributions... -The software installed in a chroot may even be modified to adress wims-specific needs. A source version of this stripped linux could (...) be maintained through svn -A chroot version give systems admins the ease of installing (just unpack it) So am I the only one that sees these advantages ? Kind regards, joke |
|