1. Forum
  2. Usenet
  3. LINUX.DEBIAN.DEVEL

  • Extending debspawn

    From Marc Haber@21:1/5 to All on Fri Dec 10 14:00:01 2021
    Hallo,

    debspawn is extremely handy if one just wants a container to quickly try
    stuff or to build a package in a clean environment. I especially like
    that zero infrastructure is needed: We already have systemd and that's
    all whats needed to fire up an nspawn container.

    But sometimes, one wants more than that, for example two shells in the
    same container. That's something that debspawn seems to be unable to do.

    Is there any way to fire up a pid-1-systemd isntance inside a debspawn container, so that the container could have an IP address and run its
    own sshd? Or is there any way to get a login prompt from an already
    running debspawn container?

    What magic have other people built around debspawn? Or is everybody
    using a fully-fledged docker for all non-trivial things?

    Greetings
    Marc

    -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco d'Itri@21:1/5 to Marc Haber on Fri Dec 10 17:00:01 2021
    On Dec 10, Marc Haber <mh+debian-devel@zugschlus.de> wrote:

    Is there any way to fire up a pid-1-systemd isntance inside a debspawn container, so that the container could have an IP address and run its
    own sshd? Or is there any way to get a login prompt from an already
    running debspawn container?
    I am not familiar with debspawn, but looks like this should help:

    #!/bin/sh -e

    C_NAME=$1

    if [ -z "$C_NAME" ]; then
    echo "Usage: $0 NAME"
    fi

    C_PID="$(machinectl show --property=Leader --value $C_NAME)"

    [ "$C_PID" ] || exit 1

    kill -0 $C_PID || exit 2

    exec nsenter \
    --mount --uts --ipc --net --pid --cgroup \
    --target $C_PID $SHELL

    --
    ciao,
    Marco

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQQnKUXNg20437dCfobLPsM64d7XgQUCYbN48AAKCRDLPsM64d7X gfjLAQCMfiWGMlf4JpR0PbTUFF0RyDCod0KUfGNYH8ZLKAvUOQD8D6eGW9myotvh N83aTn/stGWpe2zi1lA4WSKnw7E0Eg0=
    =2CvO
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Luca Boccassi@21:1/5 to Marc Haber on Fri Dec 10 18:20:03 2021
    On Fri, 2021-12-10 at 13:53 +0100, Marc Haber wrote:
    Hallo,

    debspawn is extremely handy if one just wants a container to quickly try stuff or to build a package in a clean environment. I especially like
    that zero infrastructure is needed: We already have systemd and that's
    all whats needed to fire up an nspawn container.

    But sometimes, one wants more than that, for example two shells in the
    same container. That's something that debspawn seems to be unable to do.

    Is there any way to fire up a pid-1-systemd isntance inside a debspawn container, so that the container could have an IP address and run its
    own sshd? Or is there any way to get a login prompt from an already
    running debspawn container?

    What magic have other people built around debspawn? Or is everybody
    using a fully-fledged docker for all non-trivial things?

    Greetings
    Marc

    Not familiar with debspawn, but nspawn (like other container managers)
    has the concept for "booting" a container or simply starting a shell in
    it (chroot on steroids).

    If debspawn is using the latter, to use the former is sufficient to
    pass --boot to nspawn - a cursory look into the manpage of debspawn
    seems to indicate it doesn't support passing forward parameters, but I
    might be wrong.

    Regarding networking, if you have networkd on the host and in the guest
    in booted mode, you also automagically get a private network bridged
    onto the host's with bells and whistles.

    Hope this helps.

    --
    Kind regards,
    Luca Boccassi

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEErCSqx93EIPGOymuRKGv37813JB4FAmGzh4kACgkQKGv37813 JB7PFw//Y7R8gQCqEPElzL0Jg93kpzd2U7+RSCrQ2m2fDhWRVwsD7jru+a8eOEA0 H/H/eGBmbHSUAC5QMyO10sAnN7b0keXVIS26v6L7rJegg89r7MiAOxns1Vw0e600 Vk9M8+9B9iSELHhGMkbVAtkYtfFcZrZjnLUcDEWUkiPUArqFXboH92tX0t8bj5oh dFqE3imuF7df77/eE5pbTVwpLcCrL4CsYI8UXD059Z0m/YjvNaPq/jKj7nqZdN6e QidyV9juy++VJ970xdh/8PrbHFsWYBWZeLs5lQ6+Q0TjyogPfmFFhiD5R4cOjSO5 cuVfrEciMFJ2lK83JTryhS8FnIcUQWk/Y7vJnKg9ZDvKocfJ0zd6K+/1MaB0Di0D IJrR6EtMj2irTMK/huc9fC9snzI4LLQQBVHxv7NaEnbZv9BCKHcWazexOXo3Rnip EsA9icxCmLn1KPbfVH9MpDguYKS+cQypUkHSyAu3iFDSmcE5UBo4xKfD7XhKdTYm o/0M574iRYV1VQkIaTQT5fNmaEy9KaXOwl+rGzd8m07YAfIBjkLm1LKSUIoMYEWK 6IVU5wu+XOCcZoiXRa714eoNdeFWDPaqgAey7RL4PW4c6E+Fblm9c+Ah9t6PMjje I1LFfuZYAn2RWnquUOCqSv2Xd3VS+HfYZyGhYJcSgGkdGThEnhU=
    =JRwb
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)