have found the sandbox script /bin/sandbox.sh and others...
Want to be able to do this to a selected folder full of sfs or a pre-created folder with the live filesystem / at the top? At least thats what I think I want?!
Moderator: Forum moderators
have found the sandbox script /bin/sandbox.sh and others...
Want to be able to do this to a selected folder full of sfs or a pre-created folder with the live filesystem / at the top? At least thats what I think I want?!
devildog wrote: Tue May 21, 2024 10:43 amfredx181 wrote: Tue May 21, 2024 9:29 am(loop-mount the main puppy .sfs and chroot in)
Code: Select all
# set path to puppy sfs SFS="/mnt/sda2/bwormp/puppy_dpupbw64_10.0.6.sfs" ### change this !
In terms of FD901 - Where is this sfs? or rather can I make one?
It's inside the initrd. Open the initrd (click / double-click on it), and you will find a file called fd64.sfs
inside.
devildog wrote: Tue May 21, 2024 11:13 amhave found the sandbox script /bin/sandbox.sh and others...
Want to be able to do this to a selected folder full of sfs or a pre-created folder with the live filesystem / at the top? At least thats what I think I want?!
sandbox.sh is to run existing installation, with already-loaded SFS, in a sandbox.
It does not pre-load a list of SFS and/or run a different version of Fatdog, although you can modify it to do so. It's not a long script, only 187 lines, including the comments.
If you want a version that have persistence, then look at /usr/bin/rw-sandbox.sh.
heres what i have so far...
error on mount...
Code: Select all
Mounting aufs with branches: /mnt/sb/sandbox=rw:/mnt/home/fd64.sfs=ro
mount: /mnt/sb/fakeroot: wrong fs type, bad option, bad superblock on aufs, missing codepage or helper program, or other error.
dmesg(1) may have more information after failed mount system call.
Failed to mount sandbox aufs
#
Sandbox script edited...
Code: Select all
#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# puppy test/compilation sandbox
# this version uses tmpfs instead of an rw image,
# and you can also choose which SFS to use
# run this from terminal.
# version 4 - replace sed with awk - more powerful and more correct, will handle all oddball cases
# where loop-N and pup_ro-N numbers don't match
# version 5 - add compatibility when running with pup_rw=tmpfs (step 2.a)
# version 6 - (2012) adapted to be more flexible - for Fatdog64 600
# version 7 - (2012) cleanup mounts if if we are killed
# version 8 - (2013) re-launch in terminal if we aren't in terminal
# version 9 - (2013) enable running multiple sandboxes
# version 10 - (2015) use pid/mount namespaces if available
# version 11 - (2017) use dumb-init if available, support command from arguments
# version 12 - (2020) env NO_NS=1 don't use namespace, chroot only
# 0. directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT=/mnt/sb
FAKEROOT=$SANDBOX_ROOT/fakeroot # mounted chroot location of sandbox - ie, the fake root
SANDBOX_TMPFS=$SANDBOX_ROOT/sandbox # mounted rw location of tmpfs used for sandbox
SANDBOX_ID=
TMPFILE=$(mktemp -p /tmp)
#NO_NS=1 # don't user namespace, chroot only
# umount all if we are accidentally killed
trap 'umountall' 1
umountall() {
{
umount -l $FAKEROOT/$SANDBOX_TMPFS
umount -l $FAKEROOT/tmp
umount -l $FAKEROOT/proc
umount -l $FAKEROOT/sys
umount -l $FAKEROOT/dev/pts $FAKEROOT/dev/shm $FAKEROOT/dev
umount -l $FAKEROOT
umount -l $SANDBOX_TMPFS
rmdir $FAKEROOT
rmdir $SANDBOX_TMPFS
} 2> /dev/null
}
die() {
echo "$1"
exit 1
}
# 0.1 must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."
# 0.2 cannot launch sandbox within sandbox
grep -q $SANDBOX_ROOT /sys/fs/aufs/$AUFS_ROOT_ID/br0 &&
die "Cannot launch sandbox within sandbox."
# 0.3 help
case "$1" in
--help|-h)
echo "Usage: ${0##*/} [cmd [args]]"
echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
exit
esac
# 0.4 if not running from terminal but in Xorg, then launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec $XTERM -e "$0" "$@"
! [ -t 0 ] && exit
# 0.5 is this the first sandbox? If not, then create another name for mountpoints
if grep -q $FAKEROOT /proc/mounts; then
FAKEROOT=$(mktemp -d -p $SANDBOX_ROOT ${FAKEROOT##*/}.XXXXXXX)
SANDBOX_ID=".${FAKEROOT##*.}"
SANDBOX_TMPFS=$SANDBOX_ROOT/${SANDBOX_TMPFS##*/}${SANDBOX_ID}
rmdir $FAKEROOT
fi
# 1. get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(
awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts
)
# 2. detect SFS files and add them to items
items=$(ls /mnt/home/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')
# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
--checklist "Choose which SFS you want to use" 0 60 10 $items 2> $TMPFILE
chosen="$(cat $TMPFILE)"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."
# 4. convert chosen SFS to robranches
robranches=""
for a in $chosen; do
robranches=$robranches:$a=ro
done
rm $TMPFILE
# 5. make the mountpoints if not exist yet
mkdir -p $FAKEROOT $SANDBOX_TMPFS $FAKEROOT/etc $FAKEROOT/dev $FAKEROOT/sys $FAKEROOT/proc $FAKEROOT/tmp
# 6. do the magic - mount the tmpfs first, and then the rest with aufs
if mount -t tmpfs none $SANDBOX_TMPFS; then
echo "Mounting aufs with branches: $SANDBOX_TMPFS=rw$robranches"
if mount -t aufs -o "br:$SANDBOX_TMPFS=rw$robranches" aufs $FAKEROOT; then
# 7. record our new aufs-root-id so tools don't hack real filesystem
SANDBOX_AUFS_ID=$(grep $FAKEROOT /proc/mounts | sed 's/.*si=/si_/; s/ .*//') #'
sed -i -e '/AUFS_ROOT_ID/ d' $FAKEROOT/etc/BOOTSTATE 2> /dev/null
echo AUFS_ROOT_ID=$SANDBOX_AUFS_ID >> $FAKEROOT/etc/BOOTSTATE
else
umount $SANDBOX_TMPFS
die "Failed to mount sandbox aufs"
fi
else
die "Failed to mount sandbox tmpfs"
fi
# 8. sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p $FAKEROOT/$SANDBOX_TMPFS
mount -o bind $SANDBOX_TMPFS $FAKEROOT/$SANDBOX_TMPFS # so we can access it within the sandbox
mount -o rbind /dev $FAKEROOT/dev
mount -t sysfs none $FAKEROOT/sys
mount -t proc none $FAKEROOT/proc
mount -o bind /tmp $FAKEROOT/tmp
# 9. optional copy, to enable running sandbox-ed xwin
cp /usr/share/sandbox/* $FAKEROOT/usr/bin 2> /dev/null
# 10. make sure we identify ourself as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'${SANDBOX_ID}'# "' >> $FAKEROOT/etc/shinit #fatdog 600
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'${SANDBOX_ID}'# "/' $FAKEROOT/etc/profile.local 2> /dev/null #fatdog 700
# 11. run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo
if [ "$NO_NS" ] || ! command -v unshare 2>&1 > /dev/null ; then
echo "Warning: sandbox runs chroot-only mode; if this does not work, check your"
echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
echo
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo
chroot $FAKEROOT ${@:-sh}
else
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo
if command -v dumb-init > /dev/null; then
dumb-init unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
else
unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
fi
fi
umountall
What am i doing wrong on the sfs mount?
A little closer ...
Code: Select all
#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# Puppy test/compilation sandbox
# Uses tmpfs instead of an rw image, allows choosing which SFS to use
# Run this from the terminal.
# Version 12 - (2020) env NO_NS=1 don't use namespace, chroot only
# 0. Directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT=/mnt/sb
FAKEROOT=$SANDBOX_ROOT/fakeroot # Mounted chroot location of sandbox - fake root
SANDBOX_TMPFS=$SANDBOX_ROOT/sandbox # Mounted rw location of tmpfs used for sandbox
SANDBOX_ID=
TMPFILE=$(mktemp -p /tmp)
# Clean up mounts if we are accidentally killed
trap 'umountall' 1
umountall() {
{
umount -l $FAKEROOT/$SANDBOX_TMPFS
umount -l $FAKEROOT/tmp
umount -l $FAKEROOT/proc
umount -l $FAKEROOT/sys
umount -l $FAKEROOT/dev/pts $FAKEROOT/dev/shm $FAKEROOT/dev
umount -l $FAKEROOT
umount -l $SANDBOX_TMPFS
rmdir $FAKEROOT
rmdir $SANDBOX_TMPFS
} 2> /dev/null
}
die() {
echo "$1"
exit 1
}
# 0.1 Must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."
# 0.2 Cannot launch sandbox within sandbox
grep -q $SANDBOX_ROOT /sys/fs/aufs/$AUFS_ROOT_ID/br0 &&
die "Cannot launch sandbox within sandbox."
# 0.3 Help
case "$1" in
--help|-h)
echo "Usage: ${0##*/} [cmd [args]]"
echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
exit
esac
# 0.4 If not running from terminal but in Xorg, launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec $XTERM -e "$0" "$@"
! [ -t 0 ] && exit
# 0.5 Is this the first sandbox? If not, create another name for mountpoints
if grep -q $FAKEROOT /proc/mounts; then
FAKEROOT=$(mktemp -d -p $SANDBOX_ROOT ${FAKEROOT##*/}.XXXXXXX)
SANDBOX_ID=".${FAKEROOT##*.}"
SANDBOX_TMPFS=$SANDBOX_ROOT/${SANDBOX_TMPFS##*/}${SANDBOX_ID}
rmdir $FAKEROOT
fi
# 1. Get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(
awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts
)
# 2. Detect SFS files and add them to items
items=$(ls /mnt/sda4/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')
# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
--checklist "Choose which SFS you want to use" 0 60 10 $items 2> $TMPFILE
chosen="$(cat $TMPFILE)"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."
# 4. Convert chosen SFS to robranches
robranches=""
for a in $chosen; do
# robranches="$robranches:$a=ro"
robranches="$robranches$a"
done
rm $TMPFILE
# 5. Make the mountpoints if not exist yet
mkdir -p $FAKEROOT $SANDBOX_TMPFS $FAKEROOT/etc $FAKEROOT/dev $FAKEROOT/sys $FAKEROOT/proc $FAKEROOT/tmp
# 6. Mount the tmpfs first, and then the rest with aufs
if mount -t tmpfs none $SANDBOX_TMPFS; then
# echo "Mounting aufs with branches: $SANDBOX_TMPFS=rw$robranches"
echo "Mounting .sfs $SANDBOX_TMPFS $robranches"
# if mount -t aufs -o "br:$SANDBOX_TMPFS=rw$robranches" aufs $FAKEROOT; then
if mount -o loop "$robranches" $FAKEROOT; then
# 7. Record our new aufs-root-id so tools don't hack real filesystem
SANDBOX_AUFS_ID=$(grep $FAKEROOT /proc/mounts | sed 's/.*si=/si_/; s/ .*//') #'
sed -i -e '/AUFS_ROOT_ID/ d' $FAKEROOT/etc/BOOTSTATE 2> /dev/null
echo AUFS_ROOT_ID=$SANDBOX_AUFS_ID >> $FAKEROOT/etc/BOOTSTATE
else
umount $SANDBOX_TMPFS
die "Failed to mount sandbox aufs"
fi
else
die "Failed to mount sandbox tmpfs"
fi
# 8. Sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p $FAKEROOT/$SANDBOX_TMPFS
mount -o bind $SANDBOX_TMPFS $FAKEROOT/$SANDBOX_TMPFS # So we can access it within the sandbox
mount -o rbind /dev $FAKEROOT/dev
mount -t sysfs none $FAKEROOT/sys
mount -t proc none $FAKEROOT/proc
mount -o bind /tmp $FAKEROOT/tmp
# 9. Optional copy, to enable running sandbox-ed xwin
cp /usr/share/sandbox/* $FAKEROOT/usr/bin 2> /dev/null
# 10. Identify ourselves as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'${SANDBOX_ID}'# "' >> $FAKEROOT/etc/shinit # Fatdog 600
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'${SANDBOX_ID}'# "/' $FAKEROOT/etc/profile.local 2> /dev/null # Fatdog 700
# 11. Run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo
if [ "$NO_NS" ] || ! command -v unshare 2>&1 > /dev/null ; then
echo "Warning: sandbox runs chroot-only mode; if this does not work, check your"
echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
echo
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo
chroot $FAKEROOT ${@:-sh}
else
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo
if command -v dumb-init > /dev/null; then
dumb-init unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
else
unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
fi
fi
umountall
error messages ...
Code: Select all
# Mounting .sfs /mnt/sb/sandbox.MjBv1pX /mnt/sda4/fd64.sfs
mount: /mnt/sb/fakeroot.MjBv1pX: WARNING: source write-protected, mounted read-only.
./lunchbox.sh: line 103: /mnt/sb/fakeroot.MjBv1pX/etc/BOOTSTATE: Read-only file system
mkdir: cannot create directory ‘/mnt/sb/fakeroot.MjBv1pX//mnt/sb’: Read-only file system
mount: /mnt/sb/fakeroot.MjBv1pX//mnt/sb/sandbox.MjBv1pX: mount point does not exist.
dmesg(1) may have more information after failed mount system call.
./lunchbox.sh: line 124: /mnt/sb/fakeroot.MjBv1pX/etc/shinit: Read-only file system
sandbox will start now - exit from the shell to leave the sandbox.
sh: cannot set terminal process group (-1): Inappropriate ioctl for device
sh: no job control in this shell
#
Here's the error the code below produces.
Clearly the paths are out, will isolate the exact spots where these are generated and hack them back.
Keep thinking there must be a better way but dont want full virtualisation (bad bad laptop here no virt settings in the bios).
: )
Code: Select all
#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# Puppy test/compilation sandbox
# Uses tmpfs instead of an rw image, allows choosing which SFS to use
# Run this from the terminal.
# Version 12 - (2020) env NO_NS=1 don't use namespace, chroot only
# 0. Directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT=/mnt/sb
FAKEROOT=$SANDBOX_ROOT/fakeroot # Mounted chroot location of sandbox - fake root
SANDBOX_TMPFS=$SANDBOX_ROOT/sandbox # Mounted rw location of tmpfs used for sandbox
SANDBOX_ID=
TMPFILE=$(mktemp -p /tmp)
# Clean up mounts if we are accidentally killed
trap 'umountall' 1
umountall() {
{
umount -l $FAKEROOT/$SANDBOX_TMPFS
umount -l $FAKEROOT/tmp
umount -l $FAKEROOT/proc
umount -l $FAKEROOT/sys
umount -l $FAKEROOT/dev/pts $FAKEROOT/dev/shm $FAKEROOT/dev
umount -l $FAKEROOT
umount -l $SANDBOX_TMPFS
rmdir $FAKEROOT
rmdir $SANDBOX_TMPFS
} 2> /dev/null
}
die() {
echo "$1"
exit 1
}
# 0.1 Must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."
# 0.2 Cannot launch sandbox within sandbox
grep -q $SANDBOX_ROOT /sys/fs/aufs/$AUFS_ROOT_ID/br0 &&
die "Cannot launch sandbox within sandbox."
# 0.3 Help
case "$1" in
--help|-h)
echo "Usage: ${0##*/} [cmd [args]]"
echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
exit
esac
# 0.4 If not running from terminal but in Xorg, launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec $XTERM -e "$0" "$@"
! [ -t 0 ] && exit
# 0.5 Is this the first sandbox? If not, create another name for mountpoints
if grep -q $FAKEROOT /proc/mounts; then
FAKEROOT=$(mktemp -d -p $SANDBOX_ROOT ${FAKEROOT##*/}.XXXXXXX)
SANDBOX_ID=".${FAKEROOT##*.}"
SANDBOX_TMPFS=$SANDBOX_ROOT/${SANDBOX_TMPFS##*/}${SANDBOX_ID}
rmdir $FAKEROOT
fi
# 1. Get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(
awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts
)
# 2. Detect SFS files and add them to items
items=$(ls /mnt/sda4/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')
# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
--checklist "Choose which SFS you want to use" 0 60 10 $items 2> $TMPFILE
chosen="$(cat $TMPFILE)"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."
# 4. Convert chosen SFS to robranches
robranches=""
for a in $chosen; do
# robranches="$robranches:$a=ro"
robranches="$robranches$a"
done
rm $TMPFILE
# 5. Make the mountpoints if not exist yet
mkdir -p $FAKEROOT $SANDBOX_TMPFS $FAKEROOT/etc $FAKEROOT/dev $FAKEROOT/sys $FAKEROOT/proc $FAKEROOT/tmp
# 6. Mount the tmpfs first, and then the rest with aufs
if mount -t tmpfs none $SANDBOX_TMPFS; then
# echo "Mounting aufs with branches: $SANDBOX_TMPFS=rw$robranches"
echo "Mounting .sfs $SANDBOX_TMPFS $robranches"
# if mount -t aufs -o "br:$SANDBOX_TMPFS=rw$robranches" aufs $FAKEROOT; then
if mount -o loop "$robranches" $FAKEROOT; then
# 7. Record our new aufs-root-id so tools don't hack real filesystem
SANDBOX_AUFS_ID=$(grep $FAKEROOT /proc/mounts | sed 's/.*si=/si_/; s/ .*//') #'
sed -i -e '/AUFS_ROOT_ID/ d' $FAKEROOT/etc/BOOTSTATE 2> /dev/null
echo AUFS_ROOT_ID=$SANDBOX_AUFS_ID >> $FAKEROOT/etc/BOOTSTATE
else
umount $SANDBOX_TMPFS
die "Failed to mount sandbox aufs"
fi
else
die "Failed to mount sandbox tmpfs"
fi
# 8. Sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p $FAKEROOT/$SANDBOX_TMPFS
mount -o bind $SANDBOX_TMPFS $FAKEROOT/$SANDBOX_TMPFS # So we can access it within the sandbox
mount -o rbind /dev $FAKEROOT/dev
mount -t sysfs none $FAKEROOT/sys
mount -t proc none $FAKEROOT/proc
mount -o bind /tmp $FAKEROOT/tmp
# 9. Optional copy, to enable running sandbox-ed xwin
cp /usr/share/sandbox/* $FAKEROOT/usr/bin 2> /dev/null
# 10. Identify ourselves as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'${SANDBOX_ID}'# "' >> $FAKEROOT/etc/shinit # Fatdog 600
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'${SANDBOX_ID}'# "/' $FAKEROOT/etc/profile.local 2> /dev/null # Fatdog 700
# 11. Run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo
if [ "$NO_NS" ] || ! command -v unshare 2>&1 > /dev/null ; then
echo "Warning: sandbox runs chroot-only mode; if this does not work, check your"
echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
echo
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo
chroot $FAKEROOT ${@:-sh}
else
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo
if command -v dumb-init > /dev/null; then
dumb-init unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
else
unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
fi
fi
umountall
Ok seems to be selecting sfs and removing the constructed mounts after running.
There remains a technical issue re. read only mounts / aufs that I admit to not understanding.
The segfault must relate to missing bits of the chroot environment that I have not supplied.
Code does seem to half work under a ram session, but under a savefile we get the output below.
" check your boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox) " have tried this [TAB on the fd loader allows boot parms but no difference with "nocopy"].
The script below is not intended for use.
Code: Select all
#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# Puppy test/compilation sandbox
# Uses tmpfs instead of an rw image, allows choosing which SFS to use
# Run this from the terminal.
# Version 12 - (2020) env NO_NS=1 don't use namespace, chroot only
# 0. Directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT="/mnt/sb"
FAKEROOT="$SANDBOX_ROOT/fakeroot" # Mounted chroot location of sandbox - fake root
SANDBOX_TMPFS="$SANDBOX_ROOT/sandbox" # Mounted rw location of tmpfs used for sandbox
SANDBOX_ID=""
TMPFILE=$(mktemp -p /tmp)
# Debug prints to verify paths
echo "FAKEROOT: $FAKEROOT"
echo "SANDBOX_TMPFS: $SANDBOX_TMPFS"
# Clean up mounts if we are accidentally killed
trap 'umountall' 1
umountall() {
{
echo "Unmounting $FAKEROOT$SANDBOX_TMPFS"
echo "Unmounting $FAKEROOT"
umount -l "$FAKEROOT$SANDBOX_TMPFS"
umount -l "$FAKEROOT/tmp"
umount -l "$FAKEROOT/proc"
umount -l "$FAKEROOT/sys"
umount -l "$FAKEROOT/dev/pts" "$FAKEROOT/dev/shm" "$FAKEROOT/dev"
umount -l "$FAKEROOT"
umount -l "$SANDBOX_TMPFS"
rmdir "$FAKEROOT"
rmdir "$SANDBOX_TMPFS"
echo "UNMOUNTED! by unmountall"
sleep 5
} 2> /dev/null
}
die() {
echo "$1"
exit 1
}
# 0.1 Must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."
# 0.2 Cannot launch sandbox within sandbox
grep -q "$SANDBOX_ROOT" /sys/fs/aufs/$AUFS_ROOT_ID/br0 && die "Cannot launch sandbox within sandbox."
# 0.3 Help
case "$1" in
--help|-h)
echo "Usage: ${0##*/} [cmd [args]]"
echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
exit
esac
# 0.4 If not running from terminal but in Xorg, launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec "$XTERM" -e "$0" "$@"
! [ -t 0 ] && exit
# 0.5 Is this the first sandbox? If not, create another name for mountpoints
if grep -q "$FAKEROOT" /proc/mounts; then
FAKEROOT=$(mktemp -d -p "$SANDBOX_ROOT" "${FAKEROOT##*/}.XXXXXXX")
SANDBOX_ID=".$(basename "$FAKEROOT")"
SANDBOX_TMPFS="$SANDBOX_ROOT/sandbox$SANDBOX_ID"
rmdir "$FAKEROOT"
fi
# 1. Get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts)
# 2. Detect SFS files and add them to items
items=$(ls /mnt/sda4/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')
# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
--checklist "Choose which SFS you want to use" 0 60 10 $items 2> "$TMPFILE"
chosen="$(cat "$TMPFILE")"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."
# 4. Convert chosen SFS to robranches
robranches=""
for a in $chosen; do
robranches="$robranches $a"
done
rm "$TMPFILE"
# 5. Make the mountpoints if not exist yet
mkdir -p "$FAKEROOT" "$SANDBOX_TMPFS" "$FAKEROOT/etc" "$FAKEROOT/dev" "$FAKEROOT/sys" "$FAKEROOT/proc" "$FAKEROOT/tmp"
# Check if the directories are writable
if [ ! -w "$FAKEROOT/etc" ] || [ ! -w "$FAKEROOT/dev" ] || [ ! -w "$FAKEROOT/sys" ] || [ ! -w "$FAKEROOT/proc" ] || [ ! -w "$FAKEROOT/tmp" ]; then
die "Error: One or more necessary directories are not writable. Please check the file system permissions."
fi
# 6.0 Remount chroot filesystem as read-write
ls -ld "$FAKEROOT"
mount -o remount,rw "$FAKEROOT"
echo "Remounted $FAKEROOT as read-write"
# 6.1 Mount each selected SFS file
for sfs_file in $chosen; do
if mount -o loop "$sfs_file" "$FAKEROOT"; then
echo "Mounted $sfs_file to $FAKEROOT"
else
die "Failed to mount $sfs_file to $FAKEROOT"
fi
done
# 8. Sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p "$FAKEROOT$SANDBOX_TMPFS" # Fix path concatenation here
mount -o bind "$SANDBOX_TMPFS" "$FAKEROOT$SANDBOX_TMPFS" # So we can access it within the sandbox
mount -o rbind /dev "$FAKEROOT/dev"
mount -t sysfs none "$FAKEROOT/sys"
mount -t proc none "$FAKEROOT/proc"
mount -o bind /tmp "$FAKEROOT/tmp"
# 9. Optional copy, to enable running sandbox-ed xwin
cp /usr/share/sandbox/* "$FAKEROOT/usr/bin" 2> /dev/null
# 10. Identify ourselves as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'"${SANDBOX_ID}"'# "'
echo -e '\nexport PS1="sandbox'"${SANDBOX_ID}"'# "' >> "$FAKEROOT/etc/shinit"
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'"${SANDBOX_ID}"'# "/' "$FAKEROOT/etc/profile.local" 2> /dev/null
# 11. Run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo "[the vasty deep awaits ye] ... "
if [ "$NO_NS" ] || ! command -v unshare > /dev/null 2>&1; then
echo "Warning: sandbox runing in chroot-mode; if this does not work, check your"
echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
echo
echo "sandbox will start now - exit from the shell to leave the sandbox."
echo "chroot $FAKEROOT ${@:-sh} [in 5 seconds...]"
echo
sleep 5
chroot "$FAKEROOT" "${@:-sh}"
sleep 5
umount -l "$FAKEROOT"
rm -R "$FAKEROOT"
else
echo "Notice: sandbox will try to run in a namespace ... "
echo " ... if this does not work it's your business not ours!"
echo
if command -v dumb-init > /dev/null; then
dumb-init unshare -pf --mount-proc chroot "$FAKEROOT" "${@:-sh}"
else
unshare -pf --mount-proc chroot "$FAKEROOT" "${@:-sh}"
fi
fi
echo
echo "UNMOUNT! in 10 seconds..."
sleep 10
umountall
echo "Done."
sleep 10
... output ...
Code: Select all
# NO_NS=1 bash -x ./lunchbox4.sh /bin/bash
+ . /etc/BOOTSTATE
++ GENUINE_FATDOG_INITRD=true
++ AUFS_ROOT=/aufs
++ BASELINE_MOUNT=/aufs/pup_init
++ MODULE_SFS_MOUNT=/aufs/kernel-modules
++ SAVE_DEV_PROTO=/aufs/devsave
++ SAVEFILE_PROTO=/fd64save.ext4
++ MULTI_PREFIX=multi-
++ BASE_SFS_MOUNT=/aufs/pup_ro
++ SAVEFILE_MOUNT=/aufs/pup_save
++ SAVE_DEV_MOUNT=/aufs/devsave
++ BASE_SFS_PATH=/fd64.sfs
++ SAVEFILE_PATH=fd64save-20240521
++ SAVEFILE_DEVICE=/dev/sda4
++ SAVEFILE_BIND=true
++ AUFS_ROOT_ID=si_d838a1a5bf16dcd7
+ '[' '' ']'
+ XTERM=defaultterm
+ SANDBOX_ROOT=/mnt/sb
+ FAKEROOT=/mnt/sb/fakeroot
+ SANDBOX_TMPFS=/mnt/sb/sandbox
+ SANDBOX_ID=
++ mktemp -p /tmp
+ TMPFILE=/tmp/tmp.DXqjz3TxIs
+ echo 'FAKEROOT: /mnt/sb/fakeroot'
FAKEROOT: /mnt/sb/fakeroot
+ echo 'SANDBOX_TMPFS: /mnt/sb/sandbox'
SANDBOX_TMPFS: /mnt/sb/sandbox
+ trap umountall 1
++ id -u
+ '[' 0 -ne 0 ']'
+ grep -q /mnt/sb /sys/fs/aufs/si_d838a1a5bf16dcd7/br0
+ case "$1" in
+ '[' -t 0 ']'
+ '[' -t 0 ']'
+ grep -q /mnt/sb/fakeroot /proc/mounts
+ '[' -z si_d838a1a5bf16dcd7 ']'
++ ls /mnt/sda4/32bit-fd64_813.sfs /mnt/sda4/32bit-fd64_901.sfs /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs /mnt/sda4/fd64-devx_813.sfs /mnt/sda4/fd64-devx_901.sfs /mnt/sda4/fd64.sfs /mnt/sda4/google-earth-2019.02.sfs /mnt/sda4/kernel-source-5.19.14.sfs /mnt/sda4/kernel-source-6.1.46.sfs /mnt/sda4/signal-6.20.0.sfs /mnt/sda4/wine-7.11-i686-1.sfs /mnt/sda4/wine-8.6-i686-1.sfs /mnt/sda4/xfce-4.18-x86_64.sfs /mnt/sda4/zoom-5.15.3-x86_64.sfs
++ awk '{print $0, "[ ]"}'
+ items='/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
/mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ ]
/mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ ]
/mnt/sda4/fd64-devx_813.sfs [ ]
/mnt/sda4/fd64-devx_901.sfs [ ]
/mnt/sda4/fd64.sfs [ ]
/mnt/sda4/google-earth-2019.02.sfs [ ]
/mnt/sda4/kernel-source-5.19.14.sfs [ ]
/mnt/sda4/kernel-source-6.1.46.sfs [ ]
/mnt/sda4/signal-6.20.0.sfs [ ]
/mnt/sda4/wine-7.11-i686-1.sfs [ ]
/mnt/sda4/wine-8.6-i686-1.sfs [ ]
/mnt/sda4/xfce-4.18-x86_64.sfs [ ]
/mnt/sda4/zoom-5.15.3-x86_64.sfs [ ]'
+ '[' -z '/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
/mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ ]
/mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ ]
/mnt/sda4/fd64-devx_813.sfs [ ]
/mnt/sda4/fd64-devx_901.sfs [ ]
/mnt/sda4/fd64.sfs [ ]
/mnt/sda4/google-earth-2019.02.sfs [ ]
/mnt/sda4/kernel-source-5.19.14.sfs [ ]
/mnt/sda4/kernel-source-6.1.46.sfs [ ]
/mnt/sda4/signal-6.20.0.sfs [ ]
/mnt/sda4/wine-7.11-i686-1.sfs [ ]
/mnt/sda4/wine-8.6-i686-1.sfs [ ]
/mnt/sda4/xfce-4.18-x86_64.sfs [ ]
/mnt/sda4/zoom-5.15.3-x86_64.sfs [ ]' ']'
+ dialog --separate-output --backtitle 'tmpfs sandbox' --title 'sandbox config' --checklist 'Choose which SFS you want to use' 0 60 10 /mnt/sda4/32bit-fd64_813.sfs '[' ']' /mnt/sda4/32bit-fd64_901.sfs '[' ']' /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs '[' ']' /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs '[' ']' /mnt/sda4/fd64-devx_813.sfs '[' ']' /mnt/sda4/fd64-devx_901.sfs '[' ']' /mnt/sda4/fd64.sfs '[' ']' /mnt/sda4/google-earth-2019.02.sfs '[' ']' /mnt/sda4/kernel-source-5.19.14.sfs '[' ']' /mnt/sda4/kernel-source-6.1.46.sfs '[' ']' /mnt/sda4/signal-6.20.0.sfs '[' ']' /mnt/sda4/wine-7.11-i686-1.sfs '[' ']' /mnt/sda4/wine-8.6-i686-1.sfs '[' ']' /mnt/sda4/xfce-4.18-x86_64.sfs '[' ']' /mnt/sda4/zoom-5.15.3-x86_64.sfs '[' ']'
tmpfs sandbox
──────────────────────────────────────────────────────────────────────────────
┌─────────────────────sandbox config───────────────────────┐
│ Choose which SFS you want to use │
│ ┌──────────────────────────────────────────────────────┐ │
│ │[ ] /mnt/sda4/32bit-fd64_813.sfs [ │ │
│ │[ ] /mnt/sda4/32bit-fd64_901.sfs [ │ │
│ │[ ] /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ │ │
│ │[ ] /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ │ │
│ │[ ] /mnt/sda4/fd64-devx_813.sfs [ │ │
│ │[ ] /mnt/sda4/fd64-devx_901.sfs [ │ │
│ │[*] /mnt/sda4/fd64.sfs [ │ │
│ │[ ] /mnt/sda4/google-earth-2019.02.sfs [ │ │
│ │[ ] /mnt/sda4/kernel-source-5.19.14.sfs [ │ │
│ │[ ] /mnt/sda4/kernel-source-6.1.46.sfs [ │ │
│ │[ ] /mnt/sda4/signal-6.20.0.sfs [ │ │
│ └────↓(+)──────────────────────────────────────73%─────┘ │
├──────────────────────────────────────────────────────────┤
│ < OK > <Cancel> │
└──────────────────────────────────────────────────────────┘
++ cat /tmp/tmp.DXqjz3TxIs
+ chosen=/mnt/sda4/fd64.sfs
+ clear
+ '[' -z /mnt/sda4/fd64.sfs ']'
+ robranches=
+ for a in $chosen
+ robranches=' /mnt/sda4/fd64.sfs'
+ rm /tmp/tmp.DXqjz3TxIs
+ mkdir -p /mnt/sb/fakeroot /mnt/sb/sandbox /mnt/sb/fakeroot/etc /mnt/sb/fakeroot/dev /mnt/sb/fakeroot/sys /mnt/sb/fakeroot/proc /mnt/sb/fakeroot/tmp
+ '[' '!' -w /mnt/sb/fakeroot/etc ']'
+ '[' '!' -w /mnt/sb/fakeroot/dev ']'
+ '[' '!' -w /mnt/sb/fakeroot/sys ']'
+ '[' '!' -w /mnt/sb/fakeroot/proc ']'
+ '[' '!' -w /mnt/sb/fakeroot/tmp ']'
+ ls -ld /mnt/sb/fakeroot
drwxr-xr-x 7 root root 4096 May 22 21:26 /mnt/sb/fakeroot
+ mount -o remount,rw /mnt/sb/fakeroot
mount: /mnt/sb/fakeroot: mount point not mounted or bad option.
dmesg(1) may have more information after failed mount system call.
+ echo 'Remounted /mnt/sb/fakeroot as read-write'
Remounted /mnt/sb/fakeroot as read-write
+ for sfs_file in $chosen
+ mount -o loop /mnt/sda4/fd64.sfs /mnt/sb/fakeroot
+ echo 'Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot'
Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot
+ mkdir -p /mnt/sb/fakeroot/mnt/sb/sandbox
mkdir: cannot create directory ‘/mnt/sb/fakeroot/mnt/sb’: Read-only file system
+ mount -o bind /mnt/sb/sandbox /mnt/sb/fakeroot/mnt/sb/sandbox
mount: /mnt/sb/fakeroot/mnt/sb/sandbox: mount point does not exist.
dmesg(1) may have more information after failed mount system call.
+ mount -o rbind /dev /mnt/sb/fakeroot/dev
+ mount -t sysfs none /mnt/sb/fakeroot/sys
+ mount -t proc none /mnt/sb/fakeroot/proc
+ mount -o bind /tmp /mnt/sb/fakeroot/tmp
+ cp /usr/share/sandbox/lxc /usr/share/sandbox/wmexit /usr/share/sandbox/xwin /mnt/sb/fakeroot/usr/bin
+ echo -e '\nexport PS1="sandbox# "'
export PS1="sandbox# "
+ echo -e '\nexport PS1="sandbox# "'
./lunchbox4.sh: line 131: /mnt/sb/fakeroot/etc/shinit: Read-only file system
+ sed -i -e '/^PS1/ s/^.*$/PS1="sandbox# "/' /mnt/sb/fakeroot/etc/profile.local
+ echo '[the vasty deep awaits ye] ... '
[the vasty deep awaits ye] ...
+ '[' 1 ']'
+ echo 'Warning: sandbox runing in chroot-mode; if this does not work, check your'
Warning: sandbox runing in chroot-mode; if this does not work, check your
+ echo 'boot parameters (you may need to boot with '\''pfix=nocopy'\'' in order to use sandbox)'
boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)
+ echo
+ echo 'sandbox will start now - exit from the shell to leave the sandbox.'
sandbox will start now - exit from the shell to leave the sandbox.
+ echo 'chroot /mnt/sb/fakeroot /bin/bash [in 5 seconds...]'
chroot /mnt/sb/fakeroot /bin/bash [in 5 seconds...]
+ echo
+ sleep 5
+ chroot /mnt/sb/fakeroot /bin/bash
./lunchbox4.sh: line 161: 14077 Segmentation fault chroot "$FAKEROOT" "${@:-sh}"
+ sleep 5
+ umount -l /mnt/sb/fakeroot
+ rm -R /mnt/sb/fakeroot
+ echo
+ echo 'UNMOUNT! in 10 seconds...'
UNMOUNT! in 10 seconds...
+ sleep 10
+ umountall
Unmounting /mnt/sb/fakeroot/mnt/sb/sandbox
Unmounting /mnt/sb/fakeroot
UNMOUNTED! by unmountall
+ echo Done.
Done.
+ sleep 10
#
output in namespace mode...
Code: Select all
# bash -x ./lunchbox4.sh /bin/bash
+ . /etc/BOOTSTATE
++ GENUINE_FATDOG_INITRD=true
++ AUFS_ROOT=/aufs
++ BASELINE_MOUNT=/aufs/pup_init
++ MODULE_SFS_MOUNT=/aufs/kernel-modules
++ SAVE_DEV_PROTO=/aufs/devsave
++ SAVEFILE_PROTO=/fd64save.ext4
++ MULTI_PREFIX=multi-
++ BASE_SFS_MOUNT=/aufs/pup_ro
++ SAVEFILE_MOUNT=/aufs/pup_save
++ SAVE_DEV_MOUNT=/aufs/devsave
++ BASE_SFS_PATH=/fd64.sfs
++ SAVEFILE_PATH=fd64save-20240521
++ SAVEFILE_DEVICE=/dev/sda4
++ SAVEFILE_BIND=true
++ AUFS_ROOT_ID=si_d838a1a5bf16dcd7
+ '[' '' ']'
+ XTERM=defaultterm
+ SANDBOX_ROOT=/mnt/sb
+ FAKEROOT=/mnt/sb/fakeroot
+ SANDBOX_TMPFS=/mnt/sb/sandbox
+ SANDBOX_ID=
++ mktemp -p /tmp
+ TMPFILE=/tmp/tmp.NdktXXJl9V
+ echo 'FAKEROOT: /mnt/sb/fakeroot'
FAKEROOT: /mnt/sb/fakeroot
+ echo 'SANDBOX_TMPFS: /mnt/sb/sandbox'
SANDBOX_TMPFS: /mnt/sb/sandbox
+ trap umountall 1
++ id -u
+ '[' 0 -ne 0 ']'
+ grep -q /mnt/sb /sys/fs/aufs/si_d838a1a5bf16dcd7/br0
+ case "$1" in
+ '[' -t 0 ']'
+ '[' -t 0 ']'
+ grep -q /mnt/sb/fakeroot /proc/mounts
+ '[' -z si_d838a1a5bf16dcd7 ']'
++ awk '{print $0, "[ ]"}'
++ ls /mnt/sda4/32bit-fd64_813.sfs /mnt/sda4/32bit-fd64_901.sfs /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs /mnt/sda4/fd64-devx_813.sfs /mnt/sda4/fd64-devx_901.sfs /mnt/sda4/fd64.sfs /mnt/sda4/google-earth-2019.02.sfs /mnt/sda4/kernel-source-5.19.14.sfs /mnt/sda4/kernel-source-6.1.46.sfs /mnt/sda4/signal-6.20.0.sfs /mnt/sda4/wine-7.11-i686-1.sfs /mnt/sda4/wine-8.6-i686-1.sfs /mnt/sda4/xfce-4.18-x86_64.sfs /mnt/sda4/zoom-5.15.3-x86_64.sfs
+ items='/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
/mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ ]
/mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ ]
/mnt/sda4/fd64-devx_813.sfs [ ]
/mnt/sda4/fd64-devx_901.sfs [ ]
/mnt/sda4/fd64.sfs [ ]
/mnt/sda4/google-earth-2019.02.sfs [ ]
/mnt/sda4/kernel-source-5.19.14.sfs [ ]
/mnt/sda4/kernel-source-6.1.46.sfs [ ]
/mnt/sda4/signal-6.20.0.sfs [ ]
/mnt/sda4/wine-7.11-i686-1.sfs [ ]
/mnt/sda4/wine-8.6-i686-1.sfs [ ]
/mnt/sda4/xfce-4.18-x86_64.sfs [ ]
/mnt/sda4/zoom-5.15.3-x86_64.sfs [ ]'
+ '[' -z '/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
tmpfs sandbox
──────────────────────────────────────────────────────────────────────────────
┌─────────────────────sandbox config───────────────────────┐
+ '[' -z /mnt/sda4/fd64.sfs ']'
+ robranches=
+ for a in $chosen
+ robranches=' /mnt/sda4/fd64.sfs'
+ rm /tmp/tmp.NdktXXJl9V
+ mkdir -p /mnt/sb/fakeroot /mnt/sb/sandbox /mnt/sb/fakeroot/etc /mnt/sb/fakeroot/dev /mnt/sb/fakeroot/sys /mnt/sb/fakeroot/proc /mnt/sb/fakeroot/tmp
+ '[' '!' -w /mnt/sb/fakeroot/etc ']'
+ '[' '!' -w /mnt/sb/fakeroot/dev ']'
+ '[' '!' -w /mnt/sb/fakeroot/sys ']'
+ '[' '!' -w /mnt/sb/fakeroot/proc ']'
+ '[' '!' -w /mnt/sb/fakeroot/tmp ']'
+ ls -ld /mnt/sb/fakeroot
drwxr-xr-x 7 root root 4096 May 22 21:45 /mnt/sb/fakeroot
+ mount -o remount,rw /mnt/sb/fakeroot
mount: /mnt/sb/fakeroot: mount point not mounted or bad option.
dmesg(1) may have more information after failed mount system call.
+ echo 'Remounted /mnt/sb/fakeroot as read-write'
Remounted /mnt/sb/fakeroot as read-write
+ for sfs_file in $chosen
+ mount -o loop /mnt/sda4/fd64.sfs /mnt/sb/fakeroot
+ echo 'Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot'
Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot
+ mkdir -p /mnt/sb/fakeroot/mnt/sb/sandbox
mkdir: cannot create directory ‘/mnt/sb/fakeroot/mnt/sb’: Read-only file system
+ mount -o bind /mnt/sb/sandbox /mnt/sb/fakeroot/mnt/sb/sandbox
mount: /mnt/sb/fakeroot/mnt/sb/sandbox: mount point does not exist.
dmesg(1) may have more information after failed mount system call.
+ mount -o rbind /dev /mnt/sb/fakeroot/dev
+ mount -t sysfs none /mnt/sb/fakeroot/sys
+ mount -t proc none /mnt/sb/fakeroot/proc
+ mount -o bind /tmp /mnt/sb/fakeroot/tmp
+ cp /usr/share/sandbox/lxc /usr/share/sandbox/wmexit /usr/share/sandbox/xwin /mnt/sb/fakeroot/usr/bin
+ echo -e '\nexport PS1="sandbox# "'
export PS1="sandbox# "
+ echo -e '\nexport PS1="sandbox# "'
./lunchbox4.sh: line 131: /mnt/sb/fakeroot/etc/shinit: Read-only file system
+ sed -i -e '/^PS1/ s/^.*$/PS1="sandbox# "/' /mnt/sb/fakeroot/etc/profile.local
+ echo '[the vasty deep awaits ye] ... '
[the vasty deep awaits ye] ...
+ '[' '' ']'
+ command -v unshare
+ echo 'Notice: sandbox will try to run in a namespace ... '
Notice: sandbox will try to run in a namespace ...
+ echo ' ... if this does not work it'\''s your business not ours!'
... if this does not work it's your business not ours!
+ echo
+ command -v dumb-init
+ dumb-init unshare -pf --mount-proc chroot /mnt/sb/fakeroot /bin/bash
bash: cannot set terminal process group (-1): Inappropriate ioctl for device
bash: no job control in this shell
+ echo
+ echo 'UNMOUNT! in 10 seconds...'
UNMOUNT! in 10 seconds...
+ sleep 10
+ umountall
Unmounting /mnt/sb/fakeroot/mnt/sb/sandbox
Unmounting /mnt/sb/fakeroot
UNMOUNTED! by unmountall
+ echo Done.
Done.
+ sleep 10
#
@devildog the sequence of events that must happen, once you have the list of selected SFS:
1. loop-mount them in a certain set of directories
2. construct of an aufs or overlayfs mount, which consist of a read-write layer at the top, and all the directories (which were mounted with SFS in the previous step)
3. add certain necessary virtual filesystem (proc, sysfs, dev, devpts)
4. and finally chroot into it.
When you're done, just undo the steps in the reverse order.
The read-write layer can simply be tmpfs (=RAM) if you don't need want to preserve the changes, or somewhere in the filesystem if you want to preserve it.
In case of the original rw-sandbox.sh, we skip (1) since we're using an already mounted SFS. The list of the directories where these SFS are mounted is given in /sys/fs/aufs, you can see them by doing grep . /sys/fs/aufs/*/br[0-9]*
; but in your case, since you want to use SFS-es which aren't mounted, you need to do (1) yourself. The remaining part of 2,3,4 should be identical what what it already is.
That's as far as I can help right now. I do want to make something like what you want to do as well, but right now not enough time (and motivation).
Extremely kind of you to try and explain - must admit don't really understand aufs but will have another look at this in terms of a simple script that makes the changes I know I want. Once that works I will re-do the lines above.
@devildog - the script that you want is now available in Fatdog64 902. It is called sfs-sandbox.sh
. It works with both aufs and overlayfs (it uses aufs by default). The so-called "SFS" can be real SFS, other kind of image files, or even folders/directories.