psandbox.sh - Mount a puppy in a chroot

For discussions about programming, and for programming questions and advice


Moderator: Forum moderators

devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

have found the sandbox script /bin/sandbox.sh and others...

Want to be able to do this to a selected folder full of sfs or a pre-created folder with the live filesystem / at the top? At least thats what I think I want?!

xscreenshot-20240521T120858.png
xscreenshot-20240521T120858.png (75.2 KiB) Viewed 1024 times
jamesbond
Posts: 717
Joined: Tue Aug 11, 2020 3:02 pm
Location: The Pale Blue Dot
Has thanked: 124 times
Been thanked: 402 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by jamesbond »

devildog wrote: Tue May 21, 2024 10:43 am
fredx181 wrote: Tue May 21, 2024 9:29 am

(loop-mount the main puppy .sfs and chroot in)

Code: Select all

# set path to puppy sfs
SFS="/mnt/sda2/bwormp/puppy_dpupbw64_10.0.6.sfs" ### change this !

In terms of FD901 - Where is this sfs? or rather can I make one?

It's inside the initrd. Open the initrd (click / double-click on it), and you will find a file called fd64.sfs inside.

devildog wrote: Tue May 21, 2024 11:13 am

have found the sandbox script /bin/sandbox.sh and others...

Want to be able to do this to a selected folder full of sfs or a pre-created folder with the live filesystem / at the top? At least thats what I think I want?!

sandbox.sh is to run existing installation, with already-loaded SFS, in a sandbox.
It does not pre-load a list of SFS and/or run a different version of Fatdog, although you can modify it to do so. It's not a long script, only 187 lines, including the comments.
If you want a version that have persistence, then look at /usr/bin/rw-sandbox.sh.

devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

ty James - I'm starting to see it now.

My CTRL-ALT-F2 finger is itching!

devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

heres what i have so far...

xscreenshot-20240521T152608.jpg
xscreenshot-20240521T152608.jpg (66.7 KiB) Viewed 980 times

error on mount...

Code: Select all

Mounting aufs with branches: /mnt/sb/sandbox=rw:/mnt/home/fd64.sfs=ro
mount: /mnt/sb/fakeroot: wrong fs type, bad option, bad superblock on aufs, missing codepage or helper program, or other error.
       dmesg(1) may have more information after failed mount system call.
Failed to mount sandbox aufs
# 

Sandbox script edited...

Code: Select all

#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# puppy test/compilation sandbox
# this version uses tmpfs instead of an rw image, 
# and you can also choose which SFS to use
# run this from terminal.
# version 4 - replace sed with awk - more powerful and more correct, will handle all oddball cases
#             where loop-N and pup_ro-N numbers don't match
# version 5 - add compatibility when running with pup_rw=tmpfs (step 2.a)
# version 6 - (2012) adapted to be more flexible - for Fatdog64 600
# version 7 - (2012) cleanup mounts if if we are killed
# version 8 - (2013) re-launch in terminal if we aren't in terminal
# version 9 - (2013) enable running multiple sandboxes
# version 10 - (2015) use pid/mount namespaces if available
# version 11 - (2017) use dumb-init if available, support command from arguments
# version 12 - (2020) env NO_NS=1 don't use namespace, chroot only

# 0. directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT=/mnt/sb
FAKEROOT=$SANDBOX_ROOT/fakeroot   # mounted chroot location of sandbox - ie, the fake root
SANDBOX_TMPFS=$SANDBOX_ROOT/sandbox # mounted rw location of tmpfs used for sandbox
SANDBOX_ID=
TMPFILE=$(mktemp -p /tmp)
#NO_NS=1 # don't user namespace, chroot only

# umount all if we are accidentally killed
trap 'umountall' 1
umountall() {
    {
    umount -l $FAKEROOT/$SANDBOX_TMPFS
    umount -l $FAKEROOT/tmp
    umount -l $FAKEROOT/proc
    umount -l $FAKEROOT/sys
    umount -l $FAKEROOT/dev/pts $FAKEROOT/dev/shm $FAKEROOT/dev
    
    umount -l $FAKEROOT
    umount -l $SANDBOX_TMPFS 
    rmdir $FAKEROOT
    rmdir $SANDBOX_TMPFS
    } 2> /dev/null
}

die() {
    echo "$1"
    exit 1
}


# 0.1 must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."

# 0.2 cannot launch sandbox within sandbox
grep -q $SANDBOX_ROOT /sys/fs/aufs/$AUFS_ROOT_ID/br0 &&
die "Cannot launch sandbox within sandbox."

# 0.3 help
case "$1" in
    --help|-h)
    echo "Usage: ${0##*/} [cmd [args]]"
    echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
    exit
esac

# 0.4 if not running from terminal but in Xorg, then launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec $XTERM -e "$0" "$@"
! [ -t 0 ] && exit

# 0.5 is this the first sandbox? If not, then create another name for mountpoints
if grep -q $FAKEROOT /proc/mounts; then
    FAKEROOT=$(mktemp -d -p $SANDBOX_ROOT ${FAKEROOT##*/}.XXXXXXX)
    SANDBOX_ID=".${FAKEROOT##*.}"
    SANDBOX_TMPFS=$SANDBOX_ROOT/${SANDBOX_TMPFS##*/}${SANDBOX_ID}
    rmdir $FAKEROOT
fi

# 1. get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(
awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts
)

# 2. detect SFS files and add them to items
items=$(ls /mnt/home/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')

# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
    --checklist "Choose which SFS you want to use" 0 60 10 $items 2> $TMPFILE

chosen="$(cat $TMPFILE)"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."

# 4. convert chosen SFS to robranches
robranches=""
for a in $chosen; do
    robranches=$robranches:$a=ro
done
rm $TMPFILE

# 5. make the mountpoints if not exist yet
mkdir -p $FAKEROOT $SANDBOX_TMPFS $FAKEROOT/etc $FAKEROOT/dev $FAKEROOT/sys $FAKEROOT/proc $FAKEROOT/tmp

# 6. do the magic - mount the tmpfs first, and then the rest with aufs
if mount -t tmpfs none $SANDBOX_TMPFS; then
    echo "Mounting aufs with branches: $SANDBOX_TMPFS=rw$robranches"
    if mount -t aufs -o "br:$SANDBOX_TMPFS=rw$robranches" aufs $FAKEROOT; then
        # 7. record our new aufs-root-id so tools don't hack real filesystem    
        SANDBOX_AUFS_ID=$(grep $FAKEROOT /proc/mounts | sed 's/.*si=/si_/; s/ .*//') #'
        sed -i -e '/AUFS_ROOT_ID/ d' $FAKEROOT/etc/BOOTSTATE 2> /dev/null
        echo AUFS_ROOT_ID=$SANDBOX_AUFS_ID >> $FAKEROOT/etc/BOOTSTATE
    else
        umount $SANDBOX_TMPFS
        die "Failed to mount sandbox aufs"
    fi
else
    die "Failed to mount sandbox tmpfs"
fi

# 8. sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p $FAKEROOT/$SANDBOX_TMPFS
mount -o bind $SANDBOX_TMPFS $FAKEROOT/$SANDBOX_TMPFS    # so we can access it within the sandbox
mount -o rbind /dev $FAKEROOT/dev
mount -t sysfs none $FAKEROOT/sys
mount -t proc none $FAKEROOT/proc
mount -o bind /tmp $FAKEROOT/tmp

# 9. optional copy, to enable running sandbox-ed xwin 
cp /usr/share/sandbox/* $FAKEROOT/usr/bin 2> /dev/null
        
# 10. make sure we identify ourself as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'${SANDBOX_ID}'# "' >> $FAKEROOT/etc/shinit #fatdog 600
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'${SANDBOX_ID}'# "/' $FAKEROOT/etc/profile.local 2> /dev/null #fatdog 700

# 11. run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo
if [ "$NO_NS" ] || ! command -v unshare 2>&1 > /dev/null ; then
    echo "Warning: sandbox runs chroot-only mode; if this does not work, check your"
    echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
    echo
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo
    chroot $FAKEROOT ${@:-sh}
else
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo
    if command -v dumb-init > /dev/null; then
        dumb-init unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
    else
        unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
    fi
fi

umountall

What am i doing wrong on the sfs mount?

xscreenshot-20240521T155354.jpg
xscreenshot-20240521T155354.jpg (101.19 KiB) Viewed 973 times
devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

A little closer ...

Code: Select all

#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# Puppy test/compilation sandbox
# Uses tmpfs instead of an rw image, allows choosing which SFS to use
# Run this from the terminal.
# Version 12 - (2020) env NO_NS=1 don't use namespace, chroot only

# 0. Directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT=/mnt/sb
FAKEROOT=$SANDBOX_ROOT/fakeroot   # Mounted chroot location of sandbox - fake root
SANDBOX_TMPFS=$SANDBOX_ROOT/sandbox # Mounted rw location of tmpfs used for sandbox
SANDBOX_ID=
TMPFILE=$(mktemp -p /tmp)

# Clean up mounts if we are accidentally killed
trap 'umountall' 1
umountall() {
    {
        umount -l $FAKEROOT/$SANDBOX_TMPFS
        umount -l $FAKEROOT/tmp
        umount -l $FAKEROOT/proc
        umount -l $FAKEROOT/sys
        umount -l $FAKEROOT/dev/pts $FAKEROOT/dev/shm $FAKEROOT/dev
        umount -l $FAKEROOT
        umount -l $SANDBOX_TMPFS 
        rmdir $FAKEROOT
        rmdir $SANDBOX_TMPFS
    } 2> /dev/null
}

die() {
    echo "$1"
    exit 1
}

# 0.1 Must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."

# 0.2 Cannot launch sandbox within sandbox
grep -q $SANDBOX_ROOT /sys/fs/aufs/$AUFS_ROOT_ID/br0 &&
die "Cannot launch sandbox within sandbox."

# 0.3 Help
case "$1" in
    --help|-h)
        echo "Usage: ${0##*/} [cmd [args]]"
        echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
        exit
esac

# 0.4 If not running from terminal but in Xorg, launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec $XTERM -e "$0" "$@"
! [ -t 0 ] && exit

# 0.5 Is this the first sandbox? If not, create another name for mountpoints
if grep -q $FAKEROOT /proc/mounts; then
    FAKEROOT=$(mktemp -d -p $SANDBOX_ROOT ${FAKEROOT##*/}.XXXXXXX)
    SANDBOX_ID=".${FAKEROOT##*.}"
    SANDBOX_TMPFS=$SANDBOX_ROOT/${SANDBOX_TMPFS##*/}${SANDBOX_ID}
    rmdir $FAKEROOT
fi

# 1. Get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(
    awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts
)

# 2. Detect SFS files and add them to items
items=$(ls /mnt/sda4/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')

# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
    --checklist "Choose which SFS you want to use" 0 60 10 $items 2> $TMPFILE

chosen="$(cat $TMPFILE)"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."

# 4. Convert chosen SFS to robranches
robranches=""
for a in $chosen; do
#    robranches="$robranches:$a=ro"
    robranches="$robranches$a"
done
rm $TMPFILE

# 5. Make the mountpoints if not exist yet
mkdir -p $FAKEROOT $SANDBOX_TMPFS $FAKEROOT/etc $FAKEROOT/dev $FAKEROOT/sys $FAKEROOT/proc $FAKEROOT/tmp

# 6. Mount the tmpfs first, and then the rest with aufs
if mount -t tmpfs none $SANDBOX_TMPFS; then
#    echo "Mounting aufs with branches: $SANDBOX_TMPFS=rw$robranches"
      echo "Mounting .sfs $SANDBOX_TMPFS $robranches"  
#    if mount -t aufs -o "br:$SANDBOX_TMPFS=rw$robranches" aufs $FAKEROOT; then
if mount -o loop "$robranches" $FAKEROOT; then
        # 7. Record our new aufs-root-id so tools don't hack real filesystem    
        SANDBOX_AUFS_ID=$(grep $FAKEROOT /proc/mounts | sed 's/.*si=/si_/; s/ .*//') #'
        sed -i -e '/AUFS_ROOT_ID/ d' $FAKEROOT/etc/BOOTSTATE 2> /dev/null
        echo AUFS_ROOT_ID=$SANDBOX_AUFS_ID >> $FAKEROOT/etc/BOOTSTATE
    else
        umount $SANDBOX_TMPFS
        die "Failed to mount sandbox aufs"
    fi
else
    die "Failed to mount sandbox tmpfs"
fi

# 8. Sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p $FAKEROOT/$SANDBOX_TMPFS
mount -o bind $SANDBOX_TMPFS $FAKEROOT/$SANDBOX_TMPFS    # So we can access it within the sandbox
mount -o rbind /dev $FAKEROOT/dev
mount -t sysfs none $FAKEROOT/sys
mount -t proc none $FAKEROOT/proc
mount -o bind /tmp $FAKEROOT/tmp

# 9. Optional copy, to enable running sandbox-ed xwin 
cp /usr/share/sandbox/* $FAKEROOT/usr/bin 2> /dev/null
        
# 10. Identify ourselves as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'${SANDBOX_ID}'# "' >> $FAKEROOT/etc/shinit # Fatdog 600
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'${SANDBOX_ID}'# "/' $FAKEROOT/etc/profile.local 2> /dev/null # Fatdog 700

# 11. Run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo
if [ "$NO_NS" ] || ! command -v unshare 2>&1 > /dev/null ; then
    echo "Warning: sandbox runs chroot-only mode; if this does not work, check your"
    echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
    echo
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo
    chroot $FAKEROOT ${@:-sh}
else
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo
    if command -v dumb-init > /dev/null; then
        dumb-init unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
    else
        unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
    fi
fi

umountall

error messages ...

Code: Select all

# Mounting .sfs /mnt/sb/sandbox.MjBv1pX /mnt/sda4/fd64.sfs
mount: /mnt/sb/fakeroot.MjBv1pX: WARNING: source write-protected, mounted read-only.
./lunchbox.sh: line 103: /mnt/sb/fakeroot.MjBv1pX/etc/BOOTSTATE: Read-only file system
mkdir: cannot create directory ‘/mnt/sb/fakeroot.MjBv1pX//mnt/sb’: Read-only file system
mount: /mnt/sb/fakeroot.MjBv1pX//mnt/sb/sandbox.MjBv1pX: mount point does not exist.
       dmesg(1) may have more information after failed mount system call.
./lunchbox.sh: line 124: /mnt/sb/fakeroot.MjBv1pX/etc/shinit: Read-only file system

sandbox will start now - exit from the shell to leave the sandbox.

sh: cannot set terminal process group (-1): Inappropriate ioctl for device
sh: no job control in this shell
# 
xscreenshot-20240521T204919.jpg
xscreenshot-20240521T204919.jpg (38.85 KiB) Viewed 951 times
devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

Here's the error the code below produces.

Clearly the paths are out, will isolate the exact spots where these are generated and hack them back.

Keep thinking there must be a better way but dont want full virtualisation (bad bad laptop here no virt settings in the bios).

xscreenshot-20240522T153914.jpg
xscreenshot-20240522T153914.jpg (59.44 KiB) Viewed 915 times

: )

Code: Select all

#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# Puppy test/compilation sandbox
# Uses tmpfs instead of an rw image, allows choosing which SFS to use
# Run this from the terminal.
# Version 12 - (2020) env NO_NS=1 don't use namespace, chroot only

# 0. Directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT=/mnt/sb
FAKEROOT=$SANDBOX_ROOT/fakeroot   # Mounted chroot location of sandbox - fake root
SANDBOX_TMPFS=$SANDBOX_ROOT/sandbox # Mounted rw location of tmpfs used for sandbox
SANDBOX_ID=
TMPFILE=$(mktemp -p /tmp)

# Clean up mounts if we are accidentally killed
trap 'umountall' 1
umountall() {
    {
        umount -l $FAKEROOT/$SANDBOX_TMPFS
        umount -l $FAKEROOT/tmp
        umount -l $FAKEROOT/proc
        umount -l $FAKEROOT/sys
        umount -l $FAKEROOT/dev/pts $FAKEROOT/dev/shm $FAKEROOT/dev
        umount -l $FAKEROOT
        umount -l $SANDBOX_TMPFS 
        rmdir $FAKEROOT
        rmdir $SANDBOX_TMPFS
    } 2> /dev/null
}

die() {
    echo "$1"
    exit 1
}

# 0.1 Must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."

# 0.2 Cannot launch sandbox within sandbox
grep -q $SANDBOX_ROOT /sys/fs/aufs/$AUFS_ROOT_ID/br0 &&
die "Cannot launch sandbox within sandbox."

# 0.3 Help
case "$1" in
    --help|-h)
        echo "Usage: ${0##*/} [cmd [args]]"
        echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
        exit
esac

# 0.4 If not running from terminal but in Xorg, launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec $XTERM -e "$0" "$@"
! [ -t 0 ] && exit

# 0.5 Is this the first sandbox? If not, create another name for mountpoints
if grep -q $FAKEROOT /proc/mounts; then
    FAKEROOT=$(mktemp -d -p $SANDBOX_ROOT ${FAKEROOT##*/}.XXXXXXX)
    SANDBOX_ID=".${FAKEROOT##*.}"
    SANDBOX_TMPFS=$SANDBOX_ROOT/${SANDBOX_TMPFS##*/}${SANDBOX_ID}
    rmdir $FAKEROOT
fi

# 1. Get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(
    awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts
)

# 2. Detect SFS files and add them to items
items=$(ls /mnt/sda4/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')

# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
    --checklist "Choose which SFS you want to use" 0 60 10 $items 2> $TMPFILE

chosen="$(cat $TMPFILE)"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."

# 4. Convert chosen SFS to robranches
robranches=""
for a in $chosen; do
#    robranches="$robranches:$a=ro"
    robranches="$robranches$a"
done
rm $TMPFILE

# 5. Make the mountpoints if not exist yet
mkdir -p $FAKEROOT $SANDBOX_TMPFS $FAKEROOT/etc $FAKEROOT/dev $FAKEROOT/sys $FAKEROOT/proc $FAKEROOT/tmp

# 6. Mount the tmpfs first, and then the rest with aufs
if mount -t tmpfs none $SANDBOX_TMPFS; then
#    echo "Mounting aufs with branches: $SANDBOX_TMPFS=rw$robranches"
      echo "Mounting .sfs $SANDBOX_TMPFS $robranches"  
#    if mount -t aufs -o "br:$SANDBOX_TMPFS=rw$robranches" aufs $FAKEROOT; then
if mount -o loop "$robranches" $FAKEROOT; then
        # 7. Record our new aufs-root-id so tools don't hack real filesystem    
        SANDBOX_AUFS_ID=$(grep $FAKEROOT /proc/mounts | sed 's/.*si=/si_/; s/ .*//') #'
        sed -i -e '/AUFS_ROOT_ID/ d' $FAKEROOT/etc/BOOTSTATE 2> /dev/null
        echo AUFS_ROOT_ID=$SANDBOX_AUFS_ID >> $FAKEROOT/etc/BOOTSTATE
    else
        umount $SANDBOX_TMPFS
        die "Failed to mount sandbox aufs"
    fi
else
    die "Failed to mount sandbox tmpfs"
fi

# 8. Sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p $FAKEROOT/$SANDBOX_TMPFS
mount -o bind $SANDBOX_TMPFS $FAKEROOT/$SANDBOX_TMPFS    # So we can access it within the sandbox
mount -o rbind /dev $FAKEROOT/dev
mount -t sysfs none $FAKEROOT/sys
mount -t proc none $FAKEROOT/proc
mount -o bind /tmp $FAKEROOT/tmp

# 9. Optional copy, to enable running sandbox-ed xwin 
cp /usr/share/sandbox/* $FAKEROOT/usr/bin 2> /dev/null
        
# 10. Identify ourselves as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'${SANDBOX_ID}'# "' >> $FAKEROOT/etc/shinit # Fatdog 600
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'${SANDBOX_ID}'# "/' $FAKEROOT/etc/profile.local 2> /dev/null # Fatdog 700

# 11. Run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo
if [ "$NO_NS" ] || ! command -v unshare 2>&1 > /dev/null ; then
    echo "Warning: sandbox runs chroot-only mode; if this does not work, check your"
    echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
    echo
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo
    chroot $FAKEROOT ${@:-sh}
else
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo
    if command -v dumb-init > /dev/null; then
        dumb-init unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
    else
        unshare -pf --mount-proc chroot $FAKEROOT ${@:-sh}
    fi
fi

umountall
devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

Ok seems to be selecting sfs and removing the constructed mounts after running.

There remains a technical issue re. read only mounts / aufs that I admit to not understanding.

The segfault must relate to missing bits of the chroot environment that I have not supplied.

Code does seem to half work under a ram session, but under a savefile we get the output below.

" check your boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox) " have tried this [TAB on the fd loader allows boot parms but no difference with "nocopy"].

The script below is not intended for use.

Code: Select all

#!/bin/sh
# James Budiono 2011, 2013, 2015, 2017, 2018, 2020
# Puppy test/compilation sandbox
# Uses tmpfs instead of an rw image, allows choosing which SFS to use
# Run this from the terminal.
# Version 12 - (2020) env NO_NS=1 don't use namespace, chroot only

# 0. Directory locations
. $BOOTSTATE_PATH # AUFS_ROOT_ID
[ "$NOT_USING_AUFS" ] && exit 1
XTERM="defaultterm"
SANDBOX_ROOT="/mnt/sb"
FAKEROOT="$SANDBOX_ROOT/fakeroot"   # Mounted chroot location of sandbox - fake root
SANDBOX_TMPFS="$SANDBOX_ROOT/sandbox" # Mounted rw location of tmpfs used for sandbox
SANDBOX_ID=""
TMPFILE=$(mktemp -p /tmp)


# Debug prints to verify paths
echo "FAKEROOT: $FAKEROOT"
echo "SANDBOX_TMPFS: $SANDBOX_TMPFS"

# Clean up mounts if we are accidentally killed
trap 'umountall' 1
umountall() {
    {
echo "Unmounting $FAKEROOT$SANDBOX_TMPFS"
echo "Unmounting $FAKEROOT"
        umount -l "$FAKEROOT$SANDBOX_TMPFS"
        umount -l "$FAKEROOT/tmp"
        umount -l "$FAKEROOT/proc"
        umount -l "$FAKEROOT/sys"
        umount -l "$FAKEROOT/dev/pts" "$FAKEROOT/dev/shm" "$FAKEROOT/dev"
        umount -l "$FAKEROOT"
        umount -l "$SANDBOX_TMPFS" 
        rmdir "$FAKEROOT"
        rmdir "$SANDBOX_TMPFS"
        echo "UNMOUNTED! by unmountall"
        sleep 5
    } 2> /dev/null
}

die() {
    echo "$1"
    exit 1
}

# 0.1 Must be root
[ $(id -u) -ne 0 ] && die "You must be root to use sandbox."

# 0.2 Cannot launch sandbox within sandbox
grep -q "$SANDBOX_ROOT" /sys/fs/aufs/$AUFS_ROOT_ID/br0 && die "Cannot launch sandbox within sandbox."

# 0.3 Help
case "$1" in
    --help|-h)
        echo "Usage: ${0##*/} [cmd [args]]"
        echo "Starts an in-memory (throwaway) sandbox. Type 'exit' to leave."
        exit
esac

# 0.4 If not running from terminal but in Xorg, launch via terminal
! [ -t 0 ] && [ -n "$DISPLAY" ] && exec "$XTERM" -e "$0" "$@"
! [ -t 0 ] && exit

# 0.5 Is this the first sandbox? If not, create another name for mountpoints
if grep -q "$FAKEROOT" /proc/mounts; then
    FAKEROOT=$(mktemp -d -p "$SANDBOX_ROOT" "${FAKEROOT##*/}.XXXXXXX")
    SANDBOX_ID=".$(basename "$FAKEROOT")"
    SANDBOX_TMPFS="$SANDBOX_ROOT/sandbox$SANDBOX_ID"
    rmdir "$FAKEROOT"
fi

# 1. Get aufs system-id for the root filesystem
[ -z "$AUFS_ROOT_ID" ] && AUFS_ROOT_ID=$(awk '{ if ($2 == "/" && $3 == "aufs") { match($4,/si=[0-9a-f]*/); print "si_" substr($4,RSTART+3,RLENGTH-3) } }' /proc/mounts)

# 2. Detect SFS files and add them to items
items=$(ls /mnt/sda4/*.sfs 2>/dev/null | awk '{print $0, "[ ]"}')

# 3. Ask user to choose the SFS
[ -z "$items" ] && die "No SFS files found."
dialog --separate-output --backtitle "tmpfs sandbox" --title "sandbox config" \
    --checklist "Choose which SFS you want to use" 0 60 10 $items 2> "$TMPFILE"

chosen="$(cat "$TMPFILE")"
clear
[ -z "$chosen" ] && die "Cancelled or no SFS is chosen, exiting."

# 4. Convert chosen SFS to robranches
robranches=""
for a in $chosen; do
    robranches="$robranches $a"
done
rm "$TMPFILE"

# 5. Make the mountpoints if not exist yet
mkdir -p "$FAKEROOT" "$SANDBOX_TMPFS" "$FAKEROOT/etc" "$FAKEROOT/dev" "$FAKEROOT/sys" "$FAKEROOT/proc" "$FAKEROOT/tmp"

# Check if the directories are writable
if [ ! -w "$FAKEROOT/etc" ] || [ ! -w "$FAKEROOT/dev" ] || [ ! -w "$FAKEROOT/sys" ] || [ ! -w "$FAKEROOT/proc" ] || [ ! -w "$FAKEROOT/tmp" ]; then
    die "Error: One or more necessary directories are not writable. Please check the file system permissions."
fi

# 6.0 Remount chroot filesystem as read-write
ls -ld "$FAKEROOT"
mount -o remount,rw "$FAKEROOT"
echo "Remounted $FAKEROOT as read-write"

# 6.1 Mount each selected SFS file
for sfs_file in $chosen; do
    if mount -o loop "$sfs_file" "$FAKEROOT"; then
        echo "Mounted $sfs_file to $FAKEROOT"
    else
        die "Failed to mount $sfs_file to $FAKEROOT"
    fi
done

# 8. Sandbox is ready, now just need to mount other supports - pts, proc, sysfs, usb, and tmp
mkdir -p "$FAKEROOT$SANDBOX_TMPFS"  # Fix path concatenation here
mount -o bind "$SANDBOX_TMPFS" "$FAKEROOT$SANDBOX_TMPFS"    # So we can access it within the sandbox
mount -o rbind /dev "$FAKEROOT/dev"
mount -t sysfs none "$FAKEROOT/sys"
mount -t proc none "$FAKEROOT/proc"
mount -o bind /tmp "$FAKEROOT/tmp"

# 9. Optional copy, to enable running sandbox-ed xwin 
cp /usr/share/sandbox/* "$FAKEROOT/usr/bin" 2> /dev/null

# 10. Identify ourselves as in sandbox - and we're good to go!
echo -e '\nexport PS1="sandbox'"${SANDBOX_ID}"'# "'
echo -e '\nexport PS1="sandbox'"${SANDBOX_ID}"'# "' >> "$FAKEROOT/etc/shinit"
sed -i -e '/^PS1/ s/^.*$/PS1="sandbox'"${SANDBOX_ID}"'# "/' "$FAKEROOT/etc/profile.local" 2> /dev/null

# 11. Run sandbox in namespace if possible (pid+mount), otherwise run chroot only
echo "[the vasty deep awaits ye] ... "

if [ "$NO_NS" ] || ! command -v unshare > /dev/null 2>&1; then
    echo "Warning: sandbox runing in chroot-mode; if this does not work, check your"
    echo "boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)"
    echo
    echo "sandbox will start now - exit from the shell to leave the sandbox."
    echo "chroot $FAKEROOT ${@:-sh} [in 5 seconds...]"
    echo
    
    sleep 5
    chroot "$FAKEROOT" "${@:-sh}"
    sleep 5
    umount -l "$FAKEROOT"
    rm -R "$FAKEROOT"

else
    echo "Notice: sandbox will try to run in a namespace ... "
    echo " ... if this does not work it's your business not ours!"
    echo
    
    if command -v dumb-init > /dev/null; then
        dumb-init unshare -pf --mount-proc chroot "$FAKEROOT" "${@:-sh}"
    else
        unshare -pf --mount-proc chroot "$FAKEROOT" "${@:-sh}"
    fi
fi

echo
echo "UNMOUNT! in 10 seconds..."
sleep 10

umountall

echo "Done."
sleep 10

... output ...

Code: Select all

# NO_NS=1 bash -x ./lunchbox4.sh /bin/bash
+ . /etc/BOOTSTATE
++ GENUINE_FATDOG_INITRD=true
++ AUFS_ROOT=/aufs
++ BASELINE_MOUNT=/aufs/pup_init
++ MODULE_SFS_MOUNT=/aufs/kernel-modules
++ SAVE_DEV_PROTO=/aufs/devsave
++ SAVEFILE_PROTO=/fd64save.ext4
++ MULTI_PREFIX=multi-
++ BASE_SFS_MOUNT=/aufs/pup_ro
++ SAVEFILE_MOUNT=/aufs/pup_save
++ SAVE_DEV_MOUNT=/aufs/devsave
++ BASE_SFS_PATH=/fd64.sfs
++ SAVEFILE_PATH=fd64save-20240521
++ SAVEFILE_DEVICE=/dev/sda4
++ SAVEFILE_BIND=true
++ AUFS_ROOT_ID=si_d838a1a5bf16dcd7
+ '[' '' ']'
+ XTERM=defaultterm
+ SANDBOX_ROOT=/mnt/sb
+ FAKEROOT=/mnt/sb/fakeroot
+ SANDBOX_TMPFS=/mnt/sb/sandbox
+ SANDBOX_ID=
++ mktemp -p /tmp
+ TMPFILE=/tmp/tmp.DXqjz3TxIs
+ echo 'FAKEROOT: /mnt/sb/fakeroot'
FAKEROOT: /mnt/sb/fakeroot
+ echo 'SANDBOX_TMPFS: /mnt/sb/sandbox'
SANDBOX_TMPFS: /mnt/sb/sandbox
+ trap umountall 1
++ id -u
+ '[' 0 -ne 0 ']'
+ grep -q /mnt/sb /sys/fs/aufs/si_d838a1a5bf16dcd7/br0
+ case "$1" in
+ '[' -t 0 ']'
+ '[' -t 0 ']'
+ grep -q /mnt/sb/fakeroot /proc/mounts
+ '[' -z si_d838a1a5bf16dcd7 ']'
++ ls /mnt/sda4/32bit-fd64_813.sfs /mnt/sda4/32bit-fd64_901.sfs /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs /mnt/sda4/fd64-devx_813.sfs /mnt/sda4/fd64-devx_901.sfs /mnt/sda4/fd64.sfs /mnt/sda4/google-earth-2019.02.sfs /mnt/sda4/kernel-source-5.19.14.sfs /mnt/sda4/kernel-source-6.1.46.sfs /mnt/sda4/signal-6.20.0.sfs /mnt/sda4/wine-7.11-i686-1.sfs /mnt/sda4/wine-8.6-i686-1.sfs /mnt/sda4/xfce-4.18-x86_64.sfs /mnt/sda4/zoom-5.15.3-x86_64.sfs
++ awk '{print $0, "[ ]"}'
+ items='/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
/mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ ]
/mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ ]
/mnt/sda4/fd64-devx_813.sfs [ ]
/mnt/sda4/fd64-devx_901.sfs [ ]
/mnt/sda4/fd64.sfs [ ]
/mnt/sda4/google-earth-2019.02.sfs [ ]
/mnt/sda4/kernel-source-5.19.14.sfs [ ]
/mnt/sda4/kernel-source-6.1.46.sfs [ ]
/mnt/sda4/signal-6.20.0.sfs [ ]
/mnt/sda4/wine-7.11-i686-1.sfs [ ]
/mnt/sda4/wine-8.6-i686-1.sfs [ ]
/mnt/sda4/xfce-4.18-x86_64.sfs [ ]
/mnt/sda4/zoom-5.15.3-x86_64.sfs [ ]'
+ '[' -z '/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
/mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ ]
/mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ ]
/mnt/sda4/fd64-devx_813.sfs [ ]
/mnt/sda4/fd64-devx_901.sfs [ ]
/mnt/sda4/fd64.sfs [ ]
/mnt/sda4/google-earth-2019.02.sfs [ ]
/mnt/sda4/kernel-source-5.19.14.sfs [ ]
/mnt/sda4/kernel-source-6.1.46.sfs [ ]
/mnt/sda4/signal-6.20.0.sfs [ ]
/mnt/sda4/wine-7.11-i686-1.sfs [ ]
/mnt/sda4/wine-8.6-i686-1.sfs [ ]
/mnt/sda4/xfce-4.18-x86_64.sfs [ ]
/mnt/sda4/zoom-5.15.3-x86_64.sfs [ ]' ']'
+ dialog --separate-output --backtitle 'tmpfs sandbox' --title 'sandbox config' --checklist 'Choose which SFS you want to use' 0 60 10 /mnt/sda4/32bit-fd64_813.sfs '[' ']' /mnt/sda4/32bit-fd64_901.sfs '[' ']' /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs '[' ']' /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs '[' ']' /mnt/sda4/fd64-devx_813.sfs '[' ']' /mnt/sda4/fd64-devx_901.sfs '[' ']' /mnt/sda4/fd64.sfs '[' ']' /mnt/sda4/google-earth-2019.02.sfs '[' ']' /mnt/sda4/kernel-source-5.19.14.sfs '[' ']' /mnt/sda4/kernel-source-6.1.46.sfs '[' ']' /mnt/sda4/signal-6.20.0.sfs '[' ']' /mnt/sda4/wine-7.11-i686-1.sfs '[' ']' /mnt/sda4/wine-8.6-i686-1.sfs '[' ']' /mnt/sda4/xfce-4.18-x86_64.sfs '[' ']' /mnt/sda4/zoom-5.15.3-x86_64.sfs '[' ']'

 tmpfs sandbox
 ──────────────────────────────────────────────────────────────────────────────
         ┌─────────────────────sandbox config───────────────────────┐
         │ Choose which SFS you want to use                         │  
         │ ┌──────────────────────────────────────────────────────┐ │  
         │ │[ ] /mnt/sda4/32bit-fd64_813.sfs                    [ │ │  
         │ │[ ] /mnt/sda4/32bit-fd64_901.sfs                    [ │ │  
         │ │[ ] /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs   [ │ │  
         │ │[ ] /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs  [ │ │  
         │ │[ ] /mnt/sda4/fd64-devx_813.sfs                     [ │ │  
         │ │[ ] /mnt/sda4/fd64-devx_901.sfs                     [ │ │  
         │ │[*] /mnt/sda4/fd64.sfs                              [ │ │  
         │ │[ ] /mnt/sda4/google-earth-2019.02.sfs              [ │ │  
         │ │[ ] /mnt/sda4/kernel-source-5.19.14.sfs             [ │ │  
         │ │[ ] /mnt/sda4/kernel-source-6.1.46.sfs              [ │ │  
         │ │[ ] /mnt/sda4/signal-6.20.0.sfs                     [ │ │  
         │ └────↓(+)──────────────────────────────────────73%─────┘ │  
         ├──────────────────────────────────────────────────────────┤  
         │               <  OK  >        <Cancel>                   │  
         └──────────────────────────────────────────────────────────┘  
           


++ cat /tmp/tmp.DXqjz3TxIs
+ chosen=/mnt/sda4/fd64.sfs
+ clear

+ '[' -z /mnt/sda4/fd64.sfs ']'
+ robranches=
+ for a in $chosen
+ robranches=' /mnt/sda4/fd64.sfs'
+ rm /tmp/tmp.DXqjz3TxIs
+ mkdir -p /mnt/sb/fakeroot /mnt/sb/sandbox /mnt/sb/fakeroot/etc /mnt/sb/fakeroot/dev /mnt/sb/fakeroot/sys /mnt/sb/fakeroot/proc /mnt/sb/fakeroot/tmp
+ '[' '!' -w /mnt/sb/fakeroot/etc ']'
+ '[' '!' -w /mnt/sb/fakeroot/dev ']'
+ '[' '!' -w /mnt/sb/fakeroot/sys ']'
+ '[' '!' -w /mnt/sb/fakeroot/proc ']'
+ '[' '!' -w /mnt/sb/fakeroot/tmp ']'
+ ls -ld /mnt/sb/fakeroot
drwxr-xr-x 7 root root 4096 May 22 21:26 /mnt/sb/fakeroot
+ mount -o remount,rw /mnt/sb/fakeroot
mount: /mnt/sb/fakeroot: mount point not mounted or bad option.
       dmesg(1) may have more information after failed mount system call.
+ echo 'Remounted /mnt/sb/fakeroot as read-write'
Remounted /mnt/sb/fakeroot as read-write
+ for sfs_file in $chosen
+ mount -o loop /mnt/sda4/fd64.sfs /mnt/sb/fakeroot
+ echo 'Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot'
Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot
+ mkdir -p /mnt/sb/fakeroot/mnt/sb/sandbox
mkdir: cannot create directory ‘/mnt/sb/fakeroot/mnt/sb’: Read-only file system
+ mount -o bind /mnt/sb/sandbox /mnt/sb/fakeroot/mnt/sb/sandbox
mount: /mnt/sb/fakeroot/mnt/sb/sandbox: mount point does not exist.
       dmesg(1) may have more information after failed mount system call.
+ mount -o rbind /dev /mnt/sb/fakeroot/dev
+ mount -t sysfs none /mnt/sb/fakeroot/sys
+ mount -t proc none /mnt/sb/fakeroot/proc
+ mount -o bind /tmp /mnt/sb/fakeroot/tmp
+ cp /usr/share/sandbox/lxc /usr/share/sandbox/wmexit /usr/share/sandbox/xwin /mnt/sb/fakeroot/usr/bin
+ echo -e '\nexport PS1="sandbox# "'

export PS1="sandbox# "
+ echo -e '\nexport PS1="sandbox# "'
./lunchbox4.sh: line 131: /mnt/sb/fakeroot/etc/shinit: Read-only file system
+ sed -i -e '/^PS1/ s/^.*$/PS1="sandbox# "/' /mnt/sb/fakeroot/etc/profile.local
+ echo '[the vasty deep awaits ye] ... '
[the vasty deep awaits ye] ... 
+ '[' 1 ']'
+ echo 'Warning: sandbox runing in chroot-mode; if this does not work, check your'
Warning: sandbox runing in chroot-mode; if this does not work, check your
+ echo 'boot parameters (you may need to boot with '\''pfix=nocopy'\'' in order to use sandbox)'
boot parameters (you may need to boot with 'pfix=nocopy' in order to use sandbox)
+ echo

+ echo 'sandbox will start now - exit from the shell to leave the sandbox.'
sandbox will start now - exit from the shell to leave the sandbox.
+ echo 'chroot /mnt/sb/fakeroot /bin/bash [in 5 seconds...]'
chroot /mnt/sb/fakeroot /bin/bash [in 5 seconds...]
+ echo

+ sleep 5
+ chroot /mnt/sb/fakeroot /bin/bash
./lunchbox4.sh: line 161: 14077 Segmentation fault      chroot "$FAKEROOT" "${@:-sh}"
+ sleep 5
+ umount -l /mnt/sb/fakeroot
+ rm -R /mnt/sb/fakeroot
+ echo

+ echo 'UNMOUNT! in 10 seconds...'
UNMOUNT! in 10 seconds...
+ sleep 10
+ umountall
Unmounting /mnt/sb/fakeroot/mnt/sb/sandbox
Unmounting /mnt/sb/fakeroot
UNMOUNTED! by unmountall
+ echo Done.
Done.
+ sleep 10
#

output in namespace mode...

Code: Select all

# bash -x ./lunchbox4.sh /bin/bash
+ . /etc/BOOTSTATE
++ GENUINE_FATDOG_INITRD=true
++ AUFS_ROOT=/aufs
++ BASELINE_MOUNT=/aufs/pup_init
++ MODULE_SFS_MOUNT=/aufs/kernel-modules
++ SAVE_DEV_PROTO=/aufs/devsave
++ SAVEFILE_PROTO=/fd64save.ext4
++ MULTI_PREFIX=multi-
++ BASE_SFS_MOUNT=/aufs/pup_ro
++ SAVEFILE_MOUNT=/aufs/pup_save
++ SAVE_DEV_MOUNT=/aufs/devsave
++ BASE_SFS_PATH=/fd64.sfs
++ SAVEFILE_PATH=fd64save-20240521
++ SAVEFILE_DEVICE=/dev/sda4
++ SAVEFILE_BIND=true
++ AUFS_ROOT_ID=si_d838a1a5bf16dcd7
+ '[' '' ']'
+ XTERM=defaultterm
+ SANDBOX_ROOT=/mnt/sb
+ FAKEROOT=/mnt/sb/fakeroot
+ SANDBOX_TMPFS=/mnt/sb/sandbox
+ SANDBOX_ID=
++ mktemp -p /tmp
+ TMPFILE=/tmp/tmp.NdktXXJl9V
+ echo 'FAKEROOT: /mnt/sb/fakeroot'
FAKEROOT: /mnt/sb/fakeroot
+ echo 'SANDBOX_TMPFS: /mnt/sb/sandbox'
SANDBOX_TMPFS: /mnt/sb/sandbox
+ trap umountall 1
++ id -u
+ '[' 0 -ne 0 ']'
+ grep -q /mnt/sb /sys/fs/aufs/si_d838a1a5bf16dcd7/br0
+ case "$1" in
+ '[' -t 0 ']'
+ '[' -t 0 ']'
+ grep -q /mnt/sb/fakeroot /proc/mounts
+ '[' -z si_d838a1a5bf16dcd7 ']'
++ awk '{print $0, "[ ]"}'
++ ls /mnt/sda4/32bit-fd64_813.sfs /mnt/sda4/32bit-fd64_901.sfs /mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs /mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs /mnt/sda4/fd64-devx_813.sfs /mnt/sda4/fd64-devx_901.sfs /mnt/sda4/fd64.sfs /mnt/sda4/google-earth-2019.02.sfs /mnt/sda4/kernel-source-5.19.14.sfs /mnt/sda4/kernel-source-6.1.46.sfs /mnt/sda4/signal-6.20.0.sfs /mnt/sda4/wine-7.11-i686-1.sfs /mnt/sda4/wine-8.6-i686-1.sfs /mnt/sda4/xfce-4.18-x86_64.sfs /mnt/sda4/zoom-5.15.3-x86_64.sfs
+ items='/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
/mnt/sda4/compiz-reloaded-0.8.16-x86_64-2.sfs [ ]
/mnt/sda4/compiz-reloaded-2024.02-x86_64-1.sfs [ ]
/mnt/sda4/fd64-devx_813.sfs [ ]
/mnt/sda4/fd64-devx_901.sfs [ ]
/mnt/sda4/fd64.sfs [ ]
/mnt/sda4/google-earth-2019.02.sfs [ ]
/mnt/sda4/kernel-source-5.19.14.sfs [ ]
/mnt/sda4/kernel-source-6.1.46.sfs [ ]
/mnt/sda4/signal-6.20.0.sfs [ ]
/mnt/sda4/wine-7.11-i686-1.sfs [ ]
/mnt/sda4/wine-8.6-i686-1.sfs [ ]
/mnt/sda4/xfce-4.18-x86_64.sfs [ ]
/mnt/sda4/zoom-5.15.3-x86_64.sfs [ ]'
+ '[' -z '/mnt/sda4/32bit-fd64_813.sfs [ ]
/mnt/sda4/32bit-fd64_901.sfs [ ]
 tmpfs sandbox
 ──────────────────────────────────────────────────────────────────────────────
         ┌─────────────────────sandbox config───────────────────────┐
+ '[' -z /mnt/sda4/fd64.sfs ']'
+ robranches=
+ for a in $chosen
+ robranches=' /mnt/sda4/fd64.sfs'
+ rm /tmp/tmp.NdktXXJl9V
+ mkdir -p /mnt/sb/fakeroot /mnt/sb/sandbox /mnt/sb/fakeroot/etc /mnt/sb/fakeroot/dev /mnt/sb/fakeroot/sys /mnt/sb/fakeroot/proc /mnt/sb/fakeroot/tmp
+ '[' '!' -w /mnt/sb/fakeroot/etc ']'
+ '[' '!' -w /mnt/sb/fakeroot/dev ']'
+ '[' '!' -w /mnt/sb/fakeroot/sys ']'
+ '[' '!' -w /mnt/sb/fakeroot/proc ']'
+ '[' '!' -w /mnt/sb/fakeroot/tmp ']'
+ ls -ld /mnt/sb/fakeroot
drwxr-xr-x 7 root root 4096 May 22 21:45 /mnt/sb/fakeroot
+ mount -o remount,rw /mnt/sb/fakeroot
mount: /mnt/sb/fakeroot: mount point not mounted or bad option.
       dmesg(1) may have more information after failed mount system call.
+ echo 'Remounted /mnt/sb/fakeroot as read-write'
Remounted /mnt/sb/fakeroot as read-write
+ for sfs_file in $chosen
+ mount -o loop /mnt/sda4/fd64.sfs /mnt/sb/fakeroot
+ echo 'Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot'
Mounted /mnt/sda4/fd64.sfs to /mnt/sb/fakeroot
+ mkdir -p /mnt/sb/fakeroot/mnt/sb/sandbox
mkdir: cannot create directory ‘/mnt/sb/fakeroot/mnt/sb’: Read-only file system
+ mount -o bind /mnt/sb/sandbox /mnt/sb/fakeroot/mnt/sb/sandbox
mount: /mnt/sb/fakeroot/mnt/sb/sandbox: mount point does not exist.
       dmesg(1) may have more information after failed mount system call.
+ mount -o rbind /dev /mnt/sb/fakeroot/dev
+ mount -t sysfs none /mnt/sb/fakeroot/sys
+ mount -t proc none /mnt/sb/fakeroot/proc
+ mount -o bind /tmp /mnt/sb/fakeroot/tmp
+ cp /usr/share/sandbox/lxc /usr/share/sandbox/wmexit /usr/share/sandbox/xwin /mnt/sb/fakeroot/usr/bin
+ echo -e '\nexport PS1="sandbox# "'

export PS1="sandbox# "
+ echo -e '\nexport PS1="sandbox# "'
./lunchbox4.sh: line 131: /mnt/sb/fakeroot/etc/shinit: Read-only file system
+ sed -i -e '/^PS1/ s/^.*$/PS1="sandbox# "/' /mnt/sb/fakeroot/etc/profile.local
+ echo '[the vasty deep awaits ye] ... '
[the vasty deep awaits ye] ... 
+ '[' '' ']'
+ command -v unshare
+ echo 'Notice: sandbox will try to run in a namespace ... '
Notice: sandbox will try to run in a namespace ... 
+ echo ' ... if this does not work it'\''s your business not ours!'
 ... if this does not work it's your business not ours!
+ echo

+ command -v dumb-init
+ dumb-init unshare -pf --mount-proc chroot /mnt/sb/fakeroot /bin/bash
bash: cannot set terminal process group (-1): Inappropriate ioctl for device
bash: no job control in this shell
+ echo

+ echo 'UNMOUNT! in 10 seconds...'
UNMOUNT! in 10 seconds...
+ sleep 10
+ umountall
Unmounting /mnt/sb/fakeroot/mnt/sb/sandbox
Unmounting /mnt/sb/fakeroot
UNMOUNTED! by unmountall
+ echo Done.
Done.
+ sleep 10
# 
Screenshot(2).jpg
Screenshot(2).jpg (112.14 KiB) Viewed 894 times
jamesbond
Posts: 717
Joined: Tue Aug 11, 2020 3:02 pm
Location: The Pale Blue Dot
Has thanked: 124 times
Been thanked: 402 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by jamesbond »

@devildog the sequence of events that must happen, once you have the list of selected SFS:
1. loop-mount them in a certain set of directories
2. construct of an aufs or overlayfs mount, which consist of a read-write layer at the top, and all the directories (which were mounted with SFS in the previous step)
3. add certain necessary virtual filesystem (proc, sysfs, dev, devpts)
4. and finally chroot into it.
When you're done, just undo the steps in the reverse order.

The read-write layer can simply be tmpfs (=RAM) if you don't need want to preserve the changes, or somewhere in the filesystem if you want to preserve it.

In case of the original rw-sandbox.sh, we skip (1) since we're using an already mounted SFS. The list of the directories where these SFS are mounted is given in /sys/fs/aufs, you can see them by doing grep . /sys/fs/aufs/*/br[0-9]*; but in your case, since you want to use SFS-es which aren't mounted, you need to do (1) yourself. The remaining part of 2,3,4 should be identical what what it already is.

That's as far as I can help right now. I do want to make something like what you want to do as well, but right now not enough time (and motivation).

devildog
Posts: 25
Joined: Thu Jul 08, 2021 11:28 am
Has thanked: 9 times
Been thanked: 2 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by devildog »

Extremely kind of you to try and explain - must admit don't really understand aufs but will have another look at this in terms of a simple script that makes the changes I know I want. Once that works I will re-do the lines above.

:)

jamesbond
Posts: 717
Joined: Tue Aug 11, 2020 3:02 pm
Location: The Pale Blue Dot
Has thanked: 124 times
Been thanked: 402 times

Re: psandbox.sh - Mount a puppy in a chroot

Post by jamesbond »

@devildog - the script that you want is now available in Fatdog64 902. It is called sfs-sandbox.sh. It works with both aufs and overlayfs (it uses aufs by default). The so-called "SFS" can be real SFS, other kind of image files, or even folders/directories.

Post Reply

Return to “Programming”