Hi fans,
I would like to announce that I have just released [Uglendix][1] to
docker hub. 🐋 (whale emoji - sorry, I had to.)
You can enjoy two images, docker.io/arusekk/uglendix:9legacy and
docker.io/arusekk/uglendix:9front.
If there is interest in historical releases of Plan 9 from Bell Labs, I
can add them, too. They will probably work just as well, userspace does
not bit rot.
They allow performing some basic compilation tasks, but are currently
limited by several Docker deficiencies like the following:
- Docker mounts sysfs on /sys (pretty sure it cannot be disabled).
Workaround:
docker run --cap-add SYS_ADMIN arusekk/uglendix
and then unmount /sys inside
- Docker disallows any mounts by default, so there is no /bin union.
Partial workaround: $path is set accordingly.
- There is no /srv by default, for the same reason. Workaround: add
CAP_SYS_ADMIN and run /usr/libexec/uglendix-devsrv (not tested)
There are also some Uglendix deficiencies:
- There is no /net. I currently have some half-baked chimera from
drawterm and vncs in the source tree, but it requires manual compilation
and transplant of several components. Only usable for testing, not in
the image (yet).
- There is no devproc, but there is procfs.
- There are unions, but emulated via overlayfs, with its quirks.
Overlayfs broke my assumptions surprisingly often, so take caution.
Notably, it does not support layer contents changing while mounted.
- There is no /env. This is not a problem normally, a 'plain' filesystem
works even for rebuilding the whole 9front, as long as NPROC=1, but
still missing.
- There is no /dev/draw, /dev/mouse, /dev/cons, no '#something' paths.
Not even sure what uses these for real.
- v9fs is used; 9pfuse from plan9port would probably be better for
correctness, but worse for performance.
And finally there are some Linux (v9fs) weaknesses (or strengths, it
depends):
- procfs is not devproc
- v9fs is not transparent 9p, it assumes disk files, it cannot write to
a file while reading it, it loses uids/gids, it loses error messages, it
loses short reads and short writes, it loses everything (some kernel
patches available in the repo);
- Linux is not 9, Linux is not 9k
- Uglendix seriously strains Linux security model
- Linux has more hardware drivers
That's about the downsides, the upside is you can cd around and ls
around, and explore the system.
You almost certainly want --cap-add SYS_ADMIN for almost anything
serious, because otherwise you have no control over your namespace.
There are some other miniprojects I did using Uglendix in its earlier
versions (=not docker), including typesetting its IWP9 paper (in the
[repo][1]), developing a [bitfields patch][2] with Jonas Amoson, and
testing a [Ghidra patch][3] for plan9 binaries.
Please let me know what you think, and how to improve the docker image
to be actually useful with little extra effort for some quick-and-dirty
CI/CD maybe. If you have any questions, try to start with the README,
but I will also be happy to answer.
Have fun!
Arusekk
[1]: https://sr.ht/~arusekk/uglendix
[2]: https://git.sr.ht/~arusekk/9front/commit/kenccbitfields5.patch
[3]: https://github.com/NationalSecurityAgency/ghidra/pull/8218
------------------------------------------
9fans: 9fans
Permalink:
https://9fans.topicbox.com/groups/9fans/T042d47d00253333c-M95de9e31093a382ea7be5be2
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
