From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.6 Received: from atuin.qyliss.net (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id D6C3A534B3; Tue, 6 Dec 2022 20:13:08 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id AD49D53462; Tue, 6 Dec 2022 20:13:05 +0000 (UTC) Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) by atuin.qyliss.net (Postfix) with ESMTPS id E43CF5345D for ; Tue, 6 Dec 2022 20:13:01 +0000 (UTC) Received: by mail-lf1-x12c.google.com with SMTP id c1so25432733lfi.7 for ; Tue, 06 Dec 2022 12:13:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unikie.com; s=google; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=QtlG0Ic6ITxsYFyA7XMmK+hHNRa6H6W6J/190C3VXf8=; b=KFrylrVX6q+quUpQLnyWJ7bxU7QHcGQ+9oQhySsKL23JHePKD/u5ulwryiKIDThh+e ASLIZHYC1dGx1leN7m6/2JapcQt7dajO0/Rc/D5dJYJv7dvuxpNh6MUctlV6WvHWVEvR Ce/ipTMHd0hpuWFQmOW+ir5wo3dCDPm2J8Uc7CzOpVKSvNIY0P/2yiUPNtlKoVuDVNgd IZw+pqt4sDowoROzdwO5nx5qaqe8uhd4AcSWEX70kJXtWkS+2dmn3Fm2CVvgCJ23X364 jMLMF1Xx1WF2XxHbHR9Ik77kdZeTHoFPAQT32fwPYYapD2CDhO8/GnIlnig+9L/LMJlT 8Xnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:references:message-id:content-transfer-encoding:cc:date :in-reply-to:from:subject:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QtlG0Ic6ITxsYFyA7XMmK+hHNRa6H6W6J/190C3VXf8=; b=KcGY7yj1gliCTQ0RLDS0Ivw6dJ35eQnGSj+jIA3K9V1wuEST2GppFjKePUlmCusiyk hugM0gaXYG0oxQuidYdq4BdfQSBdgTtZ5PtJ0JLShMZhd/adRpDytyME55n3FfwvyF7F 2bfhY64B0cy7RGvM4zERrM/k0yhKYAVa3yULKTYrHHgcCbZ80RVswD2RzIkt2vqh4UZ1 fRkzuk+Brd/tCU4GL/ZnBkS9k8K1DHEKa5L6MeIRuyBqDRk62UN2ppJSIfr1h5hNOTwL hir9UbV4lkl0pOjnRrQQ/ZBd+nZc+DIr9ikd0u8YXttFWsWkdFGpwy6MOQpmD5K5m/bF G1hg== X-Gm-Message-State: ANoB5pm6SFUxu1acQoP+FMNf1AKeaayptRMYdAtik6XZPyLoJhiGY/m9 jZFyLEbrMLAUsJORuUCsu6be8W8mvLENjZjB X-Google-Smtp-Source: AA0mqf4cGFYPY4FD/MpncR0EDrQc8CaMX+/QVQ42q6LtsG9HttYROxz7eoAuFrEgVoJqn7qfZoBLIQ== X-Received: by 2002:a05:6512:a88:b0:4a0:2b7b:3f27 with SMTP id m8-20020a0565120a8800b004a02b7b3f27mr28316901lfu.443.1670357581141; Tue, 06 Dec 2022 12:13:01 -0800 (PST) Received: from smtpclient.apple (88-114-171-198.elisa-laajakaista.fi. [88.114.171.198]) by smtp.gmail.com with ESMTPSA id t17-20020a2e4611000000b002799d097c02sm1774613lja.32.2022.12.06.12.13.00 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Dec 2022 12:13:00 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.200.110.1.12\)) Subject: Re: Firefox appVM patches and appVM refactoring From: Vadim Likholetov In-Reply-To: <20221206171022.5kwkddpjet3q7ks4@x220> Date: Tue, 6 Dec 2022 22:12:49 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20221206152011.lhk7jc64nqtkd7xo@x220> <20221206171022.5kwkddpjet3q7ks4@x220> To: Alyssa Ross X-Mailer: Apple Mail (2.3731.200.110.1.12) Message-ID-Hash: EPJ6Y5CTPZ7JQ25RHCM4M4AL77ALO24W X-Message-ID-Hash: EPJ6Y5CTPZ7JQ25RHCM4M4AL77ALO24W X-MailFrom: vadim.likholetov@unikie.com X-Mailman-Rule-Hits: header-match-devel.spectrum-os.org-0 X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1 CC: devel@spectrum-os.org X-Mailman-Version: 3.3.5 Precedence: list List-Id: Patches and low-level development discussion Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: I=E2=80=99ll try to explain =E2=80=94 running as user is not just = dropping the priviledges, it is about preparing the environment - making = home directory, fixing permissions, allocating pty-s in case of = interactive sessions, setting environment variables. Many system daemons like dbus, pipewire , etc has their system-level = and user-level parts and we should manage this separately =E2=80=94 and = it is our nearest future if we want some complex user environments to = run on Spectrum, and possibly the packages for this daemons will extend = this environment transparent to the user. So it=E2=80=99s s another form of encapsulation like we discussed about = making a separate layer for wayland.=20 I=E2=80=99ve published the cloud-hypervisor patches for extra user = console device in my repository under -userconsole branch.=20 I=E2=80=99ll test it (or anyone can) for side effects and then we can = discuss if it worth to be used in Spectrum or pushed upstream of C-H. Here is the URL =E2=80=94 = https://github.com/vadika/cloud-hypervisor/tree/userconsole > On 6 Dec 2022, at 19:10, Alyssa Ross wrote: >=20 > On Tue, Dec 06, 2022 at 05:57:19PM +0200, Vadim Likholetov wrote: >> I=E2=80=99ve done this =E2=80=94 I have patched cloud-hypervisor to = have >> three console devices =E2=80=94 serial, console and user-console, but = than >> decided that this patches will never go to C-H mainline so got back >> with more traditional approach with tmux :) >=20 > I'd be pretty optimistic about the chances of a patch that just made = it > so you could provide multiple consoles the same way you can provide > multiple block devices. Like "--console pty = file=3D/path/to/console.out" > on the command like to make two consoles, one going to a pty and the > other to a file. >=20 > In Spectrum, the way I'd see such an approach working is that by = default > there'd be a single console that gave you a shell inside the VM, and = if > you needed other consoles for other reasons (e.g. if you had an > application running on the console, like Lynx) you'd configure another > console in the VM configuration. But as we move more towards = graphical > applications, it will probably become rare to need a secondary console > for application interaction like that. >=20 > To get a non-root shell from the root console though, I think it > should be enough to just: >=20 > # s6-applyuidgid -u 1000 -g 1000 sh >=20 > (Adding tmux to the VM in development to be able to hop between = multiple > shell sessions would be a reasonable thing to do, of course.) >=20 >>> On 6 Dec 2022, at 17:20, Alyssa Ross wrote: >>>=20 >>> On Mon, Dec 05, 2022 at 12:42:35AM +0200, Vadim Likholetov wrote: >>>> Cloud-hypervisor has virtual hardware limitations -- it supports = only one >>>> console device and only one serial device. >>>> SpectrumOS is using serial device for kernel logs of appVM and = console >>>> device as a console. >>>> To have access both to root-executed part and to user-executed part = of the >>>> VM payload, I installed a tmux on console. >>>> Now, when you're running vm-console command you get access to the = tmux >>>> and have the ability to switch between root and user consoles, >>>> that can be useful during debugging VM payload. >>>=20 >>> I wonder what it would take to make cloud-hypervisor support = multiple >>> virtio-console devices=E2=80=A6 I suspect it wouldn't be too hard, = since it >>> already supports multiples of every other virtio device just fine=E2=80= =A6 >>=20 >>=20