Running glibc programs: Difference between revisions
(Update Chroot + Bubblewrap with X11 instructions and umount bindings.) |
(Add info relating to permissions for X11) |
||
Line 166: | Line 166: | ||
To run programs that use X11/Xorg you can use: | To run programs that use X11/Xorg you can use: | ||
{{cmd|$ alias glibcX11{{=}}"LANG{{=}}en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"}} | {{cmd|$ alias glibcX11{{=}}"LANG{{=}}en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"}} | ||
In this case you might need to use xhost to allow local connections, e.g.: | |||
{{cmd|# xhost + local:}} | |||
Now we can invoke glibc-built binaries like so: | Now we can invoke glibc-built binaries like so: | ||
{{cmd|$ glibc ./binary}} | {{cmd|$ glibc ./binary}} or {{cmd|$ glibcX11 ./binary}} | ||
For updating the Chroot or installing dependencies we can mount it and then login as root: | For updating the Chroot or installing dependencies we can mount it and then login as root: |
Revision as of 00:44, 3 March 2024
If you want to run glibc programs in Alpine Linux, there are a few ways of doing so. You can install the gcompat compatibility layer, you can install glibc alongside musl (manually, as it isn't packaged), or you could do it the easy way and use either Flatpak (the easiest), containers or a chroot.
Because there are different use cases, this is just a slight overview about what's possible and what's sensible.
Your options
gcompat
gcompat is the go-to compatibility layer for Alpine users.
apk add gcompat
After that you run your binaries as normal.
Flatpak
Flatpak is by far the easiest method of running any graphical glibc program on Alpine. Firstly install it.
apk add flatpak
Then you can run any Flatpak application:
flatpak run <flatpak name>
It is recommended to enable Flathub using its instructions here, as most glibc programs you might need will be packaged there.
You can then install applications from it, for example:
flatpak install com.valvesoftware.Steam
Chroot
An option that's easier to generalize to other glibc applications is installing a glibc-based distribution into a chroot. You can then either chroot into it, or use a symlink and some configuration to make its glibc (and associated libraries) usable from Alpine.
After setting up a chroot using any of the methods described below, the loader can be set up in Alpine like so (these instructions are for a Debian chroot in /var/chroots/debian, on x86_64, but can be adapted to other systems by using the appropriate paths):
mkdir -p /lib64 ln -s /var/chroots/debian/lib/x86_64-linux-gnu/ld-2.33.so /lib64 printf '/var/chroots/debian/lib/x86_64-linux-gnu\n/var/chroots/debian/usr/lib/x86_64-linux-gnu\n' > /etc/ld.so.conf /var/chroots/debian/sbin/ldconfig
Gentoo Linux
Select a stage3 from here and portage latest from here at gentoo/snapshots/portage-latest.tar.xz.
First,
doas apk add xz
Enter the chroot:
mkdir ~/chroot cd ~/chroot tar -xvf stage3-*.tar.xz tar -xvf portage-latest.tar.xz mv portage usr doas mount --bind /dev dev doas mount --bind /sys sys doas mount -t proc proc proc cp /etc/resolv.conf etc doas chroot . /bin/bash
And voilà, you have your working Gentoo chroot!
You can now take a look at Gentoo's Handbook to find out how you can configure and install your system, or simply extract/copy the program you need to run in your chroot enviroment and execute it.
Here is a wrapper script that is similar to arch-chroot
when you frequently reuse this chroot:
Also, create an account with the same user name as host current user to the chroot or make changes to the userspec option to chroot line.
Contents of gentoo-chroot.sh
Do at chmod +x gentoo-chroot.sh
to get it to work.
Arch Linux
Either use pacstrap (included with the arch-install-scripts package) or an Arch bootstrap image:
doas apk add arch-install-scripts mkdir ~/chroot && cd ~/chroot curl -O https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-bootstrap-x86_64.tar.gz doas tar xzf archlinux-bootstrap-x86_64.tar.gz && rm archlinux-bootstrap-x86_64.tar.gz doas sed -i '/evowise/s/^#//' root.x86_64/etc/pacman.d/mirrorlist doas sed -i '/CheckSpace/s/^/#/' root.x86_64/etc/pacman.conf doas arch-chroot root.x86_64 [chroot]# pacman-key --init [chroot]# pacman-key --populate archlinux
Once that is done, update the system and install the desired package(s) (denoted by "foo" in this example):
[chroot]# pacman -Syu foo
Debian
Use the provided debootstrap package to create the Debian chroot. --arch
is optional, depending of your needs.
On the linux-grsec kernel, you will need to relax chroot limitations:
sudo apk add debootstrap for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 0 | sudo tee $i; done mkdir ~/chroot sudo debootstrap --arch=i386 wheezy ~/chroot https://deb.debian.org/debian/ for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 1 | sudo tee $i; done sudo chroot ~/chroot /bin/bash
You can now use apt-get
to install needed packages.
Containers
It's also possible to use Docker or Podman containers with a helper like Distrobox. This allows using graphical programs easily and doesn't require root privileges once set up.
# apk add distrobox
Distrobox + Podman
# apk add podman
Then set up rootless Podman, following these steps. You'll need to mount your root as shared for Distrobox to function.
Fill in /etc/local.d/mount-rshared.start like so:
#!/bin/sh mount --make-rshared /
Mark it as executable.
# chmod +x /etc/local.d/mount-rshared.start
Then autostart its service.
# rc-update add local default # rc-service local start
Finally you can create a container using your chosen image.
$ distrobox create --image debian --name debian $ distrobox enter debian
It may also be necessary to allow X authorization for GUI programs to work.
$ xhost +si:localuser:$USER
Chroot + Bubblewrap
It's also possible to use a Debian system chroot with Bubblewrap. This allows running programs without root.
# apk add bubblewrap debootstrap # mkdir -p /var/chroots/debian # debootstrap --arch amd64 stable /var/chroots/debian/ https://deb.debian.org/debian
Finally we can make an alias for bwrap.
$ alias glibc="LANG=en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group"
To run programs that use X11/Xorg you can use:
$ alias glibcX11="LANG=en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"
In this case you might need to use xhost to allow local connections, e.g.:
# xhost + local:
Now we can invoke glibc-built binaries like so:
$ glibc ./binary
or
$ glibcX11 ./binary
For updating the Chroot or installing dependencies we can mount it and then login as root:
# mount --bind /dev /var/chroots/debian/dev # mount --bind /proc /var/chroots/debian/proc # chroot /var/chroots/debian /bin/bash # apt update && apt upgrade
After installing what you might want to umount the binds for dev and proc to avoid issues.
#umount /var/chroots/debian/dev
#umount /var/chroots/debian/proc