Running glibc programs: Difference between revisions

From Alpine Linux
(Adding a description of how to use the chrooted glibc directly from the host, and cleaning up a bit)
m (Undo revision 27139 by Manoel (talk) remove self-promotion because people are complaining.)
Tag: Undo
 
(21 intermediate revisions by 7 users not shown)
Line 1: Line 1:
If you want to run [https://www.gnu.org/software/libc/ glibc] programs in Alpine Linux, there are a few ways of doing so. You can install the [https://git.adelielinux.org/adelie/gcompat gcompat] compatibility layer, you can install glibc alongside [https://musl.libc.org/ musl] (manually, as it isn't packaged), or you could do it the easy way and use either Flatpak (the easiest) or a chroot.<br>
If you want to run [https://www.gnu.org/software/libc/ glibc] programs in Alpine Linux, there are a few ways of doing so. You can install the [https://git.adelielinux.org/adelie/gcompat gcompat] compatibility layer, you can install glibc alongside [https://musl.libc.org/ musl] (manually, as it isn't packaged), or you could do it the easy way and use either Flatpak (the easiest), containers or a chroot.<br>


Because there are different use cases, this is just a slight overview about what's possible and what's sensible.<br>
Because there are different use cases, this is just a slight overview about what's possible and what's sensible.<br>


= Your options =
= Your options =
Line 8: Line 7:
== gcompat ==
== gcompat ==


[https://git.adelielinux.org/adelie/gcompat gcompat] is the go-to compatibility layer for Alpine users.
gcompat is the go-to compatibility layer for Alpine users.


  {{cmd|apk add gcompat}}
  {{cmd|apk add {{pkg|gcompat}}}}


After that you run your binaries as normal.
After that you run your binaries as normal.
Line 19: Line 18:
Firstly install it.
Firstly install it.


  {{cmd|doas apk add flatpak}}
  {{cmd|apk add {{pkg|flatpak}}}}


Then you can run any Flatpak application:
Then you can run any Flatpak application:
Line 37: Line 36:
After setting up a chroot using any of the methods described below, the loader can be set up in Alpine like so (these instructions are for a Debian chroot in /var/chroots/debian, on x86_64, but can be adapted to other systems by using the appropriate paths):
After setting up a chroot using any of the methods described below, the loader can be set up in Alpine like so (these instructions are for a Debian chroot in /var/chroots/debian, on x86_64, but can be adapted to other systems by using the appropriate paths):


mkdir -p /lib64
{{cmd|mkdir -p /lib64
ln -s /var/chroots/debian/lib/x86_64-linux-gnu/ld-2.33.so /lib64
ln -s /var/chroots/debian/lib/x86_64-linux-gnu/ld-2.33.so /lib64
printf '/var/chroots/debian/lib/x86_64-linux/gnu\n/var/chroots/debian/usr/lib/x86_64-linux-gnu\n' > /etc/ld.so.conf
printf '/var/chroots/debian/lib/x86_64-linux-gnu\n/var/chroots/debian/usr/lib/x86_64-linux-gnu\n' > /etc/ld.so.conf
/var/chroots/debian/sbin/ldconfig
/var/chroots/debian/sbin/ldconfig}}


=== Gentoo Linux ===
=== Gentoo Linux ===
Line 48: Line 47:
First,
First,


sudo apk add xz
{{cmd|doas apk add {{pkg|xz}}}}


Enter the chroot:
Enter the chroot:
mkdir ~/chroot
{{cmd|mkdir ~/chroot
cd ~/chroot
cd ~/chroot
tar -xvf stage3-*.tar.xz
tar -xvf stage3-*.tar.xz
tar -xvf portage-latest.tar.xz
tar -xvf portage-latest.tar.xz
mv portage usr
mv portage usr
sudo mount --bind /dev dev
doas mount --bind /dev dev
sudo mount --bind /sys sys
doas mount --bind /sys sys
sudo mount -t proc proc proc
doas mount -t proc proc proc
cp /etc/resolv.conf etc
cp /etc/resolv.conf etc
sudo chroot . /bin/bash
doas chroot . /bin/bash}}


And voilà, you have your working Gentoo chroot!<br>
And voilà, you have your working Gentoo chroot!<br>
Line 73: Line 72:
CHROOT_PATH="/home/$USER/chroot"
CHROOT_PATH="/home/$USER/chroot"
cd $CHROOT_PATH
cd $CHROOT_PATH
mount | grep $CHROOT_PATH/dev || sudo mount --bind /dev dev
mount | grep $CHROOT_PATH/dev || doas mount --bind /dev dev
mount | grep $CHROOT_PATH/sys || sudo mount --bind /sys sys
mount | grep $CHROOT_PATH/sys || doas mount --bind /sys sys
mount | grep $CHROOT_PATH/proc || sudo mount -t proc proc proc
mount | grep $CHROOT_PATH/proc || doas mount -t proc proc proc
cp /etc/resolv.conf etc
cp /etc/resolv.conf etc
sudo chroot --userspec=$USER:users . /bin/bash
doas chroot --userspec=$USER:users . /bin/bash
echo "You must manually unmount $CHROOT_PATH/dev, $CHROOT_PATH/sys, $CHROOT_PATH/proc."
echo "You must manually unmount $CHROOT_PATH/dev, $CHROOT_PATH/sys, $CHROOT_PATH/proc."
</nowiki>
</nowiki>
Line 88: Line 87:
Either use '''pacstrap''' (included with the arch-install-scripts package) or an Arch bootstrap image:
Either use '''pacstrap''' (included with the arch-install-scripts package) or an Arch bootstrap image:


  sudo apk add arch-install-scripts
{{cmd|doas apk add {{pkg|arch-install-scripts}}
  mkdir ~/chroot && cd ~/chroot
mkdir ~/chroot && cd ~/chroot
  curl -O https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-bootstrap-2021.04.01-x86_64.tar.gz{{dead link}}
curl -O https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-bootstrap-x86_64.tar.gz
  sudo tar xzf archlinux-bootstrap-2021.04.01-x86_64.tar.gz && rm archlinux-bootstrap-2021.04.01-x86_64.tar.gz
doas tar xzf archlinux-bootstrap-x86_64.tar.gz && rm archlinux-bootstrap-x86_64.tar.gz
  sudo sed -i '/evowise/s/^#//' root.x86_64/etc/pacman.d/mirrorlist
doas sed -i '/evowise/s/^#//' root.x86_64/etc/pacman.d/mirrorlist
  sudo sed -i '/CheckSpace/s/^/#/' root.x86_64/etc/pacman.conf
doas sed -i '/CheckSpace/s/^/#/' root.x86_64/etc/pacman.conf
  sudo arch-chroot root.x86_64
doas arch-chroot root.x86_64
  [chroot]# pacman-key --init
[chroot]# pacman-key --init
  [chroot]# pacman-key --populate archlinux
[chroot]# pacman-key --populate archlinux}}


Once that is done, update the system and install the desired package(s) (denoted by ''"foo"'' in this example):
Once that is done, update the system and install the desired package(s) (denoted by ''"foo"'' in this example):
    
    
  [chroot]# pacman -Syu ''foo''
{{cmd|[chroot]# pacman -Syu ''foo''}}


=== Debian ===
=== Debian ===
 
{{todo|gresec referencs need to be cleanly removed from this section.}}
Use the provided debootstrap package to create the Debian chroot. <code>--arch</code> is optional, depending of your needs.
Use the provided debootstrap package to create the Debian chroot. <code>--arch</code> is optional, depending of your needs.


Line 111: Line 110:
   for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 0 | sudo tee $i; done
   for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 0 | sudo tee $i; done
   mkdir ~/chroot
   mkdir ~/chroot
   sudo debootstrap --arch=i386 wheezy ~/chroot http://http.debian.net/debian/
   sudo debootstrap --arch=i386 wheezy ~/chroot https://deb.debian.org/debian/
   for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 1 | sudo tee $i; done
   for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 1 | sudo tee $i; done
   sudo chroot ~/chroot /bin/bash
   sudo chroot ~/chroot /bin/bash


You can now use <code>apt-get</code> to install needed packages.
You can now use <code>apt-get</code> to install needed packages.
== Containers ==
It's also possible to use Docker or Podman containers with a helper like Distrobox. This allows using graphical programs easily and doesn't require root privileges once set up.
{{cmd|# apk add {{pkg|distrobox}}}}
=== Distrobox + Podman ===
{{cmd|# apk add {{pkg|podman}}}}
Then set up rootless Podman, following [[Podman|these steps]].
You'll need to mount your root as shared for Distrobox to function.
Fill in {{path|/etc/local.d/mount-rshared.start}} like so:
{{cmd|#!/bin/sh
mount --make-rshared /}}
Mark it as executable.
{{cmd|# chmod +x /etc/local.d/mount-rshared.start}}
Then autostart its service.
{{cmd|# rc-update add local default
&#35; rc-service local start}}
Finally you can create a container using your chosen image.
{{cmd|$ distrobox create --image debian --name debian
$ distrobox enter debian}}
It may also be necessary to allow X authorization for GUI programs to work.
{{cmd|$ xhost +si:localuser:$USER}}
== Chroot + Bubblewrap ==
It's also possible to use a Debian system chroot with Bubblewrap. This allows running programs without root.
{{cmd|# apk add bubblewrap debootstrap
&#35; mkdir -p /var/chroots/debian
&#35; debootstrap --arch amd64 stable /var/chroots/debian/ https://deb.debian.org/debian}}
Finally we can make an alias for bwrap.
{{cmd|$ alias glibc{{=}}"LANG{{=}}en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group"}}
To run programs that use X11/Xorg you can use:
{{cmd|$ alias glibcX11{{=}}"LANG{{=}}en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"}}
In this case you might need to use xhost to allow local connections, e.g.:
{{cmd|# xhost + local:}}
Now we can invoke glibc-built binaries like so:
{{cmd|$ glibc ./binary}} or {{cmd|$ glibcX11 ./binary}}
For updating the Chroot or installing dependencies we can mount it and then login as root:
{{cmd|# mount --bind /dev /var/chroots/debian/dev
&#35; mount --bind /proc /var/chroots/debian/proc
&#35; chroot /var/chroots/debian /bin/bash
&#35; apt update && apt upgrade}}
After installing what you might want to umount the binds for dev and proc to avoid issues.
{{cmd|# umount /var/chroots/debian/dev}}
{{cmd|# umount /var/chroots/debian/proc}}


[[Category:Development]]
[[Category:Development]]
[[Category:Installation]]
[[Category:Installation]]

Latest revision as of 14:11, 30 October 2024

If you want to run glibc programs in Alpine Linux, there are a few ways of doing so. You can install the gcompat compatibility layer, you can install glibc alongside musl (manually, as it isn't packaged), or you could do it the easy way and use either Flatpak (the easiest), containers or a chroot.

Because there are different use cases, this is just a slight overview about what's possible and what's sensible.

Your options

gcompat

gcompat is the go-to compatibility layer for Alpine users.

apk add gcompat

After that you run your binaries as normal.

Flatpak

Flatpak is by far the easiest method of running any graphical glibc program on Alpine. Firstly install it.

apk add flatpak

Then you can run any Flatpak application:

flatpak run <flatpak name>

It is recommended to enable Flathub using its instructions here, as most glibc programs you might need will be packaged there.

You can then install applications from it, for example:

flatpak install com.valvesoftware.Steam

Chroot

An option that's easier to generalize to other glibc applications is installing a glibc-based distribution into a chroot. You can then either chroot into it, or use a symlink and some configuration to make its glibc (and associated libraries) usable from Alpine.

After setting up a chroot using any of the methods described below, the loader can be set up in Alpine like so (these instructions are for a Debian chroot in /var/chroots/debian, on x86_64, but can be adapted to other systems by using the appropriate paths):

mkdir -p /lib64 ln -s /var/chroots/debian/lib/x86_64-linux-gnu/ld-2.33.so /lib64 printf '/var/chroots/debian/lib/x86_64-linux-gnu\n/var/chroots/debian/usr/lib/x86_64-linux-gnu\n' > /etc/ld.so.conf /var/chroots/debian/sbin/ldconfig

Gentoo Linux

Select a stage3 from here and portage latest from here at gentoo/snapshots/portage-latest.tar.xz.

First,

doas apk add xz

Enter the chroot:

mkdir ~/chroot cd ~/chroot tar -xvf stage3-*.tar.xz tar -xvf portage-latest.tar.xz mv portage usr doas mount --bind /dev dev doas mount --bind /sys sys doas mount -t proc proc proc cp /etc/resolv.conf etc doas chroot . /bin/bash

And voilà, you have your working Gentoo chroot!

You can now take a look at Gentoo's Handbook to find out how you can configure and install your system, or simply extract/copy the program you need to run in your chroot enviroment and execute it.

Here is a wrapper script that is similar to arch-chroot when you frequently reuse this chroot:

Also, create an account with the same user name as host current user to the chroot or make changes to the userspec option to chroot line.

Contents of gentoo-chroot.sh

!/bin/bash CHROOT_PATH="/home/$USER/chroot" cd $CHROOT_PATH mount | grep $CHROOT_PATH/dev || doas mount --bind /dev dev mount | grep $CHROOT_PATH/sys || doas mount --bind /sys sys mount | grep $CHROOT_PATH/proc || doas mount -t proc proc proc cp /etc/resolv.conf etc doas chroot --userspec=$USER:users . /bin/bash echo "You must manually unmount $CHROOT_PATH/dev, $CHROOT_PATH/sys, $CHROOT_PATH/proc."

Do at chmod +x gentoo-chroot.sh to get it to work.

Arch Linux

Either use pacstrap (included with the arch-install-scripts package) or an Arch bootstrap image:

doas apk add arch-install-scripts mkdir ~/chroot && cd ~/chroot curl -O https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-bootstrap-x86_64.tar.gz doas tar xzf archlinux-bootstrap-x86_64.tar.gz && rm archlinux-bootstrap-x86_64.tar.gz doas sed -i '/evowise/s/^#//' root.x86_64/etc/pacman.d/mirrorlist doas sed -i '/CheckSpace/s/^/#/' root.x86_64/etc/pacman.conf doas arch-chroot root.x86_64 [chroot]# pacman-key --init [chroot]# pacman-key --populate archlinux

Once that is done, update the system and install the desired package(s) (denoted by "foo" in this example):

[chroot]# pacman -Syu foo

Debian

Todo: gresec referencs need to be cleanly removed from this section.


Use the provided debootstrap package to create the Debian chroot. --arch is optional, depending of your needs.

On the linux-grsec kernel, you will need to relax chroot limitations:

 sudo apk add debootstrap
 for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 0 | sudo tee $i; done
 mkdir ~/chroot
 sudo debootstrap --arch=i386 wheezy ~/chroot https://deb.debian.org/debian/
 for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 1 | sudo tee $i; done
 sudo chroot ~/chroot /bin/bash

You can now use apt-get to install needed packages.

Containers

It's also possible to use Docker or Podman containers with a helper like Distrobox. This allows using graphical programs easily and doesn't require root privileges once set up.

# apk add distrobox

Distrobox + Podman

# apk add podman

Then set up rootless Podman, following these steps. You'll need to mount your root as shared for Distrobox to function.

Fill in /etc/local.d/mount-rshared.start like so:

#!/bin/sh mount --make-rshared /

Mark it as executable.

# chmod +x /etc/local.d/mount-rshared.start

Then autostart its service.

# rc-update add local default # rc-service local start

Finally you can create a container using your chosen image.

$ distrobox create --image debian --name debian $ distrobox enter debian

It may also be necessary to allow X authorization for GUI programs to work.

$ xhost +si:localuser:$USER

Chroot + Bubblewrap

It's also possible to use a Debian system chroot with Bubblewrap. This allows running programs without root.

# apk add bubblewrap debootstrap # mkdir -p /var/chroots/debian # debootstrap --arch amd64 stable /var/chroots/debian/ https://deb.debian.org/debian

Finally we can make an alias for bwrap.

$ alias glibc="LANG=en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group"

To run programs that use X11/Xorg you can use:

$ alias glibcX11="LANG=en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"

In this case you might need to use xhost to allow local connections, e.g.:

# xhost + local:

Now we can invoke glibc-built binaries like so:

$ glibc ./binary

or

$ glibcX11 ./binary

For updating the Chroot or installing dependencies we can mount it and then login as root:

# mount --bind /dev /var/chroots/debian/dev # mount --bind /proc /var/chroots/debian/proc # chroot /var/chroots/debian /bin/bash # apt update && apt upgrade

After installing what you might want to umount the binds for dev and proc to avoid issues.

# umount /var/chroots/debian/dev

# umount /var/chroots/debian/proc