Michael Stone
2009-04-12 19:44:40 UTC
Folks,
I've put together a new rainbow release, rainbow-0.8.4,
http://wiki.laptop.org/go/Rainbow
http://dev.laptop.org/~mstone/releases/SOURCES/rainbow-0.8.4.tar.bz2
with three tasty new features which I think you might enjoy.
New Features
------------
1) support for reusing existing containers (uids)
(this should be particularly useful for sugar since it gives activities
persistent $HOME dirs where they may save their configuration.)
rainbow-run option: "-r 10001"
2) better data-sharing functionality through isolated "topic dirs"
(these are just groups and matching setgid group-writable directories
like "movies" or "banking" which have both owning uids and isolated uids
as their members -- think of sugar's per-bundle "$SAR/data" dirs)
rainbow-run option: "-i movies -i banking"
3) experimental support for generating nested Xephyr X servers
(mainly as a thought experiment)
rainbow-run option: "-o xephyr"
Quality
-------
This code is NOT KNOWN TO BE CORRECT [secure]. It just passes my most primitive
smoke tests. Therefore, please try it out and send me bug reports so that it
can one day become production-quality or, if you're feeling adventurous, do
some code-review (patch-level, module-level, whatever...) or test-case
submission (automated or otherwise) yourself so that we can all laugh at my
silly mistakes now instead of crying over them in the future. (Obviously, I'd
be happy to review patches that you send to me as well.)
code: http://dev.laptop.org/git/users/mstone/security
tests: mainly the example scripts on the wiki page
Compatibility
-------------
This code is definitely not backwards compatible with previous APIs.
The biggest compatibility-breaking changes that I presently know about are:
a) I no longer generate $HOME/{data,instance,tmp} since there's plugin-like
functionality which can be used to do so when it's necessary and because:
* "data" is subsumed by the "topic dirs" described above.
* "instance" was a design mistake which is finally fixed by support for
writable persistent $HOME dirs and container reuse
* "tmp" was removed because I'm not sure how to implement it correctly
and because $TMPDIR, /tmp, and /var/tmp are good enough for me at the
moment.
At any rate, I /think/ that Sugar activities which now require these dirs
can be made to work without modification with a little bit of
plugin-development by me and the Sugar team; my goal at the moment is to
make sure that rainbow is generally useful and that new activities can be
written against a less-contrived API.
b) I'm sure that I've broken rainbow's "options" support for things like
strace, constant-uid, and serial usage. (This should be easy to fix; I
just decided that I want to ship the rest of this code "sooner" rather
than "later".)
Regards from Santorini,
Michael
I've put together a new rainbow release, rainbow-0.8.4,
http://wiki.laptop.org/go/Rainbow
http://dev.laptop.org/~mstone/releases/SOURCES/rainbow-0.8.4.tar.bz2
with three tasty new features which I think you might enjoy.
New Features
------------
1) support for reusing existing containers (uids)
(this should be particularly useful for sugar since it gives activities
persistent $HOME dirs where they may save their configuration.)
rainbow-run option: "-r 10001"
2) better data-sharing functionality through isolated "topic dirs"
(these are just groups and matching setgid group-writable directories
like "movies" or "banking" which have both owning uids and isolated uids
as their members -- think of sugar's per-bundle "$SAR/data" dirs)
rainbow-run option: "-i movies -i banking"
3) experimental support for generating nested Xephyr X servers
(mainly as a thought experiment)
rainbow-run option: "-o xephyr"
Quality
-------
This code is NOT KNOWN TO BE CORRECT [secure]. It just passes my most primitive
smoke tests. Therefore, please try it out and send me bug reports so that it
can one day become production-quality or, if you're feeling adventurous, do
some code-review (patch-level, module-level, whatever...) or test-case
submission (automated or otherwise) yourself so that we can all laugh at my
silly mistakes now instead of crying over them in the future. (Obviously, I'd
be happy to review patches that you send to me as well.)
code: http://dev.laptop.org/git/users/mstone/security
tests: mainly the example scripts on the wiki page
Compatibility
-------------
This code is definitely not backwards compatible with previous APIs.
The biggest compatibility-breaking changes that I presently know about are:
a) I no longer generate $HOME/{data,instance,tmp} since there's plugin-like
functionality which can be used to do so when it's necessary and because:
* "data" is subsumed by the "topic dirs" described above.
* "instance" was a design mistake which is finally fixed by support for
writable persistent $HOME dirs and container reuse
* "tmp" was removed because I'm not sure how to implement it correctly
and because $TMPDIR, /tmp, and /var/tmp are good enough for me at the
moment.
At any rate, I /think/ that Sugar activities which now require these dirs
can be made to work without modification with a little bit of
plugin-development by me and the Sugar team; my goal at the moment is to
make sure that rainbow is generally useful and that new activities can be
written against a less-contrived API.
b) I'm sure that I've broken rainbow's "options" support for things like
strace, constant-uid, and serial usage. (This should be easy to fix; I
just decided that I want to ship the rest of this code "sooner" rather
than "later".)
Regards from Santorini,
Michael