SlideShare uma empresa Scribd logo

PRoot improved kernel compatibility

C
cvinc02
Tecnologia
1 de 12
Baixar para ler offline
Running programs from a recent guest distro on an obsolete host distro
Why would you do such a thing? •Validate programs for the guest distro •Use programs available only for the guest distro •Publish programs with their original environment for the sake of reproducibility (CARE, CDE) •… 2
How could you do such a thing? • Full virtualisation : virtual hardware booting the guest OS (VirtualBox, VMWare, …) • Partial virtualisation : guest programs requests are redirected to the host kernel – Kernel based : chroot – LD_PRELOAD based : ScratchBox2, fakechroot, … – ptrace based : PRoot, CDE, fakeroot-ng, ... 3
Risk with partial virtualisation ... 4 “FATAL: kernel too old”
Solution ! 5 PRoot makes your kernel grow younger!
Kernel features emulated by PRoot 6 kernel version Emulated features 2.6.16 openat, linkat, ... syscalls 2.6.19 epoll_pwait syscall 2.6.23 CLOEXEC flag for open 2.6.24 DUPFD_CLOEXEC command for fcntl 2.6.27 CLOEXEC, NONBLOCK flags for many syscalls 2.6.28 accept4 syscall 2.6.29 AT_RANDOM ELF auxiliary vector * AT_SYSINFO ELF auxiliary vector (discarded) * heap allocation
How does it work? •Syscall emulation : replace unsupported syscalls with something equivalent. Example : openat(<fd>, <path>, …) is converted into : open(canon( readlink(/proc/<pid>/fd/<fd>) + <path>), …) 7
How does it work? •Flag emulation : append one or several calls to fcntl right after the original syscall : Example : open(<path>, <flags> | O_CLOEXEC) is converted into : fcntl(open(<path>, <flags>), FD_CLOEXEC) 8
How does it work in PRoot? •ELF auxiliary vectors : read/write the process memory right after execve •heap allocation: replace call to brk with call to mmap or mremap 9
Demo time ! 1.On Redhat 4.7, only VLC 0.8.6 is officially available 2.It’s way too old ! 3.Let’s build the VLC 2.0.8 on Redhat 4.7 … 4.… never mind, 57 packages are missing or outdated 5.Let’s run VLC 2.0.8 from Ubuntu 13.04 (Linux 3.8.0, 2012-06-04) on Redhat 4.7 (Linux 2.6.9, 2004-10-19): 1.without proot -k : « FATAL : kernel too old » 2.with proot -k : http://youtu.be/AJ5kaO1HKlU 6.It works whatever the host and guest systems are ! 10
Demo dynamic statistics 11 ● 115.000 syscalls ● 200 emulated syscalls ● 1700 emulated flags ● 50 ELF auxiliary vector changes ● 400 emulated heap syscalls
When? 12 This kernel compatibility support will be available in PRoot and CARE by the end of Septembre (2013).

Recomendados

Vitaly ̈_Vi ̈ Shukela - My FOSS projects
Vitaly ̈_Vi ̈ Shukela - My FOSS projectsVitaly ̈_Vi ̈ Shukela - My FOSS projects
Vitaly ̈_Vi ̈ Shukela - My FOSS projectsMinsk Linux User Group
 
FPC for the Masses (SANSFire Edition)
FPC for the Masses (SANSFire Edition)FPC for the Masses (SANSFire Edition)
FPC for the Masses (SANSFire Edition)Xavier Mertens
 
FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018Xavier Mertens
 
pkgsrc 2013 - the record of the past year
pkgsrc 2013 - the record of the past yearpkgsrc 2013 - the record of the past year
pkgsrc 2013 - the record of the past yearAkio OBATA
 
High availability virtualization with proxmox
High availability virtualization with proxmoxHigh availability virtualization with proxmox
High availability virtualization with proxmoxOriol Izquierdo Vibalda
 
Open ZFS Keynote (public)
Open ZFS Keynote (public)Open ZFS Keynote (public)
Open ZFS Keynote (public)Dustin Kirkland
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV TutorialOpen Networking Perú (Opennetsoft)
 
Linux Kernel Init Process
Linux Kernel Init ProcessLinux Kernel Init Process
Linux Kernel Init ProcessKernel TLV
 

Recomendados

Vitaly ̈_Vi ̈ Shukela - My FOSS projects
Vitaly ̈_Vi ̈ Shukela - My FOSS projectsVitaly ̈_Vi ̈ Shukela - My FOSS projects
Vitaly ̈_Vi ̈ Shukela - My FOSS projectsMinsk Linux User Group
 
FPC for the Masses (SANSFire Edition)
FPC for the Masses (SANSFire Edition)FPC for the Masses (SANSFire Edition)
FPC for the Masses (SANSFire Edition)Xavier Mertens
 
FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018Xavier Mertens
 
pkgsrc 2013 - the record of the past year
pkgsrc 2013 - the record of the past yearpkgsrc 2013 - the record of the past year
pkgsrc 2013 - the record of the past yearAkio OBATA
 
High availability virtualization with proxmox
High availability virtualization with proxmoxHigh availability virtualization with proxmox
High availability virtualization with proxmoxOriol Izquierdo Vibalda
 
Open ZFS Keynote (public)
Open ZFS Keynote (public)Open ZFS Keynote (public)
Open ZFS Keynote (public)Dustin Kirkland
 
OVS-NFV Tutorial
OVS-NFV TutorialOVS-NFV Tutorial
OVS-NFV TutorialOpen Networking Perú (Opennetsoft)
 
Linux Kernel Init Process
Linux Kernel Init ProcessLinux Kernel Init Process
Linux Kernel Init ProcessKernel TLV
 
Lecture 3 Perl & FreeBSD administration
Lecture 3 Perl & FreeBSD administrationLecture 3 Perl & FreeBSD administration
Lecture 3 Perl & FreeBSD administrationMohammed Farrag
 
3 manual installation of open vpn
3 manual installation of open vpn3 manual installation of open vpn
3 manual installation of open vpnAshwajit Maske
 
Building a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchBuilding a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchGoran Cetusic
 
Introducing NetBSD 5.0
Introducing NetBSD 5.0Introducing NetBSD 5.0
Introducing NetBSD 5.0Andrew Doran
 
Lev
LevLev
LevKazuya Kawaguchi
 
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingClaudio Mignanti
 
Make container without_docker_7
Make container without_docker_7Make container without_docker_7
Make container without_docker_7Sam Kim
 
LibreOffice oss-fuzz, crashtesting, coverity
LibreOffice oss-fuzz, crashtesting, coverityLibreOffice oss-fuzz, crashtesting, coverity
LibreOffice oss-fuzz, crashtesting, coverityCaolán McNamara
 
QEMU in Cross building
QEMU in Cross buildingQEMU in Cross building
QEMU in Cross buildingTetsuyuki Kobayashi
 
Make container without_docker_6-overlay-network_1
Make container without_docker_6-overlay-network_1 Make container without_docker_6-overlay-network_1
Make container without_docker_6-overlay-network_1 Sam Kim
 
Rails Hardware (no conclusions!)
Rails Hardware (no conclusions!)Rails Hardware (no conclusions!)
Rails Hardware (no conclusions!)yarry
 
Tips on High Performance Server Programming
Tips on High Performance Server ProgrammingTips on High Performance Server Programming
Tips on High Performance Server ProgrammingJoshua Zhu
 
Install ovs on local pc
Install ovs on local pcInstall ovs on local pc
Install ovs on local pcApplistarVN
 
Docker Networking
Docker NetworkingDocker Networking
Docker NetworkingWeaveworks
 
VCLをTDDで書いてデプロイする
VCLをTDDで書いてデプロイするVCLをTDDで書いてデプロイする
VCLをTDDで書いてデプロイするKengo HAMASAKI
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVSsnrism
 
Epoll - from the kernel side
Epoll - from the kernel sideEpoll - from the kernel side
Epoll - from the kernel sidellj098
 
What is new in Go 1.8
What is new in Go 1.8What is new in Go 1.8
What is new in Go 1.8John Hua
 
sshuttle VPN (2011-04)
sshuttle VPN (2011-04)sshuttle VPN (2011-04)
sshuttle VPN (2011-04)apenwarr
 
epoll() - The I/O Hero
epoll() - The I/O Heroepoll() - The I/O Hero
epoll() - The I/O HeroMohsin Hijazee
 
Talk 160920 @ Cat System Workshop
Talk 160920 @ Cat System WorkshopTalk 160920 @ Cat System Workshop
Talk 160920 @ Cat System WorkshopQuey-Liang Kao
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 

Mais conteúdo relacionado

Mais procurados

Lecture 3 Perl & FreeBSD administration
Lecture 3 Perl & FreeBSD administrationLecture 3 Perl & FreeBSD administration
Lecture 3 Perl & FreeBSD administrationMohammed Farrag
 
3 manual installation of open vpn
3 manual installation of open vpn3 manual installation of open vpn
3 manual installation of open vpnAshwajit Maske
 
Building a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchBuilding a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchGoran Cetusic
 
Introducing NetBSD 5.0
Introducing NetBSD 5.0Introducing NetBSD 5.0
Introducing NetBSD 5.0Andrew Doran
 
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingClaudio Mignanti
 
Make container without_docker_7
Make container without_docker_7Make container without_docker_7
Make container without_docker_7Sam Kim
 
LibreOffice oss-fuzz, crashtesting, coverity
LibreOffice oss-fuzz, crashtesting, coverityLibreOffice oss-fuzz, crashtesting, coverity
LibreOffice oss-fuzz, crashtesting, coverityCaolán McNamara
 
Make container without_docker_6-overlay-network_1
Make container without_docker_6-overlay-network_1 Make container without_docker_6-overlay-network_1
Make container without_docker_6-overlay-network_1 Sam Kim
 
Rails Hardware (no conclusions!)
Rails Hardware (no conclusions!)Rails Hardware (no conclusions!)
Rails Hardware (no conclusions!)yarry
 
Tips on High Performance Server Programming
Tips on High Performance Server ProgrammingTips on High Performance Server Programming
Tips on High Performance Server ProgrammingJoshua Zhu
 
Install ovs on local pc
Install ovs on local pcInstall ovs on local pc
Install ovs on local pcApplistarVN
 
Docker Networking
Docker NetworkingDocker Networking
Docker NetworkingWeaveworks
 
VCLをTDDで書いてデプロイする
VCLをTDDで書いてデプロイするVCLをTDDで書いてデプロイする
VCLをTDDで書いてデプロイするKengo HAMASAKI
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVSsnrism
 
Epoll - from the kernel side
Epoll - from the kernel sideEpoll - from the kernel side
Epoll - from the kernel sidellj098
 
What is new in Go 1.8
What is new in Go 1.8What is new in Go 1.8
What is new in Go 1.8John Hua
 
sshuttle VPN (2011-04)
sshuttle VPN (2011-04)sshuttle VPN (2011-04)
sshuttle VPN (2011-04)apenwarr
 
epoll() - The I/O Hero
epoll() - The I/O Heroepoll() - The I/O Hero
epoll() - The I/O HeroMohsin Hijazee
 

Mais procurados (20)

Lecture 3 Perl & FreeBSD administration
Lecture 3 Perl & FreeBSD administrationLecture 3 Perl & FreeBSD administration
Lecture 3 Perl & FreeBSD administration
 
3 manual installation of open vpn
3 manual installation of open vpn3 manual installation of open vpn
3 manual installation of open vpn
 
Building a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitchBuilding a network emulator with Docker and Open vSwitch
Building a network emulator with Docker and Open vSwitch
 
Introducing NetBSD 5.0
Introducing NetBSD 5.0Introducing NetBSD 5.0
Introducing NetBSD 5.0
 
Lev
LevLev
Lev
 
Picobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertisingPicobgp - A simple deamon for routing advertising
Picobgp - A simple deamon for routing advertising
 
Make container without_docker_7
Make container without_docker_7Make container without_docker_7
Make container without_docker_7
 
LibreOffice oss-fuzz, crashtesting, coverity
LibreOffice oss-fuzz, crashtesting, coverityLibreOffice oss-fuzz, crashtesting, coverity
LibreOffice oss-fuzz, crashtesting, coverity
 
QEMU in Cross building
QEMU in Cross buildingQEMU in Cross building
QEMU in Cross building
 
Make container without_docker_6-overlay-network_1
Make container without_docker_6-overlay-network_1 Make container without_docker_6-overlay-network_1
Make container without_docker_6-overlay-network_1
 
Rails Hardware (no conclusions!)
Rails Hardware (no conclusions!)Rails Hardware (no conclusions!)
Rails Hardware (no conclusions!)
 
Tips on High Performance Server Programming
Tips on High Performance Server ProgrammingTips on High Performance Server Programming
Tips on High Performance Server Programming
 
Install ovs on local pc
Install ovs on local pcInstall ovs on local pc
Install ovs on local pc
 
Docker Networking
Docker NetworkingDocker Networking
Docker Networking
 
VCLをTDDで書いてデプロイする
VCLをTDDで書いてデプロイするVCLをTDDで書いてデプロイする
VCLをTDDで書いてデプロイする
 
Docker-OVS
Docker-OVSDocker-OVS
Docker-OVS
 
Epoll - from the kernel side
Epoll - from the kernel sideEpoll - from the kernel side
Epoll - from the kernel side
 
What is new in Go 1.8
What is new in Go 1.8What is new in Go 1.8
What is new in Go 1.8
 
sshuttle VPN (2011-04)
sshuttle VPN (2011-04)sshuttle VPN (2011-04)
sshuttle VPN (2011-04)
 
epoll() - The I/O Hero
epoll() - The I/O Heroepoll() - The I/O Hero
epoll() - The I/O Hero
 

Semelhante a PRoot improved kernel compatibility

Talk 160920 @ Cat System Workshop
Talk 160920 @ Cat System WorkshopTalk 160920 @ Cat System Workshop
Talk 160920 @ Cat System WorkshopQuey-Liang Kao
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
Network Stack in Userspace (NUSE)
Network Stack in Userspace (NUSE)Network Stack in Userspace (NUSE)
Network Stack in Userspace (NUSE)Hajime Tazaki
 
NSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the CoreNSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the CoreNoSuchCon
 
Step-by-Step Introduction to Apache Flink
Step-by-Step Introduction to Apache Flink Step-by-Step Introduction to Apache Flink
Step-by-Step Introduction to Apache Flink Slim Baltagi
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsKernel TLV
 
Conan.io - The C/C++ package manager for Developers
Conan.io - The C/C++ package manager for DevelopersConan.io - The C/C++ package manager for Developers
Conan.io - The C/C++ package manager for DevelopersUilian Ries
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerDocker, Inc.
 
Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant Ricardo Amaro
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Docker, Inc.
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013dotCloud
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014Carlo Bonamico
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned RightScale
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014biicode
 
Develop QNAP NAS App by Docker
Develop QNAP NAS App by DockerDevelop QNAP NAS App by Docker
Develop QNAP NAS App by DockerTerry Chen
 

Semelhante a PRoot improved kernel compatibility (20)

Talk 160920 @ Cat System Workshop
Talk 160920 @ Cat System WorkshopTalk 160920 @ Cat System Workshop
Talk 160920 @ Cat System Workshop
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructions
 
Network Stack in Userspace (NUSE)
Network Stack in Userspace (NUSE)Network Stack in Userspace (NUSE)
Network Stack in Userspace (NUSE)
 
NSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the CoreNSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
NSC #2 - D3 02 - Peter Hlavaty - Attack on the Core
 
Step-by-Step Introduction to Apache Flink
Step-by-Step Introduction to Apache Flink Step-by-Step Introduction to Apache Flink
Step-by-Step Introduction to Apache Flink
 
Make Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance ToolsMake Your Containers Faster: Linux Container Performance Tools
Make Your Containers Faster: Linux Container Performance Tools
 
Basic Linux Internals
Basic Linux InternalsBasic Linux Internals
Basic Linux Internals
 
Conan.io - The C/C++ package manager for Developers
Conan.io - The C/C++ package manager for DevelopersConan.io - The C/C++ package manager for Developers
Conan.io - The C/C++ package manager for Developers
 
Securing Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, DockerSecuring Containers, One Patch at a Time - Michael Crosby, Docker
Securing Containers, One Patch at a Time - Michael Crosby, Docker
 
Attack on the Core
Attack on the CoreAttack on the Core
Attack on the Core
 
Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant Automate drupal deployments with linux containers, docker and vagrant
Automate drupal deployments with linux containers, docker and vagrant
 
Genode Compositions
Genode CompositionsGenode Compositions
Genode Compositions
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013Lightweight Virtualization with Linux Containers and Docker I YaC 2013
Lightweight Virtualization with Linux Containers and Docker I YaC 2013
 
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013Lightweight Virtualization with Linux Containers and Docker | YaC 2013
Lightweight Virtualization with Linux Containers and Docker | YaC 2013
 
eBPF Basics
eBPF BasicseBPF Basics
eBPF Basics
 
codemotion-docker-2014
codemotion-docker-2014codemotion-docker-2014
codemotion-docker-2014
 
Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned Real-World Docker: 10 Things We've Learned
Real-World Docker: 10 Things We've Learned
 
Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014Dependencies Managers in C/C++. Using stdcpp 2014
Dependencies Managers in C/C++. Using stdcpp 2014
 
Develop QNAP NAS App by Docker
Develop QNAP NAS App by DockerDevelop QNAP NAS App by Docker
Develop QNAP NAS App by Docker
 

Último

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Último (20)

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

PRoot improved kernel compatibility

  • 1. Running programs from a recent guest distro on an obsolete host distro
  • 2. Why would you do such a thing? •Validate programs for the guest distro •Use programs available only for the guest distro •Publish programs with their original environment for the sake of reproducibility (CARE, CDE) •… 2
  • 3. How could you do such a thing? • Full virtualisation : virtual hardware booting the guest OS (VirtualBox, VMWare, …) • Partial virtualisation : guest programs requests are redirected to the host kernel – Kernel based : chroot – LD_PRELOAD based : ScratchBox2, fakechroot, … – ptrace based : PRoot, CDE, fakeroot-ng, ... 3
  • 4. Risk with partial virtualisation ... 4 “FATAL: kernel too old”
  • 5. Solution ! 5 PRoot makes your kernel grow younger!
  • 6. Kernel features emulated by PRoot 6 kernel version Emulated features 2.6.16 openat, linkat, ... syscalls 2.6.19 epoll_pwait syscall 2.6.23 CLOEXEC flag for open 2.6.24 DUPFD_CLOEXEC command for fcntl 2.6.27 CLOEXEC, NONBLOCK flags for many syscalls 2.6.28 accept4 syscall 2.6.29 AT_RANDOM ELF auxiliary vector * AT_SYSINFO ELF auxiliary vector (discarded) * heap allocation
  • 7. How does it work? •Syscall emulation : replace unsupported syscalls with something equivalent. Example : openat(<fd>, <path>, …) is converted into : open(canon( readlink(/proc/<pid>/fd/<fd>) + <path>), …) 7
  • 8. How does it work? •Flag emulation : append one or several calls to fcntl right after the original syscall : Example : open(<path>, <flags> | O_CLOEXEC) is converted into : fcntl(open(<path>, <flags>), FD_CLOEXEC) 8
  • 9. How does it work in PRoot? •ELF auxiliary vectors : read/write the process memory right after execve •heap allocation: replace call to brk with call to mmap or mremap 9
  • 10. Demo time ! 1.On Redhat 4.7, only VLC 0.8.6 is officially available 2.It’s way too old ! 3.Let’s build the VLC 2.0.8 on Redhat 4.7 … 4.… never mind, 57 packages are missing or outdated 5.Let’s run VLC 2.0.8 from Ubuntu 13.04 (Linux 3.8.0, 2012-06-04) on Redhat 4.7 (Linux 2.6.9, 2004-10-19): 1.without proot -k : « FATAL : kernel too old » 2.with proot -k : http://youtu.be/AJ5kaO1HKlU 6.It works whatever the host and guest systems are ! 10
  • 11. Demo dynamic statistics 11 ● 115.000 syscalls ● 200 emulated syscalls ● 1700 emulated flags ● 50 ELF auxiliary vector changes ● 400 emulated heap syscalls
  • 12. When? 12 This kernel compatibility support will be available in PRoot and CARE by the end of Septembre (2013).