hacksoc-grp (pronounced "HackSoc Group"), or simply grp, is a collection of software maintained by HackSoc for use with the ITS linux machines, which would not otherwise be provided: more up-to-date packages, things which aren't strictly course-related, that sort of thing. All packages are built with a prefix of /tmp/hacksoc-grp.
You can see all packages which have been installed by listing /tmp/hacksoc-grp/packages.
You can mount grp with the following script. It may be helpful to save it to ~/grp.sh, and then source it to both mount grp and update your environment simultaneously.
GRPDIR=/tmp/hacksoc-grp
if [[ ! -e $GRPDIR/bin ]]; then
mkdir -p $GRPDIR
sshfs -o reconnect [email protected]: $GRPDIR
fi
export PATH=$GRPDIR/bin:$PATH
export LD_LIBRARY_PATH=$GRPDIR/lib:$LD_LIBRARY_PATH
Health Warning: Do not put this in your shell profile, as then if SSHFS hangs you won't be able to open a shell, which would be bad.
Second Health Warning: After executing this, your environment will be changed. Interaction with executables on the host system may change. So, instead of running the export lines of the script, you could just mount grp and then use a function like this to set up your environment for individual commands:
function grprun() {
local GRPDIR=/tmp/hacksoc-grp
PATH=$GRPDIR/bin:$PATH \
LD_LIBRARY_PATH=$GRPDIR/lib:$LD_LIBRARY_PATH \
$*
}
For normal people: email us, ping us on IRC, whatever.
For people with access to klaxon, or those feeling particularly
helpful: grp is based on GNU Stow, a tool for managing
hierarchies of symlinks. Packaging something consists in writing a
script which will build it, and supply any necessary options to stow
when it is installed.
For example, Isabelle 2015:
pkgname=isabelle2015
stow_opts="--ignore=ANNOUNCE --ignore=CONTRIBUTORS --ignore=COPYRIGHT --ignore=NEWS --ignore=README --ignore=ROOTS"
function build() {
wget "https://www.cl.cam.ac.uk/research/hvg/Isabelle/dist/Isabelle2015_linux.tar.gz"
tar xf Isabelle2015_linux.tar.gz
mv Isabelle2015 $PKGDIR
}
Firstly, the package is given a name, this influences where is is installed. There are some pre-determined environmental variables:
$GRPDIR
, the path of grp,/tmp/hacksoc-grp
by default.$STOWDIR
, the directory managed bystow
,$GRPDIR/packages
by default.$PKGDIR
, the installation path of the package,$STOWDIR/$pkgname
by default.
$STOWDIR/..
must be $GRPDIR
, as otherwise stow
will use
symlink paths that don't work so nicely over sshfs.
Secondly, options to stow
are provided. Typically this field should
be empty, or consist only of a list of file exclusions.
Finally, a function to build the package is produced. This is a binary distribution of Isabelle 2015, so all that needs to happen here is to extract the tarball to the right place.
A package will be built when it is first installed, after that
uninstall.sh
and install.sh
will only add or remove symlinks, to
prevent repeating work needlessly.
A more complex build
function is used in the z3-4.4.1 package:
function build() {
wget "https://github.com/Z3Prover/z3/archive/z3-4.4.1.tar.gz"
tar xf "z3-4.4.1.tar.gz"
cd z3-z3-4.4.1
# Make
python2 scripts/mk_make.py
cd build
make
# Install
cd ..
python2 scripts/mk_make.py --prefix=$PKGDIR
cd build
make install
mv "$PKGDIR/lib/python2.7/dist-packages" "$PKGDIR/lib/python2.7/site-packages"
rm "$PKGDIR/lib/python2.7/site-packages/libz3.so"
ln -s ../../libz3.so "$PKGDIR/lib/python2.7/site-packages/libz3.so"
}
This is a source distribution of z3, so it needs to be compiled first. If you're not sure how to compile something, check if there is an Arch package in the repositories or the AUR. Arch PKGBUILD files are easy to read and somebody else has already figured out all the build system quirks for you.
If the instance of grp is to be publically accessible, as it is on klaxon, an ssh chroot should be used to prevent users from escaping. Assuming the user grp, this snippet of sshd_config will do the job:
Match User grp
ChrootDirectory /var/hacksoc-grp
ForceCommand internal-sftp
AllowTcpForwarding no
PermitTunnel no
X11Forwarding no
The chroot directory, and all of its parents, must be owned by
root:root and not be writable by anyone else. The easiest way to
achieve this is for /
, /var
, and /var/hacksoc-grp
to be owned by
root:root and have permissions 755.
The symlink /tmp/hacksoc-grp
is also provided, so that build scripts
can use the same prefix as the eventual user-mounted filesystem. If
/tmp
is a permanent filesystem, then the symlink could be avoided
and a standard directory used instead, but storing permanent files in
/tmp
is bad practice and should be avoided regardless.
If passwordless access is desired, then the grp user should be given
no password, and PermitEmptyPasswords
enabled in the sshd_config.