Skip to content

Latest commit

 

History

History
163 lines (127 loc) · 5.25 KB

README.markdown

File metadata and controls

163 lines (127 loc) · 5.25 KB

hacksoc-grp

hacksoc-grp (pronounced "HackSoc Group"), or simply grp, is a collection of software maintained by HackSoc for use with the ITS linux machines, which would not otherwise be provided: more up-to-date packages, things which aren't strictly course-related, that sort of thing. All packages are built with a prefix of /tmp/hacksoc-grp.

You can see all packages which have been installed by listing /tmp/hacksoc-grp/packages.

Mounting

You can mount grp with the following script. It may be helpful to save it to ~/grp.sh, and then source it to both mount grp and update your environment simultaneously.

GRPDIR=/tmp/hacksoc-grp

if [[ ! -e $GRPDIR/bin ]]; then
    mkdir -p $GRPDIR
    sshfs -o reconnect [email protected]: $GRPDIR
fi

export PATH=$GRPDIR/bin:$PATH
export LD_LIBRARY_PATH=$GRPDIR/lib:$LD_LIBRARY_PATH

Health Warning: Do not put this in your shell profile, as then if SSHFS hangs you won't be able to open a shell, which would be bad.

Second Health Warning: After executing this, your environment will be changed. Interaction with executables on the host system may change. So, instead of running the export lines of the script, you could just mount grp and then use a function like this to set up your environment for individual commands:

function grprun() {
    local GRPDIR=/tmp/hacksoc-grp
    PATH=$GRPDIR/bin:$PATH \
    LD_LIBRARY_PATH=$GRPDIR/lib:$LD_LIBRARY_PATH \
    $*
}

Adding Packages

For normal people: email us, ping us on IRC, whatever.

For people with access to klaxon, or those feeling particularly helpful: grp is based on GNU Stow, a tool for managing hierarchies of symlinks. Packaging something consists in writing a script which will build it, and supply any necessary options to stow when it is installed.

For example, Isabelle 2015:

pkgname=isabelle2015
stow_opts="--ignore=ANNOUNCE --ignore=CONTRIBUTORS --ignore=COPYRIGHT --ignore=NEWS --ignore=README --ignore=ROOTS"

function build() {
    wget "https://www.cl.cam.ac.uk/research/hvg/Isabelle/dist/Isabelle2015_linux.tar.gz"
    tar xf Isabelle2015_linux.tar.gz
    mv Isabelle2015 $PKGDIR
}

Firstly, the package is given a name, this influences where is is installed. There are some pre-determined environmental variables:

  • $GRPDIR, the path of grp, /tmp/hacksoc-grp by default.
  • $STOWDIR, the directory managed by stow, $GRPDIR/packages by default.
  • $PKGDIR, the installation path of the package, $STOWDIR/$pkgname by default.

$STOWDIR/.. must be $GRPDIR, as otherwise stow will use symlink paths that don't work so nicely over sshfs.

Secondly, options to stow are provided. Typically this field should be empty, or consist only of a list of file exclusions.

Finally, a function to build the package is produced. This is a binary distribution of Isabelle 2015, so all that needs to happen here is to extract the tarball to the right place.

A package will be built when it is first installed, after that uninstall.sh and install.sh will only add or remove symlinks, to prevent repeating work needlessly.

A more complex build function is used in the z3-4.4.1 package:

function build() {
    wget "https://github.com/Z3Prover/z3/archive/z3-4.4.1.tar.gz"
    tar xf "z3-4.4.1.tar.gz"
    cd z3-z3-4.4.1

    # Make
    python2 scripts/mk_make.py
    cd build
    make

    # Install
    cd ..
    python2 scripts/mk_make.py --prefix=$PKGDIR
    cd build
    make install
    mv "$PKGDIR/lib/python2.7/dist-packages" "$PKGDIR/lib/python2.7/site-packages"
    rm "$PKGDIR/lib/python2.7/site-packages/libz3.so"
    ln -s ../../libz3.so "$PKGDIR/lib/python2.7/site-packages/libz3.so"
}

This is a source distribution of z3, so it needs to be compiled first. If you're not sure how to compile something, check if there is an Arch package in the repositories or the AUR. Arch PKGBUILD files are easy to read and somebody else has already figured out all the build system quirks for you.

For Server Administrators

If the instance of grp is to be publically accessible, as it is on klaxon, an ssh chroot should be used to prevent users from escaping. Assuming the user grp, this snippet of sshd_config will do the job:

Match User grp
   ChrootDirectory /var/hacksoc-grp
   ForceCommand internal-sftp
   AllowTcpForwarding no
   PermitTunnel no
   X11Forwarding no

The chroot directory, and all of its parents, must be owned by root:root and not be writable by anyone else. The easiest way to achieve this is for /, /var, and /var/hacksoc-grp to be owned by root:root and have permissions 755.

The symlink /tmp/hacksoc-grp is also provided, so that build scripts can use the same prefix as the eventual user-mounted filesystem. If /tmp is a permanent filesystem, then the symlink could be avoided and a standard directory used instead, but storing permanent files in /tmp is bad practice and should be avoided regardless.

If passwordless access is desired, then the grp user should be given no password, and PermitEmptyPasswords enabled in the sshd_config.