Re: Debian and our frenemies of containers and userland repos

To: debian-devel@lists.debian.org
Subject: Re: Debian and our frenemies of containers and userland repos
From: Johannes Schauer <josch@debian.org>
Date: Mon, 07 Oct 2019 13:43:18 +0200
Message-id: <[🔎] 157044859832.26294.8532846807185000735@hoothoot>
Mail-followup-to: Philipp Kern <pkern@debian.org>, debian-devel@lists.debian.org
In-reply-to: <[🔎] e58df2a7-2466-27dd-2620-b2b6bad964e7@philkern.de>
References: <20190711152551.GA5279@madoka.m-wei.net> <[🔎] CAKTje6HE1vXTL6TJZvwRup_QuaGLk3OoWkepyCspnHoOyofAbw@mail.gmail.com> <[🔎] 8f7f6e4c-77c4-f301-a834-2b84839c5699@bzed.de> <[🔎] 8736g7p2jw.fsf@DigitalMercury.dynalias.net> <[🔎] 20191006112329.GA21207@espresso.pseudorandom.co.uk> <[🔎] CAKTje6GTe5u0JkHHwZr8+BKvvD7k+2MrSE-iQm8zieNvW62tDQ@mail.gmail.com> <[🔎] 157042577330.26294.18419332176804109184@hoothoot> <[🔎] 20191007102902.GA9187@espresso.pseudorandom.co.uk> <[🔎] CAFyCLW-SKopGGxFJ3_ifkH=k3b=n5cMP06xRMjFr9rXg7_+HyQ@mail.gmail.com> <[🔎] e58df2a7-2466-27dd-2620-b2b6bad964e7@philkern.de>

Hi,

shameless plug for mmdebstrap incoming.

Quoting Philipp Kern (2019-10-07 13:21:36)
> On 10/7/2019 1:17 PM, Shengjing Zhu wrote:
> > On Mon, Oct 7, 2019 at 6:29 PM Simon McVittie <smcv@debian.org> wrote:
> >> On Mon, 07 Oct 2019 at 07:22:53 +0200, Johannes Schauer wrote:
> >>> Specifically, currently autopkgtest is limited to providing a read-only layer
> >>> for certain backends and its upstream has no intention of widening the scope of
> >>> the software [1]. This means that to upgrade an autopkgtest backend, the user
> >>> has to apply backend-specific actions
> >> I think "re-bootstrap, don't upgrade" is an equally good principle
> > Why not have a repository for it, like dockerhub. So this becomes
> > "pull latest build env", which saves lots of time("re-bootstrap" is still
> > slow nowadays).
> In that case it'd probably be better to make bootstrapping faster rather
> than trusting random binaries on the internet. (Unless we grow an
> "assemble an image from debs" service on, say, ftp-master.)

creating a working sbuild chroot takes 10 seconds on my system:

    $ time mmdebstrap --variant=essential unstable debian-unstable.tar
    [...]
    mmdebstrap [...]   8.35s user 1.73s system 99% cpu 10.166 total

Do we need to spend engineering effort to become faster than that?

Downloading "random binary from the internet" is less of a problem if we can
create images which are bit-by-bit identical to checksums that we can verify
through a trusted service. This is also already provided by mmdebstrap:

    $ SOURCE_DATE_EPOCH=1570448177 mmdebstrap --variant=essential unstable - | sha256sum
    [...]
    f40a3d2e9e168c3ec6270de1be79c522ce9f2381021c25072353bb3b5e1703d6  -
    $ SOURCE_DATE_EPOCH=1570448177 mmdebstrap --variant=essential unstable - | sha256sum
    [...]
    f40a3d2e9e168c3ec6270de1be79c522ce9f2381021c25072353bb3b5e1703d6  -

Lastly: yes, maybe "re-bootstrap, don't upgrade" is an equally good principle.
It has the advantage of not accumulating cruft. The sbuild-createchroot command
could gain an option which allows one to replace an existing chroot. Currently,
it refuses to work on already existing chroots.

Thanks!

cheers, josch

Attachment: signature.asc
Description: signature

Reply to:

Follow-Ups:
- Re: Debian and our frenemies of containers and userland repos
  - From: Philipp Kern <pkern@debian.org>

References:
- Re: Debian and our frenemies of containers and userland repos
  - From: Paul Wise <pabs@debian.org>
- Re: Debian and our frenemies of containers and userland repos
  - From: Bernd Zeimetz <bernd@bzed.de>
- Re: Debian and our frenemies of containers and userland repos
  - From: Nicholas D Steeves <nsteeves@gmail.com>
- Re: Debian and our frenemies of containers and userland repos
  - From: Simon McVittie <smcv@debian.org>
- Re: Debian and our frenemies of containers and userland repos
  - From: Paul Wise <pabs@debian.org>
- Re: Debian and our frenemies of containers and userland repos
  - From: Johannes Schauer <josch@debian.org>
- Re: Debian and our frenemies of containers and userland repos
  - From: Simon McVittie <smcv@debian.org>
- Re: Debian and our frenemies of containers and userland repos
  - From: Shengjing Zhu <zhsj@debian.org>
- Re: Debian and our frenemies of containers and userland repos
  - From: Philipp Kern <pkern@debian.org>

Prev by Date: Re: Debian and our frenemies of containers and userland repos
Next by Date: Re: Debian and our frenemies of containers and userland repos
Previous by thread: Re: Debian and our frenemies of containers and userland repos
Next by thread: Re: Debian and our frenemies of containers and userland repos
Index(es):
- Date
- Thread