Blog: 2024-02-09: Difference between revisions
(Created page with "Ok rather than any of the nice projects I talked about on 2/7, I now have... the idea of making a ronin alternative, that uses podman instead of qemu. Coincidentally, I can see this converging, as I dig into the implementation of podman and see qemu. <pre> $ podman system connection list Name URI Identity Default podman-machine-default ssh://[email protected]....") |
No edit summary |
||
Line 27: | Line 27: | ||
/Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock |
/Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock |
||
/Users/razzi/.config/containers/podman/machine/qemu/podman-machine-default.json |
/Users/razzi/.config/containers/podman/machine/qemu/podman-machine-default.json |
||
</pre>Oh right, I'm thinking of calling this podman-based tool po. Like https://en.wikipedia.org/wiki/B%C5%8D |
|||
</pre> |
|||
Getting this helpful message upon startup<pre> |
|||
$ podman machine start |
|||
Starting machine "podman-machine-default" |
|||
Waiting for VM ... |
|||
Mounting volume... /Users:/Users |
|||
Mounting volume... /private:/private |
|||
Mounting volume... /var/folders:/var/folders |
|||
This machine is currently configured in rootless mode. If your containers |
|||
require root permissions (e.g. ports < 1024), or if you run into compatibility |
|||
issues with non-podman clients, you can switch using the following command: |
|||
podman machine set --rootful |
|||
API forwarding listening on: /Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock |
|||
The system helper service is not installed; the default Docker API socket |
|||
address can't be used by podman. If you would like to install it, run the following commands: |
|||
sudo /usr/local/Cellar/podman/4.8.2/bin/podman-mac-helper install |
|||
podman machine stop; podman machine start |
|||
You can still connect Docker API clients by setting DOCKER_HOST using the |
|||
following command in your terminal session: |
|||
export DOCKER_HOST='unix:///Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock' |
|||
Machine "podman-machine-default" started successfully |
|||
</pre>Sure enough<pre> |
|||
$ docker ps |
|||
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? |
|||
$ env DOCKER_HOST='unix:///Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock' docker ps |
|||
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES |
|||
</pre>Ok I added a po user but when I switched to it I got no sudo! Looks like it's not installed by default. Here are the packages before any updates/installs<pre> |
|||
root@123bc29e561f:/# apt list |
|||
Listing... Done |
|||
adduser/now 3.134 all [installed,local] |
|||
apt/now 2.6.1 amd64 [installed,local] |
|||
base-files/now 12.4+deb12u4 amd64 [installed,local] |
|||
base-passwd/now 3.6.1 amd64 [installed,local] |
|||
bash/now 5.2.15-2+b2 amd64 [installed,local] |
|||
bsdutils/now 1:2.38.1-5+b1 amd64 [installed,local] |
|||
coreutils/now 9.1-1 amd64 [installed,local] |
|||
dash/now 0.5.12-2 amd64 [installed,local] |
|||
debconf/now 1.5.82 all [installed,local] |
|||
debian-archive-keyring/now 2023.3+deb12u1 all [installed,local] |
|||
debianutils/now 5.7-0.5~deb12u1 amd64 [installed,local] |
|||
diffutils/now 1:3.8-4 amd64 [installed,local] |
|||
dpkg/now 1.21.22 amd64 [installed,local] |
|||
e2fsprogs/now 1.47.0-2 amd64 [installed,local] |
|||
findutils/now 4.9.0-4 amd64 [installed,local] |
|||
gcc-12-base/now 12.2.0-14 amd64 [installed,local] |
|||
gpgv/now 2.2.40-1.1 amd64 [installed,local] |
|||
grep/now 3.8-5 amd64 [installed,local] |
|||
gzip/now 1.12-1 amd64 [installed,local] |
|||
hostname/now 3.23+nmu1 amd64 [installed,local] |
|||
init-system-helpers/now 1.65.2 all [installed,local] |
|||
libacl1/now 2.3.1-3 amd64 [installed,local] |
|||
libapt-pkg6.0/now 2.6.1 amd64 [installed,local] |
|||
libattr1/now 1:2.5.1-4 amd64 [installed,local] |
|||
libaudit-common/now 1:3.0.9-1 all [installed,local] |
|||
libaudit1/now 1:3.0.9-1 amd64 [installed,local] |
|||
libblkid1/now 2.38.1-5+b1 amd64 [installed,local] |
|||
libbz2-1.0/now 1.0.8-5+b1 amd64 [installed,local] |
|||
libc-bin/now 2.36-9+deb12u4 amd64 [installed,local] |
|||
libc6/now 2.36-9+deb12u4 amd64 [installed,local] |
|||
libcap-ng0/now 0.8.3-1+b3 amd64 [installed,local] |
|||
libcap2/now 1:2.66-4 amd64 [installed,local] |
|||
libcom-err2/now 1.47.0-2 amd64 [installed,local] |
|||
libcrypt1/now 1:4.4.33-2 amd64 [installed,local] |
|||
libdb5.3/now 5.3.28+dfsg2-1 amd64 [installed,local] |
|||
libdebconfclient0/now 0.270 amd64 [installed,local] |
|||
libext2fs2/now 1.47.0-2 amd64 [installed,local] |
|||
libffi8/now 3.4.4-1 amd64 [installed,local] |
|||
libgcc-s1/now 12.2.0-14 amd64 [installed,local] |
|||
libgcrypt20/now 1.10.1-3 amd64 [installed,local] |
|||
libgmp10/now 2:6.2.1+dfsg1-1.1 amd64 [installed,local] |
|||
libgnutls30/now 3.7.9-2+deb12u1 amd64 [installed,local] |
|||
libgpg-error0/now 1.46-1 amd64 [installed,local] |
|||
libhogweed6/now 3.8.1-2 amd64 [installed,local] |
|||
libidn2-0/now 2.3.3-1+b1 amd64 [installed,local] |
|||
liblz4-1/now 1.9.4-1 amd64 [installed,local] |
|||
liblzma5/now 5.4.1-0.2 amd64 [installed,local] |
|||
libmd0/now 1.0.4-2 amd64 [installed,local] |
|||
libmount1/now 2.38.1-5+b1 amd64 [installed,local] |
|||
libnettle8/now 3.8.1-2 amd64 [installed,local] |
|||
libp11-kit0/now 0.24.1-2 amd64 [installed,local] |
|||
libpam-modules-bin/now 1.5.2-6+deb12u1 amd64 [installed,local] |
|||
libpam-modules/now 1.5.2-6+deb12u1 amd64 [installed,local] |
|||
libpam-runtime/now 1.5.2-6+deb12u1 all [installed,local] |
|||
libpam0g/now 1.5.2-6+deb12u1 amd64 [installed,local] |
|||
libpcre2-8-0/now 10.42-1 amd64 [installed,local] |
|||
libseccomp2/now 2.5.4-1+b3 amd64 [installed,local] |
|||
libselinux1/now 3.4-1+b6 amd64 [installed,local] |
|||
libsemanage-common/now 3.4-1 all [installed,local] |
|||
libsemanage2/now 3.4-1+b5 amd64 [installed,local] |
|||
libsepol2/now 3.4-2.1 amd64 [installed,local] |
|||
libsmartcols1/now 2.38.1-5+b1 amd64 [installed,local] |
|||
libss2/now 1.47.0-2 amd64 [installed,local] |
|||
libstdc++6/now 12.2.0-14 amd64 [installed,local] |
|||
libsystemd0/now 252.19-1~deb12u1 amd64 [installed,local] |
|||
libtasn1-6/now 4.19.0-2 amd64 [installed,local] |
|||
libtinfo6/now 6.4-4 amd64 [installed,local] |
|||
libudev1/now 252.19-1~deb12u1 amd64 [installed,local] |
|||
libunistring2/now 1.0-2 amd64 [installed,local] |
|||
libuuid1/now 2.38.1-5+b1 amd64 [installed,local] |
|||
libxxhash0/now 0.8.1-1 amd64 [installed,local] |
|||
libzstd1/now 1.5.4+dfsg2-5 amd64 [installed,local] |
|||
login/now 1:4.13+dfsg1-1+b1 amd64 [installed,local] |
|||
logsave/now 1.47.0-2 amd64 [installed,local] |
|||
mawk/now 1.3.4.20200120-3.1 amd64 [installed,local] |
|||
mount/now 2.38.1-5+b1 amd64 [installed,local] |
|||
ncurses-base/now 6.4-4 all [installed,local] |
|||
ncurses-bin/now 6.4-4 amd64 [installed,local] |
|||
passwd/now 1:4.13+dfsg1-1+b1 amd64 [installed,local] |
|||
perl-base/now 5.36.0-7+deb12u1 amd64 [installed,local] |
|||
sed/now 4.9-1 amd64 [installed,local] |
|||
sysvinit-utils/now 3.06-4 amd64 [installed,local] |
|||
tar/now 1.34+dfsg-1.2 amd64 [installed,local] |
|||
tzdata/now 2023c-5+deb12u1 all [installed,local] |
|||
usr-is-merged/now 35 all [installed,local] |
|||
util-linux-extra/now 2.38.1-5+b1 amd64 [installed,local] |
|||
util-linux/now 2.38.1-5+b1 amd64 [installed,local] |
|||
zlib1g/now 1:1.2.13.dfsg-1 amd64 [installed,local] |
|||
</pre>Merrily proceeding along, I installed doas and enabled `permit po as root` into /etc/doas.conf |
|||
I modified this to be `permit nopass po as root`; no nano or vim, just used echo again. |
|||
Then I thought "I'll set up fish" but I got a huge dependency tree:<pre> |
|||
po@123bc29e561f:/$ doas apt install fish |
|||
Reading package lists... Done |
|||
Building dependency tree... Done |
|||
Reading state information... Done |
|||
The following additional packages will be installed: |
|||
bsdextrautils bzip2 ca-certificates file fish-common groff-base krb5-locales libbsd0 libexpat1 |
|||
libgdbm-compat4 libgdbm6 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 |
|||
libkrb5support0 libmagic-mgc libmagic1 libncursesw6 libnsl2 libpcre2-32-0 libperl5.36 |
|||
libpipeline1 libproc2-0 libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8 |
|||
libsqlite3-0 libssl3 libtirpc-common libtirpc3 libuchardet0 libx11-6 libx11-data libxau6 libxcb1 |
|||
libxdmcp6 lynx lynx-common mailcap man-db media-types netbase openssl perl perl-modules-5.36 |
|||
procps psmisc python3 python3-minimal python3.11 python3.11-minimal readline-common xsel xz-utils |
|||
Suggested packages: |
|||
bzip2-doc doc-base groff gdbm-l10n gpm krb5-doc krb5-user sensible-utils apparmor less perl-doc |
|||
libterm-readline-gnu-perl | libterm-readline-perl-perl make libtap-harness-archive-perl |
|||
python3-doc python3-tk python3-venv python3.11-venv python3.11-doc binutils binfmt-support |
|||
readline-doc |
|||
The following NEW packages will be installed: |
|||
bsdextrautils bzip2 ca-certificates file fish fish-common groff-base krb5-locales libbsd0 |
|||
libexpat1 libgdbm-compat4 libgdbm6 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 |
|||
libkrb5support0 libmagic-mgc libmagic1 libncursesw6 libnsl2 libpcre2-32-0 libperl5.36 |
|||
libpipeline1 libproc2-0 libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8 |
|||
libsqlite3-0 libssl3 libtirpc-common libtirpc3 libuchardet0 libx11-6 libx11-data libxau6 libxcb1 |
|||
libxdmcp6 lynx lynx-common mailcap man-db media-types netbase openssl perl perl-modules-5.36 |
|||
procps psmisc python3 python3-minimal python3.11 python3.11-minimal readline-common xsel xz-utils |
|||
0 upgraded, 58 newly installed, 0 to remove and 0 not upgraded. |
|||
Need to get 29.0 MB of archives. |
|||
After this operation, 135 MB of additional disk space will be used. |
|||
Do you want to continue? [Y/n] |
|||
</pre>Lunchtime! |
Revision as of 12:16, 9 February 2024
Ok rather than any of the nice projects I talked about on 2/7, I now have... the idea of making a ronin alternative, that uses podman instead of qemu. Coincidentally, I can see this converging, as I dig into the implementation of podman and see qemu.
$ podman system connection list Name URI Identity Default podman-machine-default ssh://[email protected]:50117/run/user/501/podman/podman.sock /Users/razzi/.ssh/podman-machine-default true podman-machine-default-root ssh://[email protected]:50117/run/podman/podman.sock /Users/razzi/.ssh/podman-machine-default false $ podman machine list NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE podman-machine-default* qemu 5 months ago 3 months ago 1 2GiB 100GiB $ podman machine start Starting machine "podman-machine-default" Waiting for VM ... Error: qemu exited unexpectedly with exit code 1, stderr: qemu-system-x86_64: -drive if=virtio,file=/Users/razzi/.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-38.20230819.2.0-qemu.x86_64.qcow2: Could not open '/Users/razzi/.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-38.20230819.2.0-qemu.x86_64.qcow2': No such file or directory $ podman machine list NAME VM TYPE CREATED LAST UP CPUS MEMORY DISK SIZE podman-machine-default* qemu 5 months ago 3 months ago 1 2GiB 100GiB $ podman machine rm podman-machine-default The following files will be deleted: /Users/razzi/.ssh/podman-machine-default /Users/razzi/.ssh/podman-machine-default.pub /Users/razzi/.config/containers/podman/machine/qemu/podman-machine-default.ign /Users/razzi/.local/share/containers/podman/machine/qemu/podman-machine-default_fedora-coreos-38.20230819.2.0-qemu.x86_64.qcow2 /Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock /Users/razzi/.config/containers/podman/machine/qemu/podman-machine-default.json
Oh right, I'm thinking of calling this podman-based tool po. Like https://en.wikipedia.org/wiki/B%C5%8D Getting this helpful message upon startup
$ podman machine start Starting machine "podman-machine-default" Waiting for VM ... Mounting volume... /Users:/Users Mounting volume... /private:/private Mounting volume... /var/folders:/var/folders This machine is currently configured in rootless mode. If your containers require root permissions (e.g. ports < 1024), or if you run into compatibility issues with non-podman clients, you can switch using the following command: podman machine set --rootful API forwarding listening on: /Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock The system helper service is not installed; the default Docker API socket address can't be used by podman. If you would like to install it, run the following commands: sudo /usr/local/Cellar/podman/4.8.2/bin/podman-mac-helper install podman machine stop; podman machine start You can still connect Docker API clients by setting DOCKER_HOST using the following command in your terminal session: export DOCKER_HOST='unix:///Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock' Machine "podman-machine-default" started successfully
Sure enough
$ docker ps Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? $ env DOCKER_HOST='unix:///Users/razzi/.local/share/containers/podman/machine/qemu/podman.sock' docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Ok I added a po user but when I switched to it I got no sudo! Looks like it's not installed by default. Here are the packages before any updates/installs
root@123bc29e561f:/# apt list Listing... Done adduser/now 3.134 all [installed,local] apt/now 2.6.1 amd64 [installed,local] base-files/now 12.4+deb12u4 amd64 [installed,local] base-passwd/now 3.6.1 amd64 [installed,local] bash/now 5.2.15-2+b2 amd64 [installed,local] bsdutils/now 1:2.38.1-5+b1 amd64 [installed,local] coreutils/now 9.1-1 amd64 [installed,local] dash/now 0.5.12-2 amd64 [installed,local] debconf/now 1.5.82 all [installed,local] debian-archive-keyring/now 2023.3+deb12u1 all [installed,local] debianutils/now 5.7-0.5~deb12u1 amd64 [installed,local] diffutils/now 1:3.8-4 amd64 [installed,local] dpkg/now 1.21.22 amd64 [installed,local] e2fsprogs/now 1.47.0-2 amd64 [installed,local] findutils/now 4.9.0-4 amd64 [installed,local] gcc-12-base/now 12.2.0-14 amd64 [installed,local] gpgv/now 2.2.40-1.1 amd64 [installed,local] grep/now 3.8-5 amd64 [installed,local] gzip/now 1.12-1 amd64 [installed,local] hostname/now 3.23+nmu1 amd64 [installed,local] init-system-helpers/now 1.65.2 all [installed,local] libacl1/now 2.3.1-3 amd64 [installed,local] libapt-pkg6.0/now 2.6.1 amd64 [installed,local] libattr1/now 1:2.5.1-4 amd64 [installed,local] libaudit-common/now 1:3.0.9-1 all [installed,local] libaudit1/now 1:3.0.9-1 amd64 [installed,local] libblkid1/now 2.38.1-5+b1 amd64 [installed,local] libbz2-1.0/now 1.0.8-5+b1 amd64 [installed,local] libc-bin/now 2.36-9+deb12u4 amd64 [installed,local] libc6/now 2.36-9+deb12u4 amd64 [installed,local] libcap-ng0/now 0.8.3-1+b3 amd64 [installed,local] libcap2/now 1:2.66-4 amd64 [installed,local] libcom-err2/now 1.47.0-2 amd64 [installed,local] libcrypt1/now 1:4.4.33-2 amd64 [installed,local] libdb5.3/now 5.3.28+dfsg2-1 amd64 [installed,local] libdebconfclient0/now 0.270 amd64 [installed,local] libext2fs2/now 1.47.0-2 amd64 [installed,local] libffi8/now 3.4.4-1 amd64 [installed,local] libgcc-s1/now 12.2.0-14 amd64 [installed,local] libgcrypt20/now 1.10.1-3 amd64 [installed,local] libgmp10/now 2:6.2.1+dfsg1-1.1 amd64 [installed,local] libgnutls30/now 3.7.9-2+deb12u1 amd64 [installed,local] libgpg-error0/now 1.46-1 amd64 [installed,local] libhogweed6/now 3.8.1-2 amd64 [installed,local] libidn2-0/now 2.3.3-1+b1 amd64 [installed,local] liblz4-1/now 1.9.4-1 amd64 [installed,local] liblzma5/now 5.4.1-0.2 amd64 [installed,local] libmd0/now 1.0.4-2 amd64 [installed,local] libmount1/now 2.38.1-5+b1 amd64 [installed,local] libnettle8/now 3.8.1-2 amd64 [installed,local] libp11-kit0/now 0.24.1-2 amd64 [installed,local] libpam-modules-bin/now 1.5.2-6+deb12u1 amd64 [installed,local] libpam-modules/now 1.5.2-6+deb12u1 amd64 [installed,local] libpam-runtime/now 1.5.2-6+deb12u1 all [installed,local] libpam0g/now 1.5.2-6+deb12u1 amd64 [installed,local] libpcre2-8-0/now 10.42-1 amd64 [installed,local] libseccomp2/now 2.5.4-1+b3 amd64 [installed,local] libselinux1/now 3.4-1+b6 amd64 [installed,local] libsemanage-common/now 3.4-1 all [installed,local] libsemanage2/now 3.4-1+b5 amd64 [installed,local] libsepol2/now 3.4-2.1 amd64 [installed,local] libsmartcols1/now 2.38.1-5+b1 amd64 [installed,local] libss2/now 1.47.0-2 amd64 [installed,local] libstdc++6/now 12.2.0-14 amd64 [installed,local] libsystemd0/now 252.19-1~deb12u1 amd64 [installed,local] libtasn1-6/now 4.19.0-2 amd64 [installed,local] libtinfo6/now 6.4-4 amd64 [installed,local] libudev1/now 252.19-1~deb12u1 amd64 [installed,local] libunistring2/now 1.0-2 amd64 [installed,local] libuuid1/now 2.38.1-5+b1 amd64 [installed,local] libxxhash0/now 0.8.1-1 amd64 [installed,local] libzstd1/now 1.5.4+dfsg2-5 amd64 [installed,local] login/now 1:4.13+dfsg1-1+b1 amd64 [installed,local] logsave/now 1.47.0-2 amd64 [installed,local] mawk/now 1.3.4.20200120-3.1 amd64 [installed,local] mount/now 2.38.1-5+b1 amd64 [installed,local] ncurses-base/now 6.4-4 all [installed,local] ncurses-bin/now 6.4-4 amd64 [installed,local] passwd/now 1:4.13+dfsg1-1+b1 amd64 [installed,local] perl-base/now 5.36.0-7+deb12u1 amd64 [installed,local] sed/now 4.9-1 amd64 [installed,local] sysvinit-utils/now 3.06-4 amd64 [installed,local] tar/now 1.34+dfsg-1.2 amd64 [installed,local] tzdata/now 2023c-5+deb12u1 all [installed,local] usr-is-merged/now 35 all [installed,local] util-linux-extra/now 2.38.1-5+b1 amd64 [installed,local] util-linux/now 2.38.1-5+b1 amd64 [installed,local] zlib1g/now 1:1.2.13.dfsg-1 amd64 [installed,local]
Merrily proceeding along, I installed doas and enabled `permit po as root` into /etc/doas.conf
I modified this to be `permit nopass po as root`; no nano or vim, just used echo again.
Then I thought "I'll set up fish" but I got a huge dependency tree:
po@123bc29e561f:/$ doas apt install fish Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: bsdextrautils bzip2 ca-certificates file fish-common groff-base krb5-locales libbsd0 libexpat1 libgdbm-compat4 libgdbm6 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libmagic-mgc libmagic1 libncursesw6 libnsl2 libpcre2-32-0 libperl5.36 libpipeline1 libproc2-0 libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8 libsqlite3-0 libssl3 libtirpc-common libtirpc3 libuchardet0 libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 lynx lynx-common mailcap man-db media-types netbase openssl perl perl-modules-5.36 procps psmisc python3 python3-minimal python3.11 python3.11-minimal readline-common xsel xz-utils Suggested packages: bzip2-doc doc-base groff gdbm-l10n gpm krb5-doc krb5-user sensible-utils apparmor less perl-doc libterm-readline-gnu-perl | libterm-readline-perl-perl make libtap-harness-archive-perl python3-doc python3-tk python3-venv python3.11-venv python3.11-doc binutils binfmt-support readline-doc The following NEW packages will be installed: bsdextrautils bzip2 ca-certificates file fish fish-common groff-base krb5-locales libbsd0 libexpat1 libgdbm-compat4 libgdbm6 libgpm2 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libmagic-mgc libmagic1 libncursesw6 libnsl2 libpcre2-32-0 libperl5.36 libpipeline1 libproc2-0 libpython3-stdlib libpython3.11-minimal libpython3.11-stdlib libreadline8 libsqlite3-0 libssl3 libtirpc-common libtirpc3 libuchardet0 libx11-6 libx11-data libxau6 libxcb1 libxdmcp6 lynx lynx-common mailcap man-db media-types netbase openssl perl perl-modules-5.36 procps psmisc python3 python3-minimal python3.11 python3.11-minimal readline-common xsel xz-utils 0 upgraded, 58 newly installed, 0 to remove and 0 not upgraded. Need to get 29.0 MB of archives. After this operation, 135 MB of additional disk space will be used. Do you want to continue? [Y/n]
Lunchtime!