[PATCH 0/5] WIP Add WSL support.

DoneSubmitted by Alex Griffin.
Details
8 participants
  • Alex Griffin
  • Christine Lemmer-Webber
  • Jacob MacDonald
  • Liliana Marie Prikler
  • Ludovic Courtès
  • Maxime Devos
  • Mathieu Othacehe
  • Stefan
Owner
unassigned
Severity
normal
A
A
Alex Griffin wrote on 10 Feb 07:05 +0100
(name . guix-patches@gnu.org)(address . guix-patches@gnu.org)
875ypndznv.fsf@ajgrf.com
These patches are a work-in-progress, adding support for running Guix
System under [WSL].

Windows Subsystem for Linux (WSL) lets developers run a GNU/Linux
environment – including most command-line tools, utilities, and
applications – directly on Windows, unmodified, without the overhead
of a traditional virtual machine or dual-boot setup.

Things mostly just work already. To try it out, first generate an
os tarball:

┌────
│ guix system image gnu/system/images/wsl.scm
└────

Then copy the result to your Windows system and run:

┌────
│ wsl --import guix ./guix/ image.tar.gz
└────

You can now run Guix System under WSL:

┌────
│ wsl -d guix
└────

The approach I took is copied from the [NixOS-WSL] project. Since WSL
doesn’t run the guest distro’s init system, as a work-around I set the
root user’s shell to a script that boots the system and then starts a
user login shell.

Thanks,
Alex Griffin



A
A
Alex Griffin wrote on 10 Feb 07:12 +0100
[PATCH 1/5] scripts: Fix typo.
(address . 53912@debbugs.gnu.org)
874k57dzdc.fsf@ajgrf.com
This patch just fixes a simple typo needed for the next patch.

Thanks,
Alex Griffin
From cd8b4a33da8d5a2a922da227cdb325475cffea00 Mon Sep 17 00:00:00 2001
From: Alex Griffin <a@ajgrf.com>
Date: Mon, 7 Feb 2022 13:47:29 -0600
Subject: [PATCH 1/5] scripts: Fix typo.
* guix/scripts/pack.scm: Fix typo.
---
guix/scripts/pack.scm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Toggle diff (23 lines)
diff --git a/guix/scripts/pack.scm b/guix/scripts/pack.scm
index 38bc021665..f6bca6dbdb 100644
--- a/guix/scripts/pack.scm
+++ b/guix/scripts/pack.scm
@@ -8,6 +8,7 @@
 ;;; Copyright © 2020 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright © 2020 Eric Bavier <bavier@posteo.net>
 ;;; Copyright © 2021 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2022 Alex Griffin <a@ajgrf.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -63,7 +64,7 @@ (define-module (guix scripts pack)
   #:use-module (ice-9 match)
   #:export (compressor?
             compressor-name
-            compressor-extenstion
+            compressor-extension
             compressor-command
             %compressors
             lookup-compressor
-- 
2.34.0
A
A
Alex Griffin wrote on 10 Feb 07:22 +0100
[PATCH 2/5] system: image: Add tarball support.
(name . 53912@debbugs.gnu.org)(address . 53912@debbugs.gnu.org)
SUzGTg5w2gbywISnUpFqNjuIslmQ9Sr0-0mjc2lBJf4GW_veZ--jJntAFbvYXNR2BtjM-SHj6lkJo_F5KOq5GhGJpYgiPtGRHs4duzMg4aQ=@ajgrf.com
This patch adds support for generating a tarball from operating-system definitions.

--
Alex Griffin
From ef951ff51bf0e2b2b50c57fbf652b0677c1e6701 Mon Sep 17 00:00:00 2001
From: Alex Griffin <a@ajgrf.com>
Date: Sun, 6 Feb 2022 16:29:47 -0600
Subject: [PATCH 2/5] system: image: Add tarball support.

* gnu/system/image.scm (tarball-image, tarball-image-type): New variables.
(system-tarball-image): New procedure.
(image->root-file-system): Add tarball image support.
(system-image): Ditto.
---
gnu/system/image.scm | 82 +++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 81 insertions(+), 1 deletion(-)

Toggle diff (151 lines)
diff --git a/gnu/system/image.scm b/gnu/system/image.scm
index 42e215f614..33c9c23225 100644
--- a/gnu/system/image.scm
+++ b/gnu/system/image.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2020, 2021 Mathieu Othacehe <m.othacehe@gmail.com>
 ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
+;;; Copyright © 2022 Alex Griffin <a@ajgrf.com>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -24,6 +25,7 @@ (define-module (gnu system image)
   #:use-module (guix modules)
   #:use-module (guix monads)
   #:use-module (guix records)
+  #:use-module (guix scripts pack)
   #:use-module (guix store)
   #:use-module (guix ui)
   #:use-module (guix utils)
@@ -70,6 +72,7 @@ (define-module (gnu system image)
             efi-disk-image
             iso9660-image
             docker-image
+            tarball-image
             raw-with-offset-disk-image
 
             image-with-os
@@ -78,6 +81,7 @@ (define-module (gnu system image)
             iso-image-type
             uncompressed-iso-image-type
             docker-image-type
+            tarball-image-type
             raw-with-offset-image-type
 
             image-with-label
@@ -135,6 +139,10 @@ (define docker-image
   (image
    (format 'docker)))
 
+(define tarball-image
+  (image
+   (format 'tarball)))
+
 (define* (raw-with-offset-disk-image #:optional (offset root-offset))
   (image
    (format 'disk-image)
@@ -192,6 +200,11 @@ (define docker-image-type
    (name 'docker)
    (constructor (cut image-with-os docker-image <>))))
 
+(define tarball-image-type
+  (image-type
+   (name 'tarball)
+   (constructor (cut image-with-os tarball-image <>))))
+
 (define raw-with-offset-image-type
   (image-type
    (name 'raw-with-offset)
@@ -631,6 +644,71 @@ (define builder
                    #:options `(#:references-graphs ((,graph ,os))
                                #:substitutable? ,substitutable?))))
 
+
+;;
+;; Tarball image.
+;;
+
+(define* (system-tarball-image image
+                               #:key
+                               (name "image")
+                               (compressor (srfi-1:first %compressors)))
+  "Build a tarball of IMAGE.  NAME is the base name to use for the
+output file."
+  (let* ((shared-network? (image-shared-network? image))
+         (os (image-operating-system image))
+         (substitutable? (image-substitutable? image))
+         (schema (local-file (search-path %load-path
+                                          "guix/store/schema.sql")))
+         (name (string-append name ".tar" (compressor-extension compressor)))
+         (graph "system-graph"))
+    (define builder
+      (with-extensions gcrypt-sqlite3&co          ;for (guix store database)
+        (with-imported-modules `(,@(source-module-closure
+                                    '((guix build pack)
+                                      (guix build store-copy)
+                                      (guix build utils)
+                                      (guix store database)
+                                      (gnu build image))
+                                    #:select? not-config?)
+                                 ((guix config) => ,(make-config.scm)))
+          #~(begin
+              (use-modules (guix build pack)
+                           (guix build store-copy)
+                           (guix build utils)
+                           (guix store database)
+                           (gnu build image))
+
+              ;; Set the SQL schema location.
+              (sql-schema #$schema)
+
+              ;; Allow non-ASCII file names--e.g., 'nss-certs'--to be decoded.
+              (setenv "GUIX_LOCPATH"
+                      #+(file-append glibc-utf8-locales "/lib/locale"))
+              (setlocale LC_ALL "en_US.utf8")
+
+              (let ((image-root (string-append (getcwd) "/tmp-root"))
+                    (tar #+(file-append tar "/bin/tar")))
+
+                (mkdir-p image-root)
+                (initialize-root-partition image-root
+                                           #:references-graphs '(#$graph)
+                                           #:deduplicate? #f
+                                           #:system-directory #$os)
+
+                (with-directory-excursion image-root
+                  (apply invoke tar "-cvf" #$output "."
+                         (tar-base-options
+                          #:tar tar
+                          #:compressor #+(and=> compressor compressor-command)))))))))
+
+    (computed-file name builder
+                   ;; Allow offloading so that this I/O-intensive process
+                   ;; doesn't run on the build farm's head node.
+                   #:local-build? #f
+                   #:options `(#:references-graphs ((,graph ,os))
+                               #:substitutable? ,substitutable?))))
+
 
 ;;
 ;; Image creation.
@@ -640,7 +718,7 @@ (define (image->root-file-system image)
   "Return the IMAGE root partition file-system type."
   (case (image-format image)
     ((iso9660) "iso9660")
-    ((docker) "dummy")
+    ((docker tarball) "dummy")
     (else
      (partition-file-system (find-root-partition image)))))
 
@@ -778,6 +856,8 @@ (define target (cond
                                        ("bootcfg" ,bootcfg))))
        ((memq image-format '(docker))
         (system-docker-image image*))
+       ((memq image-format '(tarball))
+        (system-tarball-image image*))
        ((memq image-format '(iso9660))
          (system-iso9660-image
           image*
-- 
2.34.0
A
A
Alex Griffin wrote on 10 Feb 07:27 +0100
[PATCH 3/5] system: image: Add wsl-tarball support.
(address . 53912@debbugs.gnu.org)
87wni3ck2v.fsf@ajgrf.com
This patch adds the wsl-tarball image type. The difference between
this and the plain tarball type is the creation of the symlinks at
/bin/sh and /bin/mount.

These are necessary for the first boot to work after importing. We
can’t rely on special-files-service-type for this because the system
is not activated yet, and the /bin/sh symlink initiates the first
system activation.

Thanks,
Alex Griffin
From 27304913a968753f42d06eb2ae7c297873b77cb6 Mon Sep 17 00:00:00 2001
From: Alex Griffin <a@ajgrf.com>
Date: Mon, 7 Feb 2022 18:37:25 -0600
Subject: [PATCH 3/5] system: image: Add wsl-tarball support.
* gnu/system/image.scm (wsl-tarball-image, wsl-tarball-image-type): New variables.
(image->root-file-system): Add wsl-tarball image support.
(system-image): Ditto.
---
gnu/system/image.scm | 36 +++++++++++++++++++++++++++++++++---
1 file changed, 33 insertions(+), 3 deletions(-)
Toggle diff (118 lines)
diff --git a/gnu/system/image.scm b/gnu/system/image.scm
index 33c9c23225..83a2a76a9c 100644
--- a/gnu/system/image.scm
+++ b/gnu/system/image.scm
@@ -37,12 +37,14 @@ (define-module (gnu system image)
   #:use-module (gnu services)
   #:use-module (gnu services base)
   #:use-module (gnu system)
+  #:use-module (gnu system accounts)
   #:use-module (gnu system file-systems)
   #:use-module (gnu system linux-container)
   #:use-module (gnu system uuid)
   #:use-module (gnu system vm)
   #:use-module (guix packages)
   #:use-module (gnu packages base)
+  #:use-module (gnu packages bash)
   #:use-module (gnu packages bootloaders)
   #:use-module (gnu packages cdrom)
   #:use-module (gnu packages compression)
@@ -73,6 +75,7 @@ (define-module (gnu system image)
             iso9660-image
             docker-image
             tarball-image
+            wsl-tarball-image
             raw-with-offset-disk-image
 
             image-with-os
@@ -82,6 +85,7 @@ (define-module (gnu system image)
             uncompressed-iso-image-type
             docker-image-type
             tarball-image-type
+            wsl-tarball-image-type
             raw-with-offset-image-type
 
             image-with-label
@@ -143,6 +147,10 @@ (define tarball-image
   (image
    (format 'tarball)))
 
+(define wsl-tarball-image
+  (image
+   (format 'wsl-tarball)))
+
 (define* (raw-with-offset-disk-image #:optional (offset root-offset))
   (image
    (format 'disk-image)
@@ -205,6 +213,11 @@ (define tarball-image-type
    (name 'tarball)
    (constructor (cut image-with-os tarball-image <>))))
 
+(define wsl-tarball-image-type
+  (image-type
+   (name 'wsl-tarball)
+   (constructor (cut image-with-os wsl-tarball-image <>))))
+
 (define raw-with-offset-image-type
   (image-type
    (name 'raw-with-offset)
@@ -652,7 +665,8 @@ (define builder
 (define* (system-tarball-image image
                                #:key
                                (name "image")
-                               (compressor (srfi-1:first %compressors)))
+                               (compressor (srfi-1:first %compressors))
+                               (wsl? #f))
   "Build a tarball of IMAGE.  NAME is the base name to use for the
 output file."
   (let* ((shared-network? (image-shared-network? image))
@@ -661,7 +675,12 @@ (define* (system-tarball-image image
          (schema (local-file (search-path %load-path
                                           "guix/store/schema.sql")))
          (name (string-append name ".tar" (compressor-extension compressor)))
-         (graph "system-graph"))
+         (graph "system-graph")
+         (root (srfi-1:find (lambda (user)
+                              (and=> (user-account-uid user) zero?))
+                            (operating-system-users os)))
+         (root-shell (or (and=> root user-account-shell)
+                         (file-append bash "/bin/bash"))))
     (define builder
       (with-extensions gcrypt-sqlite3&co          ;for (guix store database)
         (with-imported-modules `(,@(source-module-closure
@@ -697,6 +716,15 @@ (define builder
                                            #:system-directory #$os)
 
                 (with-directory-excursion image-root
+                  (when #$wsl?
+                    ;; WSL requires /bin/sh.  Will be overwritten by system
+                    ;; activation.
+                    (symlink #$root-shell "./bin/sh")
+
+                    ;; WSL requires /bin/mount to access the host fs.
+                    (symlink #+(file-append util-linux "/bin/mount")
+                             "./bin/mount"))
+
                   (apply invoke tar "-cvf" #$output "."
                          (tar-base-options
                           #:tar tar
@@ -718,7 +746,7 @@ (define (image->root-file-system image)
   "Return the IMAGE root partition file-system type."
   (case (image-format image)
     ((iso9660) "iso9660")
-    ((docker tarball) "dummy")
+    ((docker tarball wsl-tarball) "dummy")
     (else
      (partition-file-system (find-root-partition image)))))
 
@@ -858,6 +886,8 @@ (define target (cond
         (system-docker-image image*))
        ((memq image-format '(tarball))
         (system-tarball-image image*))
+       ((memq image-format '(wsl-tarball))
+        (system-tarball-image image* #:wsl? #t))
        ((memq image-format '(iso9660))
          (system-iso9660-image
           image*
-- 
2.34.0
A
A
Alex Griffin wrote on 10 Feb 07:31 +0100
[PATCH 4/5] system: Add wsl module.
(address . 53912@debbugs.gnu.org)
87v8xncjx4.fsf@ajgrf.com
This patch adds a new module at gnu/system/wsl.scm. It contains a
minimal operating-system definition that works in WSL.

Thanks,
Alex Griffin
From 55cbd67645fced42905b3bcff345116de7365049 Mon Sep 17 00:00:00 2001
From: Alex Griffin <a@ajgrf.com>
Date: Wed, 9 Feb 2022 23:09:52 -0600
Subject: [PATCH 4/5] system: Add wsl module.
* gnu/system/wsl.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
---
gnu/local.mk | 2 +
gnu/system/wsl.scm | 148 +++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 150 insertions(+)
create mode 100644 gnu/system/wsl.scm
Toggle diff (176 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 198c8f64a6..fecde5b4dd 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -49,6 +49,7 @@
 # Copyright © 2021 Simon Tournier <zimon.toutoune@gmail.com>
 # Copyright © 2022 Daniel Meißner <daniel.meissner-i4k@ruhr-uni-bochum.de>
 # Copyright © 2022 Remco van 't Veer <remco@remworks.net>
+# Copyright © 2022 Alex Griffin <a@ajgrf.com>
 #
 # This file is part of GNU Guix.
 #
@@ -700,6 +701,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/system/shadow.scm				\
   %D%/system/uuid.scm				\
   %D%/system/vm.scm				\
+  %D%/system/wsl.scm				\
 						\
   %D%/system/images/hurd.scm			\
   %D%/system/images/novena.scm			\
diff --git a/gnu/system/wsl.scm b/gnu/system/wsl.scm
new file mode 100644
index 0000000000..63c71926a7
--- /dev/null
+++ b/gnu/system/wsl.scm
@@ -0,0 +1,148 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2022 Alex Griffin <a@ajgrf.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu system wsl)
+  #:use-module (gnu bootloader)
+  #:use-module (gnu packages admin)
+  #:use-module (gnu packages base)
+  #:use-module (gnu packages bash)
+  #:use-module (gnu packages guile)
+  #:use-module (gnu packages linux)
+  #:use-module (gnu services)
+  #:use-module (gnu services base)
+  #:use-module (gnu system)
+  #:use-module (gnu system shadow)
+  #:use-module (guix build-system trivial)
+  #:use-module (guix gexp)
+  #:use-module (guix packages)
+  #:export (wsl-boot-program
+            wsl-os))
+
+(define (wsl-boot-program user)
+  "Program that runs the system boot script, then starts a login shell as USER."
+  (program-file
+   "wsl-boot-program"
+   #~(begin
+       (unless (file-exists? "/run/current-system")
+         (let ((shepherd-socket "/var/run/shepherd/socket"))
+           ;; Clean up this file so we can wait for it later.
+           (when (file-exists? shepherd-socket)
+             (delete-file shepherd-socket))
+
+           ;; Child process boots the system and is replaced by shepherd.
+           (when (zero? (primitive-fork))
+             (let* ((system-generation (readlink "/var/guix/profiles/system"))
+                    (system (readlink
+                             (string-append (if (absolute-file-name? system-generation)
+                                                ""
+                                                "/var/guix/profiles/")
+                                            system-generation))))
+               (setenv "GUIX_NEW_SYSTEM" system)
+               (execl #$(file-append guile-3.0 "/bin/guile")
+                      "guile"
+                      "--no-auto-compile"
+                      (string-append system "/boot"))))
+
+           ;; Parent process waits for shepherd before continuing.
+           (while (not (file-exists? shepherd-socket))
+             (sleep 1))))
+
+       (let* ((pw (getpw #$user))
+              (shell (passwd:shell pw))
+              (sudo #+(file-append sudo "/bin/sudo"))
+              (args (cdr (command-line))))
+         ;; Save the value of $PATH set by WSL.  Useful for finding
+         ;; Windows binaries to run with WSL's binfmt interop.
+         (setenv "WSLPATH" (getenv "PATH"))
+
+         ;; Start login shell as user.
+         (apply execl sudo "sudo"
+                "--preserve-env=WSLPATH"
+                "-u" #$user
+                "--"
+                shell "-l" args)))))
+
+(define dummy-package
+  (package
+    (name "dummy")
+    (version "0")
+    (source #f)
+    (build-system trivial-build-system)
+    (arguments
+     `(#:modules ((guix build utils))
+       #:target #f
+       #:builder (begin
+                   (use-modules (guix build utils))
+                   (let* ((out (assoc-ref %outputs "out"))
+                          (dummy (string-append out "/dummy")))
+                     (mkdir-p out)
+                     (call-with-output-file dummy
+                       (const #t))
+                     #t))))
+    (home-page #f)
+    (synopsis #f)
+    (description #f)
+    (license #f)))
+
+(define dummy-bootloader
+  (bootloader
+   (name 'dummy-bootloader)
+   (package dummy-package)
+   (configuration-file "/dev/null")
+   (configuration-file-generator
+    (lambda (. _rest)
+      (plain-file "dummy-bootloader" "")))
+   (installer #~(const #t))))
+
+(define dummy-kernel dummy-package)
+
+(define (dummy-initrd . _rest)
+  (plain-file "dummy-initrd" ""))
+
+(define-public wsl-os
+  (operating-system
+    (host-name "gnu")
+    (timezone "Etc/UTC")
+
+    (bootloader
+     (bootloader-configuration
+      (bootloader dummy-bootloader)))
+
+    (kernel dummy-kernel)
+    (initrd dummy-initrd)
+    (initrd-modules '())
+    (firmware '())
+
+    (file-systems '())
+
+    (users (cons* (user-account
+                   (name "guest")
+                   (group "users")
+                   (supplementary-groups '("wheel")) ; allow use of sudo
+                   (password "")
+                   (comment "Guest of GNU"))
+                  (user-account
+                   (inherit %root-account)
+                   (shell (wsl-boot-program "guest")))
+                  %base-user-accounts))
+
+    (services (list (service guix-service-type)
+                    (service special-files-service-type
+                             `(("/bin/sh" ,(file-append bash "/bin/bash"))
+                               ("/bin/mount" ,(file-append util-linux "/bin/mount"))
+                               ("/usr/bin/env" ,(file-append coreutils "/bin/env"))))))))
-- 
2.34.0
A
A
Alex Griffin wrote on 10 Feb 07:35 +0100
[PATCH 5/5] image: Add wsl image.
(address . 53912@debbugs.gnu.org)
87tud7cjpg.fsf@ajgrf.com
This patch adds the wsl system image. Generate it with

guix system image gnu/system/images/wsl.scm

Thanks,
Alex Griffin
From 65f58dae36f25c4bcb64f4b75060a2635aab7fa2 Mon Sep 17 00:00:00 2001
From: Alex Griffin <a@ajgrf.com>
Date: Wed, 9 Feb 2022 23:04:04 -0600
Subject: [PATCH 5/5] image: Add wsl image.
* gnu/system/images/wsl.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
---
gnu/local.mk | 1 +
gnu/system/images/wsl.scm | 31 +++++++++++++++++++++++++++++++
2 files changed, 32 insertions(+)
create mode 100644 gnu/system/images/wsl.scm
Toggle diff (51 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index fecde5b4dd..41f0d14c42 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -708,6 +708,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/system/images/pine64.scm			\
   %D%/system/images/pinebook-pro.scm		\
   %D%/system/images/rock64.scm			\
+  %D%/system/images/wsl.scm			\
 						\
   %D%/machine.scm				\
 						\
diff --git a/gnu/system/images/wsl.scm b/gnu/system/images/wsl.scm
new file mode 100644
index 0000000000..c4ad4a7c27
--- /dev/null
+++ b/gnu/system/images/wsl.scm
@@ -0,0 +1,31 @@
+;;; Copyright © 2022 Alex Griffin <a@ajgrf.com>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu system images wsl)
+  #:use-module (gnu image)
+  #:use-module (gnu system image)
+  #:use-module (gnu system wsl)
+  #:export (wsl-tarball-image))
+
+(define wsl-tarball-image
+  (image
+   (inherit
+    (os->image wsl-os
+               #:type wsl-tarball-image-type))
+   (name 'wsl-tarball-image)))
+
+wsl-tarball-image
-- 
2.34.0
L
L
Liliana Marie Prikler wrote on 15 Feb 15:10 +0100
Re: [PATCH 3/5] system: image: Add wsl-tarball support.
53c41e580645a9c80bec2668b58fbd3f67c45e5c.camel@ist.tugraz.at
Hi,

Am Donnerstag, dem 10.02.2022 um 06:27 +0000 schrieb Alex Griffin:
Toggle quote (8 lines)
> This patch adds the wsl-tarball image type. The difference between
> this and the plain tarball type is the creation of the symlinks at
> /bin/sh and /bin/mount.
>
> These are necessary for the first boot to work after importing. We
> can’t rely on special-files-service-type for this because the system
> is not activated yet, and the /bin/sh symlink initiates the first
> system activation.
I don't think this ad-hoc hack "deserves" its own tarball type.
Imagine WSL 3 requires /bin/ed besides /bin/sh and /bin/mount, then
you'd need to add a wsl3-tarball-type, and so on and so forth.

I think the correct way of implementing this would be to make image
respect --symlink the way guix pack does. WDYT?
M
M
Maxime Devos wrote on 15 Feb 17:28 +0100
Re: [bug#53912] [PATCH 3/5] system: image: Add wsl-tarball support.
469b53c147af6619de85e3beaaf122e8d827b829.camel@telenet.be
Alex Griffin via Guix-patches via schreef op do 10-02-2022 om 06:27
[+0000]:
Toggle quote (9 lines)
> This patch adds the wsl-tarball image type. The difference between
> this and the plain tarball type is the creation of the symlinks at
> /bin/sh and /bin/mount.
>
> These are necessary for the first boot to work after importing. We
> can’t rely on special-files-service-type for this because the system
> is not activated yet, and the /bin/sh symlink initiates the first
> system activation.

Why would WSL expect these things to be located there?
Can this assumption be removed upstream?

Greetings,
Maxime
-----BEGIN PGP SIGNATURE-----

iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYgvUuRccbWF4aW1lZGV2
b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7s+sAP9PfQPSJ3VTrK3aSn/AKLjoiXgu
vJ4NFz20hcr/iNgcRwEAxVimpXoFE8KZrCQ1NrZjYreaEe9mjTg56ypUjkPxwQc=
=ZFq3
-----END PGP SIGNATURE-----


M
M
Maxime Devos wrote on 15 Feb 17:31 +0100
6a73b33bc1ca7f8e9bfa5805608207f02e9aa282.camel@telenet.be
Alex Griffin via Guix-patches via schreef op do 10-02-2022 om 06:27
[+0000]:
Toggle quote (12 lines)
>                  (with-directory-excursion image-root
> +                  (when #$wsl?
> +                    ;; WSL requires /bin/sh.  Will be overwritten by
> system
> +                    ;; activation.
> +                    (symlink #$root-shell "./bin/sh")
> +
> +                    ;; WSL requires /bin/mount to access the host
> fs.
> +                    (symlink #+(file-append util-linux "/bin/mount")
> +                             "./bin/mount"))

I would change this to

(with-directory-excursion image-root
#$@(if wsl?
;; Comment ...
#~((symlink ...)
(symlink ...)
#~())
other things ...)

such that the tarball could be built without building util-linux.

Also, (symlink #+(file-append util-linux ...) "./bin/mount") seems
wrong here when cross-compiling, wouldn't a 'mount' compiled for --
target be required instead of a 'mount' compiled for --system when
cross-compiling? Do you mean #$(file-append ...) instead?

Greetings,
Maxime.
-----BEGIN PGP SIGNATURE-----

iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYgvVchccbWF4aW1lZGV2
b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7lucAQC7gfizuPHGu2n1Gi/Butz35syT
uk5rC73iAzLRx6/MhAEA5YFBrgaFEuQdY4Vr5nvzClqHqNwmn0rCJxWmlnLKiAo=
=ZFGu
-----END PGP SIGNATURE-----


L
L
Ludovic Courtès wrote on 11 Apr 12:34 +0200
Re: bug#53912: [PATCH 0/5] WIP Add WSL support.
(name . Alex Griffin)(address . a@ajgrf.com)(name . 53912@debbugs.gnu.org)(address . 53912@debbugs.gnu.org)
87k0bvkiwd.fsf_-_@gnu.org
Hi,

Alex Griffin <a@ajgrf.com> skribis:

Toggle quote (10 lines)
> From ef951ff51bf0e2b2b50c57fbf652b0677c1e6701 Mon Sep 17 00:00:00 2001
> From: Alex Griffin <a@ajgrf.com>
> Date: Sun, 6 Feb 2022 16:29:47 -0600
> Subject: [PATCH 2/5] system: image: Add tarball support.
>
> * gnu/system/image.scm (tarball-image, tarball-image-type): New variables.
> (system-tarball-image): New procedure.
> (image->root-file-system): Add tarball image support.
> (system-image): Ditto.

Interesting!

Toggle quote (15 lines)
> +++ b/gnu/system/image.scm
> @@ -1,6 +1,7 @@
> ;;; GNU Guix --- Functional package management for GNU
> ;;; Copyright © 2020, 2021 Mathieu Othacehe <m.othacehe@gmail.com>
> ;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
> +;;; Copyright © 2022 Alex Griffin <a@ajgrf.com>
> ;;;
> ;;; This file is part of GNU Guix.
> ;;;
> @@ -24,6 +25,7 @@ (define-module (gnu system image)
> #:use-module (guix modules)
> #:use-module (guix monads)
> #:use-module (guix records)
> + #:use-module (guix scripts pack)

We cannot refer to (guix scripts …) modules from here (conceptually
(guix scripts …) modules are layered above the rest).

If needed, we can move the relevant bits to a new (guix pack) module and
use it here. (I didn’t spot which part of (guix scripts pack) is used.)

Ludo’.
L
L
Ludovic Courtès wrote on 11 Apr 12:41 +0200
(name . Alex Griffin)(address . a@ajgrf.com)(address . 53912@debbugs.gnu.org)
87czhnkilq.fsf@gnu.org
Hi Alex,

Somehow I hadn’t noticed this patch series before…

Alex Griffin <a@ajgrf.com> skribis:

Toggle quote (19 lines)
> Things mostly just work already. To try it out, first generate an
> os tarball:
>
> ┌────
> │ guix system image gnu/system/images/wsl.scm
> └────
>
> Then copy the result to your Windows system and run:
>
> ┌────
> │ wsl --import guix ./guix/ image.tar.gz
> └────
>
> You can now run Guix System under WSL:
>
> ┌────
> │ wsl -d guix
> └────

That seems pretty fun.

You say it’s work in progress; what exactly is missing at this point?

At first sight, it looks mostly ready to me. What’s missing is a
section like “Running Guix under WSL”, maybe next to “Running Guix in a
VM”. WDYT?

Better yet would be a “System Images” section under “System
Configuration”, with a subsection dedicated to WSL images.

Ludo’.
M
M
Mathieu Othacehe wrote on 26 Apr 09:15 +0200
(name . Alex Griffin)(address . a@ajgrf.com)
87zgk8wc1c.fsf_-_@gnu.org
Hello,

Toggle quote (4 lines)
> At first sight, it looks mostly ready to me. What’s missing is a
> section like “Running Guix under WSL”, maybe next to “Running Guix in a
> VM”. WDYT?

I agree with Ludo it seems like ready to me. That's a very interesting
series and I would like to see it merged :).

In the meantime, I pushed the first commit that is fixing a typo.

Thanks,

Mathieu
C
C
Christine Lemmer-Webber wrote on 4 Jun 02:31 +0200
Re: [bug#53912] [PATCH 0/5] WIP Add WSL support.
(name . Mathieu Othacehe)(address . othacehe@gnu.org)
87bkv9tghc.fsf@dustycloud.org
Mathieu Othacehe <othacehe@gnu.org> writes:

Toggle quote (15 lines)
> Hello,
>
>> At first sight, it looks mostly ready to me. What’s missing is a
>> section like “Running Guix under WSL”, maybe next to “Running Guix in a
>> VM”. WDYT?
>
> I agree with Ludo it seems like ready to me. That's a very interesting
> series and I would like to see it merged :).
>
> In the meantime, I pushed the first commit that is fixing a typo.
>
> Thanks,
>
> Mathieu

Turns out I have an immediate need for this to collaborate with a
coworker at my organization also.

Is all that's left is adding docs? It might be worth merging what
exists then already at its current state?

Even though my coworker needs it, I actually don't have access to a
Windows machine or I'd offer to write it. :)

- Christine
J
J
Jacob MacDonald wrote on 11 Aug 18:27 +0200
Re: WSL support.
(address . 53912@debbugs.gnu.org)
CACy6W0D_Kyk5OS+qfcY5BFhetJCxCcMoM6iC84t0y=L2mAWTtQ@mail.gmail.com
I'm also excited about the patch; I use Guix on WSL at work, with an
image I used Guix's Docker to create.

I just updated my WSL kernel to 5.15 and started seeing setuid errors
for binaries installed in /run/setuid-programs (sudo, passwd, etc.).
I've filed an upstream bug and suspect it has something to do with the
way WSL's init mounts file systems. Has anyone else encountered this
yet?

If not, and if you use WSL from the Windows Store, you might want to
delay your update.

Cheers,

Jacob.
S
S
Stefan wrote on 11 Aug 23:32 +0200
[PATCH 0/5] WIP Add WSL support.
(address . 53912@debbugs.gnu.org)
9B03DD4B-4699-40CB-95A6-C0369F1E7663@vodafonemail.de
Hi!

The problems with sudo etc. in /run/setuid-programs/ stem from the nosuid and noexec flags, which WSL sets when mounting /run as tmpfs.

I use a guile script which remounts /run with these flags removed.

But there is another mount-problem. When WSL is using root as the default user, then the default mounts of local drives like /mnt/c/ use uid=0 and gid=0. This is problematic, when a script is changing the user with sudo. So my script is unmounting all local drives and mounting them again with /sbin/mount.drvfs of WSL with the uid and gid of that user and the metadata flag. By the way, I was not able to use the type drvfs with the mount command from Guix for this. But I didn’t try the type 9p for this yet, which it actually seems to be.

Changing the default user to prevent problems with local drives seems possible with an /etc/wsl.conf file. But then it will not be possible to use root’s shell entry for the script anymore.

Hm, I guess that even if the sudo problem is solved, then still a “sudo -i” won’t be possible with the patch. Is that right?

Another possible problem with the patch might be the current-directory. I guess that a “wsl -d guix -e ls” will not list the directory from which the wsl command got invoked, but the user’s home directory.

My setup is using a gnu.bat file, which invokes a guile script named gnu.scm in WSL, which – if needed – does the re-mounts and starts shepherd, and calls sudo to login the user and change the directory before executing further commands from the user. It is retaining some environment variables like TERM, and the content of WSLENV. So from the Windows side it is possible to call “gnu.bat ls -lA” etc. or just “gnu.bat” to get a shell.

I’m experimenting with another script, which like busybox evaluates its name, and put symlinks to it in /usr/local/bin/, which is in the default WSL search path. That script invokes the mentioned gnu.scm script. With this it is possible to call e.g. “wsl -d guix -e ls -l” for the Windows user in USERNAME.

With the WSL version I’m using on Windows 10 its /init requires a group cache for nscd, too.

With Windows 11 there is a boot option for the /etc/wsl.config, which might be the optimal place for a script to do re-mounts and start shepherd.

All in all WSL assumes the Filesystem Hierarchie Standard and /etc/environment and makes it hard to launch arbitrary commands as intended with just “wsl -e ls” in Guix. In such a case no shell is involved and no /etc/profile or ~/.profile is sourced, so ls won’t be found. This all seems to be far from perfect to me.


Bye

Stefan
J
J
Jacob MacDonald wrote on 12 Aug 00:31 +0200
(address . 53912@debbugs.gnu.org)
CACy6W0DVqFrSOayhoTz4Cm8CMKkWuNka4Mfv=60T6iPpR+SdUw@mail.gmail.com
Stefan wrote:

Toggle quote (2 lines)
> The problems with sudo etc. in /run/setuid-programs/ stem from the nosuid and noexec flags, which WSL sets when mounting /run as tmpfs.

Do you know if there was a 5.10->5.15 change on that front? I only saw
the issue after upgrading WSL (and not Guix), even though I had to
work around several mount issues getting Guix set up in the first
place.

Toggle quote (2 lines)
> This all seems to be far from perfect to me.

It is less than ideal.

Toggle quote (2 lines)
> All in all WSL assumes the Filesystem Hierarchie Standard and /etc/environment

I do have some workarounds for the issues you mention; No long
examples since that work machine is airgapped, but I'll outline my
setup and can follow up with code. The filesystem standard, Linux and
Guix internals are the areas I'm fuzzy on, relying mostly on
third-party advice and a little bit of common-sense tinkering. It's
possible that something other than the WSL upgrade broke /run, but my
image started with a broken Guix and has undergone several successful
revisions.

Toggle quote (4 lines)
> I use a guile script which remounts /run with these flags removed.

> With Windows 11 there is a boot option for the /etc/wsl.config, which might be the optimal place for a script to do re-mounts and start shepherd.

That is exactly right based on my experience. My init script doesn't
do any mounts (since the old WSL seemed to let me call sudo just
fine), but it does start as root and make sure the file system is sane
before kicking things off.

Toggle quote (2 lines)
> Changing the default user to prevent problems with local drives seems possible with an /etc/wsl.conf file. But then it will not be possible to use root’s shell entry for the script anymore.

I never investigated the ownership of /mnt/c/, but it seemed to work
OK in userspace. I could create files or delete/trash them from a
user-level Emacs.

Toggle quote (2 lines)
> Hm, I guess that even if the sudo problem is solved, then still a “sudo -i” won’t be possible with the patch. Is that right?

I haven't used this patch, so I'm not sure how it interacts. However,
/run/setuid-programs/sudo -i fails for me as expected while
/run/current-system/profile/bin/sudo -i works.

Toggle quote (4 lines)
> [WSL] makes it hard to launch arbitrary commands as intended with just “wsl -e ls” in Guix. In such a case no shell is involved and no /etc/profile or ~/.profile is sourced, so ls won’t be found.

> Another possible problem with the patch might be the current-directory. I guess that a “wsl -d guix -e ls” will not list the directory from which the wsl command got invoked, but the user’s home directory.

This may be another Win11 feature, but I figured out that --shell-type
is a way around that annoyance. wsl --shell-type login ls in a fresh
PowerShell shows me files in my Windows home. My shell configuration
is small enough that the startup overhead is minimal, and based on
running top that way, there's no shell process that sticks around.

Toggle quote (2 lines)
> With the WSL version I’m using on Windows 10 its /init requires a group cache for nscd, too.

The advice I saw on Guix-in-WSL suggested disabling nscd and I found
that to be the case.

Toggle quote (2 lines)
> My setup is using a gnu.bat file, which invokes a guile script named gnu.scm in WSL, which – if needed – does the re-mounts and starts shepherd, and calls sudo to login the user and change the directory before executing further commands from the user. It is retaining some environment variables like TERM, and the content of WSLENV. So from the Windows side it is possible to call “gnu.bat ls -lA” etc. or just “gnu.bat” to get a shell.

My /etc/wsl.conf sets the default user and specifies a script to run
at boot. That script sets up /run/current-system, boots from it, and
does those few trivial fs sanity checks. From there, I can start new
shells for my user and everything seems to behave. System
reconfigurations were the biggest footgun prior to this latest
breakage, but this is my only GuixSD experience so that might be a
general problem.

Thanks!

Jacob.
M
M
Mathieu Othacehe wrote on 11 Sep 14:23 +0200
(name . Ludovic Courtès)(address . ludo@gnu.org)
87wnaa2j86.fsf_-_@gnu.org
Hey,

Toggle quote (7 lines)
> At first sight, it looks mostly ready to me. What’s missing is a
> section like “Running Guix under WSL”, maybe next to “Running Guix in a
> VM”. WDYT?
>
> Better yet would be a “System Images” section under “System
> Configuration”, with a subsection dedicated to WSL images.

I added a "System Images" documentation chapter with:

I sent a preliminary patchset to add tarball support here:

I also took most of the comments of this thread into account an pushed a
revised version of this series to wip-image.

In the documentation patchset, there is an "Image Modules" section
describing how to create an image by running "guix system image
gnu/system/images/pine64.scm". Maybe I should also give a more specific
example of how to create a WSL image in that section?

Tested all of it by creating a WSL image with some web services (nginx,
tailon), they are started by Shepherd in the WSL and accessible from
Windows.

Thanks,

Mathieu
M
M
Mathieu Othacehe wrote on 25 Sep 13:56 +0200
(name . Ludovic Courtès)(address . ludo@gnu.org)
87k05rk6qa.fsf_-_@gnu.org
Hey,

Toggle quote (4 lines)
> Tested all of it by creating a WSL image with some web services (nginx,
> tailon), they are started by Shepherd in the WSL and accessible from
> Windows.

And pushed, with a documentation update. I'll come up with a blog post
in the next coming days.

Thanks,

Mathieu
Closed
?
Your comment

This issue is archived.

To comment on this conversation send email to 53912@debbugs.gnu.org