Running software from other Debian releases: Difference between revisions
(Created page with "CSE "new world" systems run Debian stable. Software from other Debian releases can be useful for other purposes - particularly more recent versions of software from Debian testing. The programs <code>unstable</code>, <code>testing</code>, <code>stable</code>, <code>oldstable</code>, <code>sid</code> <code>bookworm</code> <code>bullseye</code> <code>buster</code> in <code>/usr/local/extrafiles/bin/</code> run software from the corresponding Debian release. For example...") |
m (→Limitations) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
CSE | CSE [[New World]] systems run Debian stable. Software from other Debian releases can be useful for other purposes - particularly more recent versions of software from Debian testing. | ||
The programs | The programs | ||
| Line 51: | Line 51: | ||
The scripts and builds of other Debian distributions are unprivileged. | The scripts and builds of other Debian distributions are unprivileged. | ||
Software that requires privileges will fail if executed this way. | Software that requires privileges will fail if executed this way. | ||
This avoids security concerns . | This avoids security concerns. | ||
Execution is in a separate user namespace - for more information see [[Controlling Resources & Privileges with Linux namespaces, cgroups & limits]] | Execution is in a separate user namespace - for more information see [[Controlling Resources & Privileges with Linux namespaces, cgroups & limits]] | ||
Latest revision as of 14:46, 29 August 2023
CSE New World systems run Debian stable. Software from other Debian releases can be useful for other purposes - particularly more recent versions of software from Debian testing.
The programs
unstable,
testing,
stable,
oldstable,
sid
bookworm
bullseye
buster
in
/usr/local/extrafiles/bin/ run software from the corresponding Debian release.
For example:
$ unstable nodejs --version v16.15.1 $ testing nodejs --version v16.14.2 $ bullseye nodejs --version v12.22.5 $ buster nodejs --version v10.24.0
The builds are updated weekly.
Software may be missing from unstable/sid if builds fail, e.g. to conflicts.
Providing Access from a Class Account
It can be convienent to provide access to software via a him script in the class account.
For example if COMP2041 students need access to the version of git
from testing, this could be provided by creating /home/cs2041/bin/git like this:
$ git --version git version 2.31.0 $ cat /home/cs2041/bin/git #!/bin/sh exec /usr/local/extrafiles/bin/testing /usr/bin/"$(basename "$0")" "$@" $ 2041 git --version git version 2.35.1 $
Limitations
The scripts and builds of other Debian distributions are unprivileged. Software that requires privileges will fail if executed this way. This avoids security concerns.
Execution is in a separate user namespace - for more information see Controlling Resources & Privileges with Linux namespaces, cgroups & limits
Files owned by other users appear as owned by nobody/
which may break some things.
A set of pathnames including /dev and /proc are bind mounted into a mount namespace. This is sufficient for simple purposes but may not be sufficient for some software.