Bug 1660 - session dependent paths can cause difficulties
Summary: session dependent paths can cause difficulties
Status: NEW
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Local drive redirection (show other bugs)
Version: trunk
Hardware: PC Linux
: P2 Enhancement
Target Milestone: MediumPrio
Assignee: Peter Åstrand
Depends on: 357
  Show dependency treegraph
Reported: 2005-11-10 07:46 CET by Peter Åstrand
Modified: 2018-12-18 13:23 CET (History)
0 users

See Also:
Acceptance Criteria:


Description Peter Åstrand cendio 2005-11-10 07:46:31 CET
On recent 2.6 kernels, it's possible to make "private" mounts. It seems like
this functionality has been enhanced by the "Shared subtrees" patch. See
http://lwn.net/Articles/159077/ for more information.
Comment 1 Peter Åstrand cendio 2005-11-10 07:47:40 CET
http://lwn.net/Articles/158401/ also talks about this. 
Comment 2 Peter Åstrand cendio 2008-01-16 09:47:07 CET
Some clarification: This bug should not be seen as a solution for bug
2573. In fact, "private" mounts are very much "normal" mounts as long
as you use a single namespace for all processes. Thus, even "private"
mounts shows up the the "mount" output.

So, this bug is really about "Polyinstantiated Directories" (PI). This
means that you have have "virtual" directory paths which means
different things in different sessions. This is just like H: meaning
different things in different WTS sessions.

In addition to the links mentioned, this URL is also good:

We could have a lot of benefits from using PI. The most
straightforward use would probably be to setup, say,
/var/opt/thinlinc/session to "point to"
/var/opt/thinlinc/sessions/$USER/$SESSION. You could say that this is
another solution for "Context-Dependent Path Names"
or unfs3:s "tagged files". The effect would be that a user could
always access his local drive mounts at
/var/opt/thinlinc/session/drives, always access the serial port device
at /var/opt/thinlinc/session/dev/ttyS0 etc. Convenient. This would be a good solution for bug 2549.

Linux has supported PI for a long time, since it supports different
namespaces for different processes. A new namespace for a user can be
setup with these commands:

# mkdir /var/opt/thinlinc/sessions/astrand/1/fsroot
# mount --rbind / /var/opt/thinlinc/sessions/astrand/1/fsroot
# mount --bind /var/opt/thinlinc/sessions/astrand/1 /var/opt/thinlinc/sessions/astrand/1/fsroot/var/opt/thinlinc/sessions/astrand/current/
# chroot /var/opt/thinlinc/sessions/astrand/1/fsroot

(Unmounting is a little bit tricky, though; you must unmount all
fsroot stuff found in /proc/mounts.)

This should work on Linux 2.4.0 and later. Please note that with this
solution, new mounts will not be automatically visible in the users
namespace. This might be an advantage or disadvantage. 

With Linux 2.6.15 and later, you can instead do:

# mount --bind / /	  # 1 per machine
# mount --make-shared /	  # 1 per machine
# mkdir /var/opt/thinlinc/sessions/astrand/1/fsroot
# mount --bind / /var/opt/thinlinc/sessions/astrand/1/fsroot
# mount --make-slave /var/opt/thinlinc/sessions/astrand/1/fsroot
# mount --bind /var/opt/thinlinc/sessions/astrand/1 /var/opt/thinlinc/sessions/astrand/1/fsroot/var/opt/thinlinc/sessions/astrand/current/
# chroot /var/opt/thinlinc/sessions/astrand/1/fsroot

Implementing this in ThinLinc should proably be done during
implementation of bug 357. This means having a root process staying
around for the duration of the user session. It can unmount the user
namespace when xinit is finished. 

See also article 309174 in komintern. 
Comment 3 Pierre Ossman cendio 2018-12-18 13:23:09 CET
The general issue here is that many parts of a ThinLinc session are set up using a path that is specific for each specific session. This can cause issue, primarily when trying to have configuration that is stable between different sessions.

As an example is the path for the local drives, which we are currently trying to handle by putting a symlink in the users home directory and updating that symlink with the latest session.

Polyinstantiated directories could be a solution to this, but is not the only possibility.

Note You need to log in before you can comment on or make changes to this bug.