User:Ajak/podman for Development and Binhosting
Using podman, one can create a very simple and powerful ebuild testing and binhost/binpkg generation environment. I will use the former use case as an example to start off with.
We start by configuring /etc/portage
configurations in whatever way we want, but importantly they should be somehow stored on the host running podman. We will assume there is a target configuration in /srv/portage/unstable
, with binary packages in /srv/binpkgs/generic
, containing a world file called world
.
So an unprivileged user can use the resulting container, we need to also host a local registry.
This is all we need to build the container. Using the run
script here:
root #
./run unstable
The builds a Podman image that:
- Uses the host's distfiles and
/var/db/repos
- Uses the binpkgs from
/srv/binpkgs/generic
in the container as/var/cache/binpkgs
- Uses the Portage configuration from the subdirectory of
/srv/portage
corresponding to the argument passed to the script. In this case/srv/portage/unstable
will be bind mounted to/etc/portage
in the container, and/var/lib/portage/world
will be symlinked to/etc/portage/world
- Does a full world update, populating the PKGDIR with any new packages that can be consumed by other systems
- Is tagged and pushed to our local registry
After running this script, we can see the tagged images:
root #
podman images localhost/unstable
REPOSITORY TAG IMAGE ID CREATED SIZE localhost/unstable latest 79aa73513be7 5 hours ago 2.06 GB localhost:5000/unstable latest 79aa73513be7 5 hours ago 2.06 GB
We can now use this image as an unprivileged user using the unpriv
script, here.
user $
./unpriv.sh
79aa73513be75c4357c9dd1cefa14ee5f21c8168e9ff05aa93fa971882e678e9
fd6ec96e2036 / #
# root shell in rootless container!