# Cluster: Sage Chroot

### From Earlham Cluster Department

(→Chroot) |
|||

Line 12: | Line 12: | ||

<pre> | <pre> | ||

/mounts/bobsced/sage_chroot.image /mounts/bobsced/sage_chroot ext3 loop 0 0 | /mounts/bobsced/sage_chroot.image /mounts/bobsced/sage_chroot ext3 loop 0 0 | ||

- | /dev /mounts/bobsced/sage_chroot/dev | + | /dev /mounts/bobsced/sage_chroot/dev none rbind,dev 0 0 |

- | /proc /mounts/bobsced/sage_chroot/proc | + | /proc /mounts/bobsced/sage_chroot/proc none bind 0 0 |

+ | /selinux /mounts/bobsced/sage_chroot/selinux none bind 0 0 | ||

</pre> | </pre> | ||

Line 47: | Line 48: | ||

COMMAND="notebook(address='$ADDRESS', port=$PORT, accounts=True, open_viewer=false, secure=true)" | COMMAND="notebook(address='$ADDRESS', port=$PORT, accounts=True, open_viewer=false, secure=true)" | ||

- | nohup /usr/sbin/chroot $SAGE_SERVER su - sage -c "sage -c \"$COMMAND\" " & | + | nohup /usr/sbin/chroot $SAGE_SERVER su - sage -c "./sage -c \"$COMMAND\" " print >>/var/log/sage & |

</pre> | </pre> | ||

Line 56: | Line 57: | ||

. /etc/sysconfig/sage-config | . /etc/sysconfig/sage-config | ||

- | kill - | + | kill -INT `cat $SAGE_SERVER/home/sage/.sage/sage_notebook/twistd.pid` 2>&1 >>/var/log/sage |

</pre> | </pre> | ||

- | And finally, <code>/etc/rc.d/init.d/sage | + | And finally, <code>/etc/rc.d/init.d/sage</code>: |

<pre> | <pre> | ||

#!/bin/sh | #!/bin/sh | ||

Line 76: | Line 77: | ||

echo -n $"Starting sage " | echo -n $"Starting sage " | ||

if [ ! -f /var/lock/subsys/sage ]; then | if [ ! -f /var/lock/subsys/sage ]; then | ||

- | nohup /usr/local/bin/sage-notebook | + | nohup /usr/local/bin/sage-notebook print >>/var/log/sage & |

- | / | + | |

fi | fi | ||

touch /var/lock/subsys/sage | touch /var/lock/subsys/sage |

## Latest revision as of 18:08, 11 September 2009

In order to chroot the Sage notebook, I used a mix of steps from the following guides:

- MSRI SAGE Installation Guide: Running the SAGE Notebook Securely
- [sage-support] Re: How to run the notebook in the background
- [sage-support] chroot jail -- unable to mount image file
- [sage-devel] Re: SAGE in chroot - This one is for RedHat

## Chroot

The image itself is at /mounts/bobsced/sage_chroot.image (aka /cluster/bobscednew/sage_chroot.image). It gets mounted in the same directory as sage_chroot (it's an ext3 filesystem). The chroot needs to have /dev and /proc, so here's a copy of the relevant parts of `/etc/fstab`

:

/mounts/bobsced/sage_chroot.image /mounts/bobsced/sage_chroot ext3 loop 0 0 /dev /mounts/bobsced/sage_chroot/dev none rbind,dev 0 0 /proc /mounts/bobsced/sage_chroot/proc none bind 0 0 /selinux /mounts/bobsced/sage_chroot/selinux none bind 0 0

In order to get yum to install there, I had to edit `/etc/yum.repos.d/CentOS-Base.repo`

and hard code $releasever to 3.5. I also commented out all the repositories except the top one. Then I was able to run:

`yum --installroot=/mounts/bobsced/sage_chroot install bash fileutils sed which make gcc gcc-c++ m4 tar gzip bzip2 flex bison findutils yum rpm passwd perl diffutils sudo`

to set up the base install of the OS for the chroot. It also needs a copy of /etc/hosts for the localhost entry.

## Sage Install

I downloaded the tar ball normally and then moved it into the chroot from the base filesystem. I untarred it from the base filesystem, too, and put it in the directory /home/sage in the chroot, then ran (as the `sage`

user in the chroot, which has id 5000, which isn't used in the main filesystem)

`make`

`make test`

Make sure to run `./sage`

once inside the chroot so it sets up its variables and everything.

## Sage Setup on the Base Filesystem

I followed the post above for Red Hat. On the filesystem outside the chroot, I populated `/etc/sysconfig/sage-config`

:

SAGE_SERVER=/mounts/bobsced/sage_image ADDRESS=159.28.234.200 PORT=8000 USER=5000

And `/usr/local/bin/sage-notebook`

:

#!/bin/bash . /etc/sysconfig/sage-config COMMAND="notebook(address='$ADDRESS', port=$PORT, accounts=True, open_viewer=false, secure=true)" nohup /usr/sbin/chroot $SAGE_SERVER su - sage -c "./sage -c \"$COMMAND\" " print >>/var/log/sage &

And `/usr/local/bin/sage-killer`

:

#!/bin/bash . /etc/sysconfig/sage-config kill -INT `cat $SAGE_SERVER/home/sage/.sage/sage_notebook/twistd.pid` 2>&1 >>/var/log/sage

And finally, `/etc/rc.d/init.d/sage`

:

#!/bin/sh # # This script starts up a sage notebook in a chroot environment. # Copied from http://www.mail-archive.com/sage-devel@googlegroups.com/msg03545.html # # chkconfig: 2345 35 98 # description: Run a notebook in chroot environment # . /etc/rc.d/init.d/functions start() { echo -n $"Starting sage " if [ ! -f /var/lock/subsys/sage ]; then nohup /usr/local/bin/sage-notebook print >>/var/log/sage & fi touch /var/lock/subsys/sage success echo return 0 } stop() { echo -n $"Stopping sage " /usr/local/bin/sage-killer rm -f /var/lock/subsys/sage success echo return 0 } status () { if [ ! -f /var/lock/subsys/sage ]; then echo $"Sage is not currently running" return 1 else echo $"Sage is running" return 0 fi } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status ;; restart) stop start ;; *) echo $"Usage: $0 {start|stop|restart|status}" exit 1 esac exit 0