Easy Chroot for Maemo

I'm going to start this post with a defence of my pronunciation of "chroot" as a single word, not "c-h-root" or whatever. I believe it should be pronounced this way for three reasons:

1. Unix/Linux commands and computer acronyms are commonly pronounced as words. "grep", which is a contraction of the g/re/p command, is pronounced as a word, as are many even less plausible acronyms. Try saying "s-c-s-i" instead of "scuzzy" in a computer lab and be prepared for the derisive laughter.
2. I think the chroot command was intended to reference the cheroot, a kind of inexpensive cigar also known as a stogie.
3. It is much easier to say. Why would you make work for yourself by saying a one-syllable word as two or three syllables?

The rest of this post is a more in-depth technical discussion of my easy-chroot package, targeted at developers, those wishing to easily mount partitions and image files, and those wishing to try out new linux distributions and environments with a minimum of hassle (no rebooting, partitioning, etc).


Easy Chroot: Introduction

I have packaged the scripts for the mount-and-chroot system underlying my Easy Debian package into a separate package I call "Easy Chroot". I have also included the drivers (compiled by Matan for me) to do the "turbo loop," which allows a mounted image file to be accessed at nearly the same speed as a partition.

I have created (with lots of help from lots of people) a set of scripts that are very generic, and can be used independently or together to build and run various kinds of "appliances" or OS replacements, without any direct impact on the host OS.

The Scripts

qchroot:

This is the all-in-one core script.

Provide it with an image/partition, a mount point, and a command, and it will do the rest... (But it runs the commands it is given as root inside the chroot, which is often not what you want. See the quserchroot command, below, to run chroot apps as non-root.)

The first parameter is the image file, the second parameter is the mountpoint, and the rest of the parameters are passed to the chroot and run there. There's a lot of magic going on under the surface here, so let's look at what's going on "under the hood."

The qchroot script can be broken into three parts; mount, bind, chroot. The mount portion is handled by qmount below, so we'll look at the binding and chroot portions.

• Binding: After a partition or image file is mounted, it isn't very useful for the kind of chroot we want here. A basic chroot is sometimes referred to as a "jail", because applications run in the chroot filesystem can't "see" anything outside of this filesystem. This means none of the devices, media, temp directories, nor even the user's home directory can be accessed while "inside" the chroot. That's why a careful use of the "mount -o bind" command is required. It mounts directories from the parent OS in the chroot, too, so applications in the "chroot" can "see" them. Mounting the /dev directory makes most of the devices connected to the system visible, and mounting everything under /media allows the chroot access to SD cards and attached external media such as USB drives. This also allows chroot apps to share the X display and desktop manager, so they appear to be running on the Maemo desktop. The qchroot script also mounts the various temporary directories, so that applications can communicate with applications in the parent OS. This means GTK apps inside the chroot can invoke Maemo's stylus keyboard when a text field is tapped. It also means a chroot app can open an e-mail attachment from Modest.
• Chroot: This is the primary purpose of all of these scripts, and in the end, it is one of the most simple and straightforward parts. The qchroot script makes sure that exiting the chroot, however that happens, resets things gracefully as possible, but the actual chroot is a simple one line command. It really is the mounting and the binding that make the chroot a workable virtual environment.
  

userchroot: The userchroot script is only a thin wrapper around qchroot. This script, however, isn't run as root; in fact it will fail unless it is run as non-root. The userchroot script inserts an extra "su user -c" before the commands to be executed inside the chroot. It takes the same parameters as qchroot.

For example, let's say you have an image file on your SD card containing, among other things, OpenOffice.org. You would run the following command (as user, not root) to open a document in oo writer:

userchroot /media/mmc1/ubuntu-ooo.img.ext2 /opt oowriter "/home/user/MyDocs/resume.doc"

Hey! Look at that splash screen! You're starting up OpenOffice Writer!

qmount: This script does some serious heavy lifting. It is called by qchroot to mount the image file or partition. It takes the first two parameters of the scripts mentioned above; the image/partition name and the mountpoint. A lot of my best scripting is in here, and this is also where I needed the most help from outside.

The qmount script checks to see what it is you are trying to mount, and if you are mounting an image file (a file that contains a filesystem, like an ISO file, except it is read/write), it will use the dmlosetup app (thanks Matan!) to mount the image file; this improves read/write speed dramatically, and makes the image file almost as fast as a dedicated partition.

You can use this script to mount an image or partition, if all you want to do is mount it (and not chroot into it). A partition mounted with qmount is not suitable for chroot however.

closechroot: This script is one of the best things about running applications in a chroot. By running this script, you can kill all of the chroot applications in one blow. No hunting around trying to find stray processes. The closechroot script is also very important to run if you want to delete or move the image file that you have mounted, because the dm-loop doesn't "let go" of the image file when you just unmount it.

The closechroot script takes one parameter, the directory where the chroot is mounted. It then kills the chroot applications, unmounts all of the bound directories, and then unmounts the image file or partition that you mounted.

qumount: This is the script that does the unmounting for closechroot. It can be used independently if all you want to do is unmount a partition or image file. Don't use qumount to unmount a fully mounted chroot, however.

synchroot: This script doesn't need to be run very often. It copies several configuration files from the primary system to the chroot, so that the two environments are "synched". This is important for things like time, user permissions, keyboard mapping, and networking. The files that are copied are the following:

• /etc/hosts
  
• /etc/resolv.conf
• /etc/group
• /etc/passwd
• /etc/localtime
• /usr/share/X11/xkb

The files in the chroot are backed up with a date-based extension, so you can restore your chroot file system if synchroot breaks something.

Some Support Hacks

There are a few extras thrown into the easy-chroot package to make it easier to run non-hildon applications. Here's a quick overview of them.

Movable Dialogs Hack: Thanks to qwerty12 and Matan, you can set your dialogue boxes to be either movable or static (the default). Movable dialogues are often needed when running desktop applications which can have huge dialogue boxes for settings, etc.

Processor Speed Hack: Thanks to lcuk and others, the /sbin/cpu-ondemand and /sbin/cpu-perform scripts (and associated menu items) set your processor to either "on demand" mode (processor speed drops when cpu is idle) or "performance" mode (processor speed is locked at full speed). Due to very aggressive definitions of "idle" in the Maemo system, the processor often scales back to half speed when it isn't appropriate. This can have a noticeably negative impact on processor intensive applications (like Gimp and OpenOffice, etc). By setting the processor to "performance", you can dramatically speed up many of these big, slow applications.

Host Window Hack: Thanks to Bundyo, this little app (/usr/bin/hostwin) can be used with the Xephyr nested X-server to run a secondary desktop (yes, a complete desktop, like Gnome, or KDE, or anything) as a window on your primary Maemo desktop. See the link above to the ITT thread discussing the program's use.

Installing The Package

easy-chroot can be found in the diablo extras repository. Install with the Application Manager or apt-get install easy-chroot or make it a dependency of your project.

Google Text Ads

Hi All,

I'm going to try a trip to the Dark Side and put some Google AdSense text ads on my blog. If I get a bit of money from this, I'll show my wife that my hobby isn't entirely without benefit.

If, after a few months, I haven't made any money, I'll remove the ads. But I'll just see what happens. They're pretty non-intrusive, I think.

E17 Illume on N800

The Enlightenment project is a lightweight desktop environment and a bunch of supporting libraries (which are used in projects like Canola). The Illume module is a new Enlightenment desktop "that modifies the user interface of enlightenment to work cleanly and nicely on a mobile device." E17 is the newest, still-in-development version of Enlightenment.

Nathan "Neato" Jones got E17 Illume running on the tablets under Mer, and then he gave us good instructions to try it ourselves. And he even posted an annotated video of Illume in action!

I fired up an Ubuntu Jaunty chroot on my tablet, installed the E17 builder-installer script, and after many hours of compiling the entirety of E17 on-tablet and two SVN versions, I got a working version!

I then used my Xephyr-on-Maemo trick (the trick I used in Easy Debian to run IceWM and LXDE on top of OS2008) and, from within OS2008, I tried out the interface in both portrait and landscape mode.

Here are some screenshots of portrait mode:



The browser is Epiphany, using the Mozilla engine. The text editor is Leafpad.

I have to say the on-screen keyboard is much too big for landscape use, and too small for portrait use. I found this frustrating. I also found it frustrating that there was no way to "log out" of E, I had to kill the X-Server or reboot the tablet to get out of it.

My final opinion (and Nathan seems to agree) is that the E17 Illume desktop has a lot of potential as an interface for the tablets, but it is still a work in progress and there are a lot of rough edges to be taken off.

Qole's Notes: Building an Easy Mer / Ubuntu Chroot for the NIT

Mer Midori running in OS2008 Diablo via chroot

Why Mer?

I've been wanting to set up an Ubuntu chroot in the style of Easy Debian. I've decided to use the Mer 0.8 rootfs because:

• Mer is based on Ubuntu Jaunty, which is my current distro of choice, mainly because it has the newest Open Java6 JDK.
• The Mer developers have clearly been working to slim down the big Ubuntu footprint; consequently, the image is much smaller than a comparable Jaunty image.
  
• The Hildon Input Method works automatically with GTK apps; this means the stylus keyboard pops up when I tap an input field in a GTK app.
• Midori, a great little GTK WebKit-based browser, comes bundled. Not only that, but they've managed to get some Hildonization done by the developer!

Qole's Notes

Here are my notes for customizing the Mer 0.8 rootfs to run in my chroot.

I have the rootfs set up in a partition on my SD card, and I'm using my Easy Debian package to do the actual chroot.

I'm posting these so I can set things up quickly in the future. Hopefully someone else finds something of value here too.

Configuring the Chroot

Some basic configuration needs to be done, right off the bat. First, from the Maemo prompt:

sudo closechroot
touch /home/user/.synchroot

Then, as root inside the chroot:

mkdir -p /home/user
chown user:users /home/user

This will copy some Maemo config files into the chroot and make a home directory for "user".

Default Ubuntu Shell

The shell defaults to "dash" as opposed to "bash". As explained here, this was a decision by the Ubuntu team to improve boot speed. Boot speed is not relevant in a chroot, so I repoint /bin/sh to bash instead of dash. Inside the chroot:

rm /bin/sh
ln -s /bin/bash /bin/sh

I don't like this solution very much; it will make the system much slower booting (if you wish to boot to it). I'm going to see about leaving dash symlinked and purposely calling bash when a chroot terminal is requested.

Setting Locale:

Changing locales in Ubuntu is ugly, even "broken," as described here. This is what I do (from within the chroot) to get en_GB (my Maemo locale) set up in the chroot. From within the chroot:

cat /usr/share/i18n/SUPPORTED | grep en_GB
vim /var/lib/locales/supported.d/local
dpkg-reconfigure locales

Hardware Key Hacks / GTK Stylus Setup

Now it's time to get the pieces needed for my fullscreen and on-screen keyboard hacks. From within the chroot:

apt-get update
apt-get install matchbox-keyboard wmctrl xbindkeys libgtkstylus

I use xbindkeys, wmctrl, and Matchbox-Keyboard to do "fake hildonization;" by running xbindkeys, I can map the hardware key combination "-" and "fullscreen" to make any app fullscreen, and "-" and "menu" to toggle the Matchbox keyboard.

Boy, Ubuntu's version of Matchbox keyboard is ugly. What's with the shaded keys?

The libgtkstylus on the end there lets the user use tap-and-hold for right-click within GTK apps.

Adobe Flashplayer

Now I install Stskeep's Adobe flashplayer hack, to allow Flash to work in Midori and other browsers. In maemo root terminal (with chroot mounted):

cd /root
wget http://qole.org/files/deblet-flashplayer.tar.gz
tar xzvf deblet-flashplayer.tar.gz
cd flashplayer
leafpad flashplayer.sh
(change the CHROOT value to point to the directory where your chroot is mounted & save)
./flashplayer.sh

That should configure most Ubuntu browsers to use the maemo Adobe flash plugin.

OpenJDK (Java 6)

apt-get install icedtea6-plugin (This wants to pull in all sorts of unnecessary language fonts; I had to add all the ttf pkgs to the install line, followed by "-" for each, eg ttf-baekmuk- ttf-bengali-fonts- ttf-kannada-fonts- etc...)
sudo debian update-java-alternatives -s java-6-openjdk
sudo ln -s /usr/lib/jvm/java-6-openjdk/jre/lib/arm/IcedTeaPlugin.so /ubuntu/usr/lib/firefox-addons/plugins/libjavaplugin.so

Test the install here:

http://java.sun.com/applets/jdk/1.4/index.html

There currently doesn't seem to be a way to get OpenJava6 to run in Midori. I installed Mozilla Prism to to test Java. It seems to be the lightest-weight Java-capable browser available for the tablet. From within the chroot:

apt-get install prism

Prism running a simple demo Java applet

DBus

Getting maemo / chroot dbus processes to talk is proving to be a challenge...
Maemo doesn't seem to keep the machine id in /var/lib/dbus/machine-id, which is where most dbus-aware apps expect it to be. So far, I've found the following seems to work. In a maemo root terminal (after starting the chroot in /ubuntu) [1]:

dbus-uuidgen --ensure
mount -o bind /var/lib/dbus /ubuntu/var/lib/dbus

This seems to make DBus work; the Mer osso-xterm from maemo will respect the existence of maemo's osso-xterm. The only way to start Mer's osso-xterm is to close maemo's version first.

I've got to make this more permanent. I have to do the mount -o bind command every time I start the chroot (after closechroot or reboot).

Other Problems

The stylus keyboard doesn't work in Midori's web pages, only in the address bar. This is true for any GTK browser. The widgets within the web page are not GTK widgets, so no Hildon Input Method activation. Java doesn't work in Midori, and Prism is a very stripped-down browser, with a very bare interface. Sadly, even installing xulrunner Gnome support doesn't help with making it more stylus friendly. Is there nothing like MicroB out there?

Theme problems: There's got to be a way to get the chroot and maemo sharing theme information and icon info, too. This is certainly a difficult problem. Perhaps the simplest solution is to install the same theme into both maemo and mer.

Dash-vs-Bash: I've gotta figure out a way around this...

Extra apps

Leafpad is my favorite lightweight text editor. It works great in this chroot, because it is completely GTK, so the stylus keyboard and tap-and-hold right-click work fine.

Gnome ALSA mixer is a nice addition. It is not included in the tarball below, but it is easy to install, and it doesn't pull in a huge number of dependencies.

Future: I want to experiment with Fennec Alpha 2 (+24.3 MB) and Abiword 2.6.6 (+53 MB), and see how they work in this environment. I also would like to try the E17 desktop.

Downloadable rootfs tarball

Here's a tarball of the mer 0.8 chrootfs with all of the above already completed (158 MB).

Updates
25-Feb-09: Here's what I've discovered so far:

• Fennec doesn't do Flash (even though it sees the plugin, it doesn't actually show the Flash) and it is somewhat unstable. I can't select text; if I drag, it just drags the page. If I double click, it zooms.
  
• Abiword works, and it uses Hildon Input Method. It seems to have problems loading files, however, often opening an empty "Untitled" file instead of the chosen document. It also is a bit wobbly; it crashed once on me.
• I can make the stylus keyboard pop up in most Mer apps (where it doesn't pop up by itself) by pressing the centre d-pad key.

01-Mar-09: Getting themes to work:

I've found a two-step way to get the theme to work in the chroot.

• Edit /home/user/.gtkrc-2.0 and comment out any theme-related lines. Add the following line:

include "/usr/share/themes/liberty/gtk-2.0/gtkrc"

• Start the sapwood theme server inside the chroot (as user, not root). I have no idea why it doesn't share the running sapwood server in Maemo; probably Nokia's version is proprietary somehow.

/usr/lib/sapwood/sapwood-server &

If you want to maintain a consistent theme throughout, then you need to install the same theme in OS2008 and the chroot. So far, this seems to be limited to the Titan theme, since the Liberty theme isn't available for OS2008 and Titan is the only third-party OS2008 themes in the Mer repository at the moment.

I will post updates as I discover more.

The Economic Crisis as Corruption Scandal

I've been thinking a lot about the American sub-prime mortgage crisis and the following economic crisis that has people all over the world losing their jobs and their homes.

I've decided that the whole thing is actually a disguised corruption scandal.

The problem started when a bunch of con artists discovered the "sub-prime mortgage" scam. You get someone with bad credit into a bad mortgage by selling them the expectation that in a rising housing market, they'll be able to sell the house and make a profit before the mortgage's wicked, crushing interest rates kick in and squash them like a bug.

These scammers are always around, and they're always looking to lure people into giving them money through greed. Sometimes the scams are illegal, but, like those ubiquitous "Money Mart" loan sharking companies, this scam was legal.

But, really, those guys weren't the real bad guys. They couldn't have destroyed the global economy no matter how many sub-prime mortgages they sold. They were making money off of gullible idiots, sure, but not a lot of money. Not in the grand scheme of things. No, the bad guys were working on Wall Street, getting really rich by repackaging turds as gold bullion, and then slipping these turds into the investment stream so quietly that nobody noticed. And then, when people started noticing that their supposedly low-risk investments were actually piles of smelly turds, it was too late. The whole thing came crashing down. With almost a third of the global investments turning out to be turds, the economy just ground to a halt.

The "credit crunch" that followed came partly from the fact that nobody trusted anybody anymore. How could you be sure that you're getting gold when the last time you were handed "gold" it turned into turds? This kind of complete lack of trust is common in poor "developing nations" where corruption is rife, but it really wasn't a part of the Western system until suddenly we all discovered that our system had been rotting out from the inside for years and years.

Just like the corruption you hear about in poor countries, this corruption thrived mainly because the people who could have blown the whistle and stopped the corruption were getting rich by keeping quiet.

Why so much corruption in poor countries but not rich countries? Rich countries, like the USA, normally don't have to worry much about corruption, because turning corrupt doesn't pay enough in comparison to staying honest. You might get more money, but you're also much more likely to get caught, and in a mostly non-corrupt system, getting caught means severe consequences. In poorer countries, turning corrupt pays much, much better than staying honest, and since the whole system has often corrupted (due to no intervention over a long period of time), there are few, if any consequences, even if you do get caught.

Well, the situation on Wall Street during the late 90s and the beginning of the 21st century was an absolutely perfect environment for corruption. Corrupt behaviour payed much, much better than honest behaviour, and since what they were doing was technically not illegal, they didn't have to worry about any personal negative consequences of their behavior. Of course, we've all seen that there were terrible, terrible negative consequences to their behaviour, but they're doing fine.

And the problem is that nobody's been arrested, nobody's going to jail, nobody's even being fined. A couple of financial institutions collapsed, sure, but most of them are being bailed out with American tax dollars.

Well, actually, no, they're being bailed out with imaginary money, money that the American government doesn't actually have, which means they're just printing more money to give to the people who brought the whole system crashing down in the first place.

See why I call it a corruption scandal?

As long as nobody's guilty of anything, the global economy is going to continue to suffer. You don't go to the cops when you think the cops are corrupt. And you aren't going to start investing again when you think the banks are corrupt. Without trust, an economy can't function. And we don't have any trust right now.

Little Caterpillar's Hallowe'en Adventure

Here's Vivian in her caterpillar costume, on Hallowe'een:

(If this video is "not available", go to Google Video and watch it there. It works fine over there.)



Vivian: "This baby caterpillar spits out leaves. Because she doesn't like leaves."
Daddy: "What does she like instead?"
Vivian: "She likes candies! That's the best thing she likes."
Daddy: "So you're a baby caterpillar that only likes candies."
Vivian: "And she likes pizza too!"

liqbase in beta testing; shiny!

There's a very cool Internet Tablet application out there called liqbase. It shows off the tablet in a whole new way. Among other things, you can sketch, read books, or pan around a map quickly and smoothly. You can scan through your archive of past sketches on the Graffiti Wall, or you can bump the sketches around on a playing field with the Physics Demo. You may have seen lcuk's videos or you may have seen lcuk presenting at the maemo summit (Jamie should be getting some video of that soon), but you figured it was just a demo. And until this month, it was.

Now you can play with this flashy little app yourself; it is no longer a shaky playtest demo, it is a usable beta-quality app. Gary (lcuk) has been working hard to get things user-ready, and he's finally ready to share it with all of us.

Go over to liqbase.net to get a copy of this shiny little toy, and if you have problems, you can post on the ITt thread, the #maemo channel on IRC, or at the Garage project page. You'll get a fast response; lcuk doesn't seem to sleep much, and he seems to respond so quickly sometimes you wonder if he wasn't watching you type.