Rootless?

[KooIaIa]

Is this possible to run this rootless?

When I ran the instructions on the readme I got:
Failed to connect to bus: Operation not permitted

The closest I have found to a discussion about the rootless capabilities of linux is here:

containers/bubblewrap#412

Bubblewrap is pre-installed on the deck and I think is how Steam OS 3 works.

Having containers and not ever needing root would mean installing anything without even worrying about anything.

[ValShaped]

I hadn't considered using containerization as part of Rwfus's structure, but I can see how it aligns with the project's goals. It could be a cleaner and more compatible option than what we've got right now. I'm on vacation until the 27th, but I'll ruminate on this!

I used overlayfs mounts and systemd because I've been doing research on the Deck in my spare time, and I noticed Valve had already used that technique to make /etc writable without duplicate files, and by using the original mounts, you get your software added to PATH for free (a huge deal, considering there's no portable way of doing that between zsh, fish, and bash.)

If you'd like, I'd appreciate some help with this feature. I'm unfamiliar with Bubblewrap, beyond it being made by/a part of/a consequence of Flatpak.

[KooIaIa]

Julia Evens did a great really recent discussion of it here: https://jvns.ca/blog/2022/06/28/some-notes-on-bubblewrap/

I'm going to read through it and keep researching (like how I found your github googling)

This Qbert script is the OverlayFS is a great model too
https://www.reddit.com/r/SteamDeck/comments/vqrima/qbert_a_tool_to_install_stuff_in_tour_steam_deck/

If you use Discord we are sort of having it be an open discussion here in #-steamos-linux-
https://discord.gg/Dz3szYsP8g

But I haven't had luck yet with user namespace and overlay yet. Trying to learn a lot and this stuff it is still pretty cutting edge I think. Like this is pretty new to the Linux kernel:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=459c7c565ac36ba09ffbf24231147f408fde4203

To be honest, I am a super duper noob - and my noob nature is why I want containers like this. Just want be a happy noob in a sandbox and run whatever from the web like it is a video game. Imagining a day where we could wear a Deckard XR headset and safely share and run Linux code in our 3D internet connected world all around us.

Edit: Also oops didn't mean to close this as an issue. If you have a IRC or virtual world or something like that - can always talk there.

[ValShaped]

After further consideration, I've decided this is currently out of scope, for the following reasons:

1. I'm aiming to keep rwfus as lightweight as possible, and sandboxing applications with bwrap involves creating/generating extensive filesystem trees.
2. Leading from 1, an overlayfs lower directory can't contain its upper directory, as this violates the "lower is read-only" requirement and leads to undefined behavior. As such, the root filesystem would have to be bind-mounted to another location using FUSE bindfs and then used as the lower.

This complexity can be avoided if Rwfus is given privilege to mount partitions—though I do aim to improve the user experience when elevating.