Rootconf Mini 2024

Geeking out on systems and security since 2012

Tickets

Loading…

Sasank Chilamkurthy

Sasank Chilamkurthy

@chsasank

Rootless Linux Operating System

Submitted Oct 29, 2024

Abstract

We have been working on shipping an AI server called JOHNAIC for serving cloud like workloads from this edge server. We are developing our operating system with a specific focus on security and usability for developers. With this OS, we are able to deploy SaaS apps, indistinguisable from cloud and expose them over internet. In this session, I will speak about this operating system in detail.

Outline of the talk

Our OS security model can be summarized as

One user of the system should not be able to interfere with another user unless she explicitly gives permission.

This means that we can not give direct sudo/root permissions to the users. However this hurts usability of the OS for developers because they need to install packages/services etc. Hardware level virtualization is the solution most cloud providers go for to solve this problem. However, downsides to virtualization include high overhead and lack of good support for GPUs. Thus we go with OS level virtualization aka containerization for solving this problem.

Docker is the most common tool to use containers. However it comes with downside of being rootful. This means that having docker permission is same as having sudo permissions. So we need a daemonless and rootless alternative to containerization. We chose podman, almost drop in alternative to docker, to solve this problem. Way podman works, each users gets their own namespace of user ids/group ids that allows complete virtualization of one user from another!

Ultimately, the user shouldn’t have to know all the complexity behind the OS. We use a tool distrobox paired with podman to create a VM like experience for users. Users will be able to use sudo inside the distrobox but in reality the sudo is valid only for the user’s namespace. Systemd can be used both inside and outside distrobox making this seamless to deploy services. Finally on top of user level systemd and rootless podman, we have created a repository of SaaS apps that can be installed with a command as simple as

johnny install discourse

Who is this for?

This session is aimed at enthusiasts of operating systems, virtualization and containerization. Linux freaks (like myself) will enjoy the depths we go to avoid the sudo permissions. Kubernetes native crowd will take away insights how it really works. Folks who are curious why rootconf has root in the name should attend haha.

Who am I?

My name is Sasank Chilamkurthy. I have been hacking on operating systems and linux since my 8th class. I was also CTO of Qure.ai, AI for radiology company. I have extensive experience with AI but my love is at intersection of AI and systems. In fact, I love it so much that I contributed to (Py)Torch before it was popular and became its co author.

References

  1. https://von-neumann.ai/blog/security-virtualization-containerization.html
  2. https://von-neumann.ai/blog/security-rootless-containers.html
  3. https://von-neumann.ai/blog/distrobox-sudo-without-sudo.html
  4. https://github.com/chsasank/llama.lisp/tree/main/src/app-store

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hybrid Access Ticket

Hosted by

We care about site reliability, cloud costs, security and data privacy