Introducing Limba – a software installer experiment

As some of you already know, since the larger restructuring in PackageKit for the 1.0 release, I am rethinking Listaller, the 3rd-party application installer for Linux systems, as well.

During the past weeks, I was playing around with a lot of different ideas and code, to make installations of 3rd-party software easily possible on Linux, but also working together with the distribution package manager. I now have come up with an experimental project, which might achieve this.

Motivation

Many of you know Lennart’s famous blogpost on how we put together Linux distributions. And he makes a lot of good and valid points there (in fact, I agree with his reasoning there). The proposed solution, however, is not something which I am very excited about, at least not for the use-case of installing a simple application[1]. Leaving things like the exclusive dependency on technology like Btrfs aside, the solution outlined by Lennart basically bypasses the distribution itself, instead of working together with it. This results in a duplication of installed libraries, making it harder to overview which versions of which software component are actually running on the system. There is also a risk for security holes due to libraries not being updated. The security issues are worked around by a superior sandbox, which still needs to be implemented (but will definitively come soon, maybe next year).

I wanted to explore a different approach of managing 3rd-party applications on Linux systems, which allows sharing as much code as possible between applications.

Limba – Glick2 and Listaller concepts mergedlimba-small

In order to allow easy creation of software packages, as well as the ability to share software between different 3rd-party applications, I took heavy inspiration from Alexander Larssons Glick2 project, combining it with ideas from the application-directory based Listaller.

The result is Limba (named after Limba tree, not the voodoo spirit – I needed some name starting with “li” to keep the prefix used in Listaller, and for a tool like this the name didn’t really matter 😉 ).

Limba uses OverlayFS to combine an application with its dependencies before running it, as well as mount namespaces and shared subtrees. Except for OverlayFS, which just landed in the kernel recently, all other kernel features needed by Limba are available for years now (and many distributions ship with OverlayFS on older kernels as well).

How does it work?

In order to to achieve separation of software, each software component is located in a separate container (= package). A software component can be an application, like Kate or GEdit, but also be a single shared library (openssl) or even a full runtime (KDE Frameworks 5 parts, GNOME 3).

Each of these software components can be identified via AppStream metadata, which is just a few bits of XML. A Limba package can declare a dependency on any other software component. In case that software is available in the distribution’s repositories, the version found there can be used. Otherwise, another Limba package providing the software is required.

Limba packages can be provided from software repositories (e.g. provided by the distributor), or be nested in other packages. For example, imagine the software “Kate” requires a version of the Qt5 libraries, >= 5.2. The downloadable package for “Kate” can be bundled with that dependency, by including the “Qt5 5.2” Limba package in the “Kate” package. In case another software is installed later, which also requires the same version of Qt, the already installed version will be used.

Since the software components are located in separate directories under /opt/software, an application will not automatically find its dependencies, or be able to locate its own files. Therefore, each application has to be run by a special tool, which merges the directory trees of the main application and it’s dependencies together using OverlayFS. This has the nice sideeffect that the main application could override files from its dependencies, if necessary. The tool also sets up a new mount namespace, so if the application is compiled with a certain prefix, it does not need to be relocatable to find its data files.

At installation time, to achieve better system integration, certain files (like e.g. the .desktop file) are split out of the installed directory tree, so the newly installed application achieves almost full system integration.

AQNAY*

Can I use Limba now?

Limba is an experiment. I like it very much, but it might happen that I find some issues with it and kill it off again. So, if you feel adventurous, you can compile the source code and use the example “Foobar” application to play around with Limba. Before it can be used in production (if at all), some more time is needed.

I will publish documentation on how to test the project soon.

Doesn’t OverlayFS have a maximum stacking depth?

Oh yes it has! The “How does it work” explanation doesn’t tell the whole truth in that regard (mainly to keep the section small). In fact, Limba will generate a “runtime” for the newly installed software, which is a directory with links to the actual individual software components the runtime consists of. The runtime is identified by an UUID. This runtime is then mounted together with the respective applications using OverlayFS. This works pretty great, and also results in no dependency-resolution to be done immediately before an application is started.

Than dependency stuff gives me a headache…

Admittedly, allowing dependencies adds a whole lot of complexity. Other approaches, like the one outlined by Lennart work around that (and there are good reasons for doing that as well).

In my opinion, the dependency-sharing and de-duplication of software components, as well as the ability to use the components which are packaged by your Linux distribution is worth the extra effort.

Can you give an overview of future plans for Limba?

Sure, so here is the stuff which currently works:

  • Creating simple packages
  • Installing packages
  • Very basic dependency resolution (no relations (like >, <, =) are respected yet)
  • Running applications
  • Initial bits of system integration (.desktop files are registered)

These features are planned for the new future:

  • Support for removing software
  • Automatic software updates of 3rd-party software
  • Atomic updates
  • Better system integration
  • Integration with the new sandboxing features
  • GPG signing of packages
  • More documentation / bugfixes

Remember that Limba is an experiment, still 😉

XKCD 927

Technically, I am replacing one solution with another one here, so the situation does not change at all ;-). But indeed, some duplicate work is done due to more people working in this area now on similar questions.

But I think this is a good thing, because the solutions worked on are fundamentally different approaches, and by exploring multiple ways of doing things, we will come up with something great in the end. (XKCD reference)

Doesn’t the use of OverlayFS have an impact on the performance of software running with Limba?

I ran some synthetic benchmarks and didn’t notice any problems – even the startup speed of Limba applications is only a few milliseconds slower than the startup of the “raw” native application. However, I will still have to run further tests to give a definitive answer on this.

How do you solve ABI compatibility issues?

This approach requires software to keep their ABI stable. But since software can have strict dependencies on a specific version of a software (although I’d discourage that), even people who are worried about this issue can be happy. We are getting much better at tracking unwanted ABI breaks, and larger projects offer stable API/ABI during a major release cycle. For smaller dependencies, there are, as explained above, stricter dependencies.

In summary, I don’t think ABI incompatibilities will be a problem with this approach – at least not more than they have been in general. (The libuild facilities from Listaller to minimize dependencies will still be present im Limba, of course)

You are wrong because of $X!

Please leave a comment in this case! I’d love to discuss new ideas and find the limits of the Limba concept – that’s why I am writing C code afterall, since what looks great on paper might not work in reality or have issues one hasn’t thought about before. So any input is welcomed!

Conclusion

Last but not least I want to thank Alexander Larsson for writing Glick2, which Limba is heavily inspired from, and for his patient replies to my emails.

If Limba turns out to be a good idea, you can expect a few more blog posts about it soon.


* Answered questions nobody asked yet

[1]: Don’t get me wrong, I would like to have these ideas implemented – they offer great value. But I think for “simple” software deployment, the solution is an overkill.

14 Comments

  • Domen Kožar commented on 10. November 2014 Reply

    Also worth checking out is Nix: http://nixos.org/nix/

    • Matthias commented on 10. November 2014 Reply

      I am of course also looking at Nix – they are doing a lot of things right there!
      (Unfortunately nothing other distributions could easily adapt to)

      • manny commented on 10. November 2014 Reply

        Also worth checking is 0install.

        http://0install.net/

        Anyway I like the ideas presented.

        But Like the XKCD comic, getting the major distros to agree has for the most part been pretty hard, however, Lennart has had quite some luck / influence in this regard, so even if his ideas / projects seem to be kinda overkill, if any of these are adopted the Linux ecosystem would had gone a big step forward IMO.

        And which ever features are used, is the right time to keep on adding to the discussion. 🙂

  • Cameron commented on 10. November 2014 Reply

    Wait so does it use a maximum of one overlay then?

  • Leslie Zhai commented on 11. November 2014 Reply

    $cd limba/tests

    $lipkgen build foobar/pkginstall foobar-1.0

    There is foobar-1.0 😉

    $sudo lipa install foobar-1.0
    Could not install software: Failed to create file ‘/opt/software/foobar-1.0/exported.BTSCPX’: No such file or directory

    Have NOT built OverlayFS for my Linux Kernel 3.17.2! I will rebuild the Kernel then try again 😉

    • Matthias commented on 11. November 2014 Reply

      You simple need to create /opt/software to get this to work 🙂 Since a few seconds, a make install will do that for you (but I will probably remove that later, the code shouldn’t assume any directory in /opt exists)
      Currently, no checks for kernel features are in place, maybe at least a test for OverlayFS makes sense in future.
      If you run make test now, you will get two packages (one depending on the other) in tests/data to play around with.

      • Leslie Zhai commented on 12. November 2014 Reply

        Hi Matthias,

        Thanks for your reply 😉

        I git pull your code, and it is able to sudo lipa install foobar-1.0.ipk now 😉 but I failed to download Linux Kernel 3.18 tarball due to network connection’s issue ;( so I will try sudo runapp foobar later.

        Regards,
        Leslie Zhai

      • Leslie Zhai commented on 12. November 2014 Reply

        Hi Matthias,

        I built 3.18 for my ArchLinux box, but overlayfs: missing upperdir or lowerdir or workdir Unable to mount directory when sudo runapp foobar-1.0:

        https://github.com/ximion/limba/issues/1

        Please someone give me some advice, thanks a lot 😉

        Regards,
        Leslie Zhai

  • Chris commented on 11. November 2014 Reply

    “In case that software is available in the distribution’s repositories, the version found there can be used. Otherwise, another Limba package providing the software is required.” – the packages provided by each distribution vary depending on versions, compiler settings, patch sets, etc. Randomly swapping out libraries from one distribution to another sounds like a recipe for disaster, and there will be no easy way for the package author to exactly reproduce the runtime environment when some user reports a bug.

    • Matthias commented on 11. November 2014 Reply

      I still have to run a larger test how huge these differences really are – but for now it is planned to not make the “use distro packages” option default until I have an answer to that question. And if people test against their dependencies / runtimes, everything should be fine.

  • Phoronix commented on 11. November 2014 Reply
  • Jasem Mutlaq commented on 29. January 2015 Reply

    Refreshing approach, but with all the work done in Nix and Lennart’s proposal, I think most developers are going to sit and wait until ONE proposal gains real cross-distro tracktion, just like Systemd did

Leave a Reply

Your email address will not be published. Required fields are marked *