Create a location for
doas zfs create -o compression=lzf tank/chroots
doas zfs create -o compression=lzf tank/chroots/fedora
cd /tank/chroots/fedora
wget 'https://dl.fedoraproject.org/pub/fedora/linux/releases/38/Container/x86_64/images/Fedora-Container-Base-38-1.6.x86_64.tar.xz'
tar xvpf Fedora-Container-Base-38-1.6.x86_64.tar.xz
# Do all the mounting (or `emerge arch-chroot`
mount -t sysfs none fedora/sys
mount -t proc none redora/proc
mount --rbind /run /fedora/run
mount --rbind /dev fedora/dev
mount --rbind /tmp fedora/tmp
mount --rbind /etc/resolv.conf /etc/resolv.conf
# Chroot in
chroot fedora
Now inside the container
# Allow the inclusion of documentation
sed -i '/nodocs/d' /etc/dnf/dnf.conf
# If /etc/yum.conf exists, uncomment the next line.
# RUN sed -i '/nodocs/d' /etc/yum.conf
dnf update -y
# Add COPR
dnf install 'dnf-command(copr)' -y
dnf copr enable iucar/cran -y
dnf update -y
dnf install --setopt=tsflags= R-CoprManager R rstudio-desktop python3 xeyes wget tmux -y
dnf install --setopt=tsflags= R-CRAN-{fpp3,rmarkdown,quarto,tidyverse,xts} -y
wget 'https://download1.rstudio.org/electron/rhel9/x86_64/rstudio-2023.06.2-561-x86_64.rpm'
dnf install --allowerasing rstudio-2023.06.2-561-x86_64.rpm -y
cd fedora && unmount /tmp /dev /run /proc /sys
Now that the container is installed, run it with Bubblewrap like so:
# Allow sharing X
xhost +
bwrap \
--bind $d / \
--bind-try /proc /proc \
--dev-bind /dev /dev \
--dev-bind /dev/shm /dev/shm \
--bind /tmp /tmp \
--bind $HOME /home/ryan \
--bind-try /sys /sys \
--bind-try /run /run \
--setenv DISPLAY :0 \
--unshare-all \
--share-net \
--hostname sandbox \
--setenv DISPLAY $DISPLAY \
rstudio --no-sandbox
# code --no-sandbox
# "${1}"
It is also be possible to run rstudio from inside the chroot,
however bubblewrap is rootless and so more secure. Nonetheless, to run rstudio from
inside the chroot make sure to bind mount ~/.Xauthority
and export the
DISPLAY
variable.