Files that cannot be symlinks

Symbolic links play a major role in a GoboLinux system, but some programs don’t behave as expected when they are used. This section lists the files that cannot be symlinks.

“That is the reason why /System/Settings is not /System/Index/Settings: it does not only contain links, by definition (or, better put, by necessity)” – Hisham Muhammad

• /System/Settings/sudoers

The configuration file for sudo must be a regular file. If it is not, sudo will complain and do nothing.

• /System/Settings/passwd and friends

The settings files used by the Shadow package are quite interesting. Theoretically, they can be symlinks, but there is a caveat: utilities like useradd don’t just modify these files; they remove and recreate them as regular files. Hence, in practice, they cannot be symbolic links.

Sandboxing under GoboLinux

The build system in GoboLinux uses sandboxing to ensure that all the filesystem writes during the software install phase are limited to an appropriate part of the filesystem. GoboLinux 016 ships with two different sandbox implementations.

UnionSandbox is a modern implementation which uses file system unions to achieve isolation. It is the default sandbox installer.

FiboSandbox is a fallback method used when a union-filesystem implementation is not available in the running kernel. It sets up an isolated environment and commands are run by a special user (named fibo) without root privileges.

During the installation phase of the software build process, most build systems call the install program to copy files to their destination directories with the proper ownership and attributes. install belongs to the CoreUtils package.

Since user fibo lacks authority to change file ownership, the link at /System/Index/bin/install points to a wrapper script in the Scripts package.

Under UnionSandbox, this wrapper script translates the superuser name if necessary and calls real_install, a symlink to the CoreUtils install utility, passing along the modified arguments.

Under FiboSandbox, the wrapper discards change-of-owner directives before calling real_install.

Replacements for standard commands

GoboLinux has its own replacements for a few standard commands like su and make. The reasons for making a replacement ranges from adding necessary functionality (su) to making prettier output (make).

While having these “replaced programs” is not a problem in itself (in fact, most provide enhanced functionality which adds to the GoboLinux experience), it’s important to point out these differences here so that you can know what’s going on with these perhaps unexpected behaviors.

The replacements are provided by several different packages. All except install are handled by making an alias in the shell initialization scripts. This way, you can easily disable the alias and restore the original version of a program, if you so wish. They can be often found in their own subdirectory Resources/Wrappers inside the program directory.

• su - aliased to Su in the Shadow package to handle names other than root as super user
• sudo - aliased to Sudo in the Sudo package to handle names other than root as super user
• top - aliased to htop in the Htop package
• make - aliased to ColorMake in the Scripts package to produce colorful output
• info - aliased to Info in the Pinfo package
• man - aliased to Man in the Pinfo package
• install - install in CoreUtils has been renamed to real_install with install in the Scripts package as a wrapper (see section Sandboxing under GoboLinux for a detailed explanation)
• which - the Scripts package provides a “which” script which resolves symlinks in the path of the returned program, so that it indicates the /Programs path the binary refers to.

Aliases enabling “enhanced replacements” such as Htop and Pinfo are set in the Environment section of these packages. This way, if you want to stick to plain top and/or info, all you need to do is to remove (or just not install) these replacements.