testdev script for testing on operation system

[dehorsley]

This is a preliminary sketch of a utility to assist testing a development
version of the Field System on an operational machine without disturbing
the working system, as discussed in issue #21.

As it stands it is very basic and some experimentation and discussion is needed
to understand the use case(s).

Current assumptions:

• User has root access via sudo
• FS version to be tested is /usr2/fs-dev
• st.default control files should be used

Outstanding issues & questions:

• Should we protect the log directory? We could either mount a tmpfs or overlayfs here?
• ditto proc
• ditto control
• how to handled st code? May need recompiling, so an overlayfs might be the way to go.
• can this be done without sudo/root access? User namespaces should allow this but I had some quirk that stopped fsalloc from working.

[jfhquick]

This appears to work well as it is, but having to allow 'sudo unshare' is obviously a security hole that is very easy to exploit. Hopefully I will have time to play around with this and see if I can figure other ways to make it work,
Using this, I was able to have two different FS versions running side-by-side on the same machine at the same time quite happily (after overlaying /usr2/proc), but I didn't check to see what happened in station.log which is where the other contention would be.
This approach certianly show promise :)

[dehorsley]

Right, I guess that's the kind of use case discussion I need. Security is of course relative :). My assumption was that the programmer/tester has root access via sudo.

Also, the reason I used sudo originally was to pass the xauth cookie through to the next user, but then I realised it's not necessary if you log back in as the user. I'm now not sure that needs to be in there.

[dehorsley]

I guess @wehimwich needs to chime in here. He's the target user right now :)