Categories
Snapcraft WSL

Use this ONE trick to get Systemd and Snap Packages working on Windows Subsystem for Linux!

The video that announced this to the world has been viewed quite a few times now. While it uses an early version of the code that I developed for this, so doesn’t reflect the code as it is now, you can find it below for historical purposes:

Howto

Prerequisites

This requires WSL2: You need to have installed WSL2 by the methods documented at https://docs.microsoft.com/en-us/windows/wsl/wsl2-install. Although, if you are running the latest Windows Insider dev branch build then you can run the following in a PowerShell or CMD window to install WSL2:

wsl --install

Using the quick installation script

The process to install this hack has been improved by Damion Gans who took my code and created a simple installation script that automates everything. Since I found their work I’ve been contributing to their repository as the Canonical Source of Truth for the hack. With Damion’s code added to my own you can now install with a few much simpler commands. So, start a new WSL instance by selecting your Distro from the Start Menu, and run (assuming your Distro is Ubuntu or another Debian derivative):

sudo apt update sudo apt install -yqq git git clone https://github.com/DamionGans/ubuntu-wsl2-systemd-script.git $HOME/ubuntu-wsl2-systemd-script $HOME/ubuntu-wsl2-systemd-script/ubuntu-wsl2-systemd-script.sh

Feel free to inspect the other files in the repository to see how the hack operates. While the hack is functional now, if you need to update it such as because changes have been made to improve it or fix issues, then update the repository and re-run the script with --force added to the command line. This tells the script you meant to re-install:

cd $HOME/ubuntu-wsl2-systemd-script git pull ./ubuntu-wsl2-systemd-script.sh --force

Optional: Strict Snap Package confinement support (custom kernel)

Use precompiled binary

  1. Download the latest release from my WSL2 Linux for Snap Packages repository on GitHub.
  2. Copy the binary to %USERPROFILE%, e.g. C:\Users\diddledan\vmlinux-wsl2-snapd
  3. Edit or create a file alongside called .wslconfig with at least the following two lines. Change the username to match your Windows username. The double-backslashes \\ were originally required although I have heard that you may use a forward slash / now:
    [wsl2]
    kernel=C:\\Users\\diddledan\\vmlinux-wsl2-snapd
  4. Exit all WSL2 sessions and in cmd.exe or PowerShell run wsl --shutdown to ensure that the new kernel is used when you restart your WSL2 session(s).

Compile yourself

  1. Check out (git clone) the source at https://github.com/diddlesnaps/WSL2-Linux-Kernel/tree/snapd-support into an Ubuntu distro:
    sudo apt-get install git
    git clone -b snapd-support https://github.com/diddlesnaps/WSL2-Linux-Kernel
  2. Install some compilers:
    sudo apt-get install build-essential flex bison libssl-dev libelf-dev
  3. Change directory into the kernel source and compile:
    cd WSL2-Linux-Kernel make KCONFIG_CONFIG=Microsoft/config-wsl
  4. Copy the compiled kernel to your Windows user profile directory (replace diddledan with your Windows username):
    cp arch/x86/boot/bzImage /mnt/c/Users/diddledan/vmlinux-wsl2-snapd
  5. In Windows create or edit a file at %USERPROFILE%\.wslconfig, e.g. C:\Users\diddledan\.wslconfig with at least the following two lines. Change the username to match your Windows username. The double-backslashes \\ used to be required, but I have heard that you may use a single slash / now:
    [wsl2]
    kernel=C:\\Users\\diddledan\\vmlinux-wsl2-snapd
  6. Exit all WSL2 sessions and in cmd.exe or PowerShell run wsl --shutdown to ensure that the new kernel is used when you restart your WSL2 session(s).

Done

Now every time you start the terminal/bash it will automatically put you inside a PID namespace with Systemd and Snapd running.

Diagnostics of the environment by Snapd

With the hack in-place, below are some simple diagnostic listings that show the environment according to Snapd.

Version details

$ snap version snap 2.41 snapd 2.41 series 16 ubuntu 18.04 kernel 4.19.72-microsoft-standard+

Confinement

With stock Microsoft kernel
$ snap debug confinement partial
With custom kernel
$ snap debug confinement strict

Sandbox features

With stock Microsoft kernel
$ snap debug sandbox-features confinement-options: classic devmode dbus: mediated-bus-access kmod: mediated-modprobe mount: freezer-cgroup-v1 layouts mount-namespace per-snap-persistency per-snap-profiles per-snap-updates per-snap-user-profiles stale-base-invalidation seccomp: bpf-actlog bpf-argument-filtering kernel:allow kernel:errno kernel:kill_process kernel:kill_thread kernel:log kernel:trace kernel:trap udev: device-cgroup-v1 tagging
With custom kernel
$ snap debug sandbox-features apparmor: kernel:caps kernel:dbus kernel:domain kernel:file kernel:mount kernel:namespaces kernel:network kernel:network_v8 kernel:policy kernel:ptrace kernel:query kernel:rlimit kernel:signal parser:unsafe policy:default support-level:full confinement-options: classic devmode strict dbus: mediated-bus-access kmod: mediated-modprobe mount: freezer-cgroup-v1 layouts mount-namespace per-snap-persistency per-snap-profiles per-snap-updates per-snap-user-profiles stale-base-invalidation seccomp: bpf-actlog bpf-argument-filtering kernel:allow kernel:errno kernel:kill_process kernel:kill_thread kernel:log kernel:trace kernel:trap udev: device-cgroup-v1 tagging

Leave a Reply

Your email address will not be published. Required fields are marked *