►
Description
Zapps are a new convention for producing linux executables which are path-agnostic, highly-portable bundles, which can be relocated freely and work in a wide variety of deployment scenarios. This talk was given at IPFS Camp 2022 in Lisbon, Portugal.
A
A
This
is
going
to
be
an
admittedly
very
Linux
focused
talk.
I
have
this
problem
that
I
want
to
ship
applications
and
on
Linux
I
find
this
is
often
really
weirdly
hard.
Shared
libraries
make
my
life
difficult.
I
want
to
just
give
people
things
and
I
want
those
things
to
run
for
people
and
I
want
as
few
steps
in
that
process
as
possible
as
a
little
fuss
as
possible
and
I
want
that
to
involve
approximately
one
answer
me
as
a
developer
I.
A
This
should
be
simple:
I
want
to
give
people
a
thing
and
I
want
to
run.
That
should
take
one
step.
It
should
have
one
package
produced.
It
should
not
be
a
count
of
every
Linux
distro
in
the
universe.
Different
answers,
that's
no
fun
for
anybody,
it's
not
fun
for
developers,
because
it's
lots
of
work.
It's
not
fun
for
users,
because
it
creates
a
plethora
of
choices
that
aren't
actually
helpful.
A
When
we
ship
executables
on
Linux,
we
have
shared
libraries
in
ancient
history.
This
was
for
sharing
space
on
disk
and
you
only
wanted
to
have
one
version
of
a
library
on
a
system
for
some
reason,
but
this
is
no
longer
the
constraints
of
reality
that
we
need
to
live
within.
Disks
are
cheap,
having
only
one
version
of
a
library
on
a
system
isn't
a
real
important
goal,
anymore,
typically,
and
in
exchange
for
those
limitations
we've
taken
on
the
burden
of
years
of
fragility
and
portability
failure.
A
A
This
is
so
bad
that
most
businesses
and
large
teams
who
need
to
produce
applications
that
work
on
people's
computers,
ship,
electron,
amps
I,
think
that's,
embarrassing.
I
think
it's
fine!
If,
if
you're
in
the
scenario,
where
that's
like
a
solution
for
you,
you
know
what
it's
fine,
but
for
us
who
want
Linux
to
work
for
everyone
and
to
be
a
good
Target.
A
A
A
This
is
actually
really
tricky
if
you've
ever
built
applications
on
Linux
before
you
know
it's
normal
to
take
a
prefix
path
somewhere
in,
like
your
make,
make
install
nonsense.
I'm
tired
of
that
and
I'm
not
going
to
have
it
anymore,
I
want
something
that
works,
even
if
the
install
path
is
completely
unpredictable,
even
if
we're
at
ipfs
Camp
right.
Even
if
my
install
path
is
slash,
ipfs,
slash
a
cryptographic,
hash
I
literally,
could
not
anticipate
at
compile
time.
I
want
that
install
path
to
be
acceptable
and
I
want
it
to
work.
A
A
And
in
practice,
I
have
a
couple
of
other
goals:
I
still
do
want
Dynamic
linking
static.
Binaries
do
solve
a
bunch
of
these
problems,
but
they're,
not
a
tenable
solution
for
every
situation.
Static,
link,
binaries
are
huge.
Sometimes
you
need
to
patch
your
Upstream
libraries
in
order
from
that
actually
work
and
that's
to
me
a
non-starter
it's
just
people,
don't
like
the
solution.
I'll
move
on
quickly.
It
doesn't
work,
ideally
at
the
end
of
this.
I
would
also
love
to
be
able
to
do.
Libraries
on
disk
I
did
say
that
that's
not
critical
to
me.
A
We
have
big
disks,
but
it's
nice
if
it
works
right.
So
these
are
all
goals.
These
are
all
goals.
I
have
in
zaps
and
I'm,
going
to
solve
all
of
them
and
I'm
going
to
do
this,
mostly
in
the
form
of
a
demo.
So
this
is
going
to
be
absolutely
terrifying
by
the
way
I
have
written
a
shell
script
which
is
going
to
type
into
a
terminal.
This
terminal
is
live.
If
you
see
it
starting
to
type
rmrf,
slash
I'm
going
to
cry
on
stage,
and
hopefully
this
adventure
works.
A
A
A
A
This
is
something
that
we
can
do
with
absolutely
any
Linux
executable.
We're
going
to
do
it
with
python
next,
just
to
prove
that
it
can
be
done.
Bash
only
has
four
libraries,
so
that
was
kind
of
easy.
You
might
think
we
did
something
like
very
custom.
No,
this
is
General
I,
don't
have
a
system
python
installed
by
the
way,
but
nonetheless,
this
path,
agnostic,
one,
is
going
to
work.
A
Scroll
back,
okay,
so
now,
let's
start
to
lift
the
hood.
If
you
are
someone
who's
experienced
in
Linux
system,
administration,
you've
probably
used
the
ldd
tool
before
so
we'll
take
a
peek
at
our
python
binary.
This
is
still
as
I
promised
a
dynamic
executable.
So
there's
nothing
weird
here,
nothing
crazy.
We
did
a
shockingly
little
Upstream
patching
to
produce
this
thing.
Almost
none,
absolutely
not
actually
I'll
show
you
the
build
script
later.
A
It
has
the
Linux
vdso.
If
you
know
what
this
is,
you
know
that
well,
I
won't
talk
about
this,
and
here
we
have
the
rest
of
the
libraries.
Now
when
ldd
inspects
this,
it
is
still
showing
an
absolute
path
here.
However,
this
is
the
fully
resolved
path,
because
that's
how
ldd
reports
things?
That
is
not
what
the
headers
say
and
this
thing
will
move
freely
and
ldd
will
just
change
its
report
freely.
A
Advance
the
demo
please
so
the
headers
will
use
a
different
sysadmin's
best
friend
here.
The
red
LF
binary
will
sort
of
peek
into
the
headers
inside
of
this
thing
and
tell
us
at
a
very
low
level.
What's
going
on
eof
by
the
way
is
short
for
executable
and
Linker
format.
This
is
the
standard
format
for
dynamically
linked
executables
on
Linux,
and
these
headers
are
a
very
well
standardized
thing,
so
these
header
type
one.
A
These
are
the
names
of
libraries
that
are
needed
by
this
thing,
and
now
the
other
header
that's
interesting
to
us
here-
is
this
one
called
our
path.
This
is
something
that
is
not
present
in
every
elf
header.
If
you
look
at
the
bash
on
your
system,
it
probably
doesn't
have
this
r
pathing,
but
ours
does,
and
it
has
this
value
called
dollar
sign
origin
in
it.
A
This
is
80
of
the
magic
there's
a
second
80
that
I'll
see
if
I
have
time
to
show
you
later
in
the
talk.
But
fundamentally,
this
tells
something
called
the
elf
interpreter,
which
is
part
of
how
processes
actually
launched
on
Linux
that
it
should
look
for
libraries
relative
to
where
the
binary
is.
It
should
start
at
dollar
sign
origin.
That
means
where
the
binary
is.
It
should
pop
up
One
Directory.
It
should
go
over
to
lid
and
then
it
should
search
there.
So
this
corresponds
to
these
file
systems.
That
I
showed
you
earlier.
A
So
this
means
you
can
move
these
things
anywhere.
I'll
just
keep
claiming
that
that's
true
and
important,
because
it
is
and
it's
hard
to
do,
and
this
works
truly
for
anything.
So
so
far,
I've
shown
you
bash
I've
shown
you
python.
I
will
also
show
you
Helix.
This
is
one
of
my
new
favorite
text
editors.
A
It
can
also
be
relocated
in
this
way,
Helix
was
implemented
in
Rust.
We
made
it
path,
agnostic
with
the
exact
same
tricks
as
we
did
with
bash
and
python.
This
really
works
for
anything.
If
it's
an
elf
executable,
we
can
do
it
all
of
these
things.
Zero
host
libraries
drag
and
drop.
You
saw
me
move
them
around
several
times
right,
I
promise.
This
works
on
a
read-only
mount
I
promise.
This
works
even
on
something
with
a
hash
prefix
as
file
system.
You
couldn't
control,
it
will
be
fine.
A
If
somebody
wants
to
try
this,
if
somebody
wants
to
do
it,
live
I
am
so
confident
in
this
I
will
give
you
a
jump,
drive.
Anyone
who
dares
come
grab
it
and
you
can
mount
it
and
if
you
have
a
Linux
kernel,
if
you
have
a
Linux
kernel
that
is
like
new
enough
to
have
ext3
file
system.
So,
if
it's
like
from
this
decade,
possibly
last
decade,
this
will
work.
A
Now,
if
you
want
to
know
how
this
works
in
Greater
detail,
first
of
all,
let
me
check
my
time
got
some
time.
This
is
harder
than
it
should
be.
I
showed
you,
the
dollar
sign
origin
trick.
That
was
the
beginning.
You
set
this
R
path
header.
This
is
widely
known.
You
can
look
at
the
Man
pages
for
like
how
to
compile
stuff
in
Linux,
like
GCC
described
as
the
dash
dash
R
path
flag.
It's
out
there
that's
the
beginning
of
the
journey.
A
A
That
turns
out
to
be
easier
said
than
done.
Has
anyone
heard
of
make?
Does
anyone
know
how
wonderful
make
is?
Does
anyone
know
how
environment
variables
work
and
make
dollar
signs
are
dangerous
in
make?
If
you
use
recursive
make,
and
you
want
to
pass
a
string
through
a
series
of
systems-
you
can't
it's
not
possible.
Fortunately,
that
string
isn't
load
bearing
until
it
gets
in
the
binary,
so
you
can
use
another
string
of
the
same
length
patch,
the
elf
headers.
A
At
the
end,
this
is
so
dirty,
but
it
works,
but
libraries
next
to
the
main
thing
after
this
okay,
now
we're
90
of
the
way
there
except
there's
something
else
on
your
system
that
will
create
an
enormous
mess.
There's
something
called
the
elf
interpreter
now.
This
is
something
that
I
haven't
shown
in
the
demo.
Shoot
I
skipped
a
bit.
If
you
look
at
the
very
first
string
in
any
binary
on
your
computer,
if
you
do
like
strings
of
which
bash
pipe
head
and
one
you
will
see
a
path
that
is
the
elf
interpreter.
A
A
We
have
to
actually
turn
the
elf
interpreter
itself
into
a
library
that
we
bundle
with
the
rest
of
the
things.
This
necessitates,
one
more
step,
I
call
this
the
jump
loader
for
lack
of
a
better
name.
We
need
a
tiny
statically
linked
executable
to
handle,
jumping
in
to
the
elf
interpreter
that
we're
treating
as
a
library
and
tell
it
to
jump
back
into
the
real
dynamically
linked
executable
that
part's
downright
embarrassing.
However,
there
is
no
other
way
to
do
this.
A
A
A
A
That
means
we
could
actually
begin
to
build
together
Suites
of
packages
that
just
they
don't
need
to
be
as
sweet.
You
can
just
do
anything
compose
with
anyone.
Anyone
can
make
zaps
and
anyone
can
ship
them
to
anyone.
We
don't
need
to
force
coordination
anymore,
around
Library
versioning.
This
is
freedom.
A
This
website
will
contain
more
detail
about
this
technology.
Even
a
couple
of
variations
on
how
exactly
you
can
do
the
dynamic
linking
by
the
way
deduplication
is
still
possible
with
this.
If
you
happen
to
be
mounting
these
things
out
of
an
ipfs
mount
it
de-duplicated
at
the
Block
Level,
underneath
the
mount
driver
nice,
if
you
don't
have
that
ability,
you
can
do
library
deduplication
with
Sim
links,
it's
totally
fine.
This
is
one
of
the
major
advantages
of
this
system
over
static
linking
you
will
find
more
about
this
in
the
website.
A
If
you
would
like
zaps
right
now,
where
other
desktops,
so
here's
the
website
for
that
we've
produced
these
by
the
way
as
part
of
warp
Forge,
which
there
was
a
talk
on
earlier
today
and
all
of
these
things
that
we
have
built
in
warp
Forge.
We
have
packaged
as
zaps,
so
you
can
get
more
zaps
either
by
chasing
me
down
and
finding
some
jump
drives.
A
A
You
can
dive
into
all
of
these
things
on
the
catalog.warpsis.org
site
and,
for
example,
here
are
the
versions
of
bash
that
we
have
packaged.
If
you
click
into
this,
you
will
find
content
hashes.
You
will
find
a
download
link
if
you
don't
like
the
jump
drives,
and
you
will
find
this
link
called
replay
and
if
you
want
a
fuller
understanding
of
how
to
put
this
to
work,
you'll
have
to
go
watch
the
warp
Forge
talk
from
earlier,
but
here
is
how
we
built
the
pagno.
Sorry,
the
zap
of
bash,
the
path
agnostic
bash.