Here's what I found out about customizing the jail server.
When it gets a valid request from moodle, it:
- forks a new process (still running as root)
- uses "chroot" on the configured JAILPATH (usually /jail)
- creates a new user & their HOME in the chrooted environment
- uses "su" to switch execution mode to that user
- creates the files it got in the request (submission and things like vpl_evaluate.sh) inside the new user's HOME
- runs by default either "vpl_run.sh" or "vpl_evaluate.sh"
- then runs "vpl_execution" that the previous steps should create
- cleanup, etc.
From this flow, the important step for you is the "chroot" & "su" one. If you want to make extra files visible to the execution environment, you need to put them in either:
- JAILPATH and make them world readable(/executable); that way, each execution will see the file "$JAILPATH/myfile" inside the execution env. as "/myfile" due to chroot, and will have read permissions
- or in "/bin" or "/sbin", as these are mounted as read/execute-only inside JAILPATH, so things in them will naturally be visible (and also be in PATH)
- the submission files themselves, but this is annoying and unnecessary
In either case, it would help to customize the vpl_run.sh for your specific type of task, so it symlinks or copies the "/myfile" to "$HOME/myfile" (will be cleaned up with the whole HOME) for the time of the execution if it is necessary to have it in the same directory or to be able to write it as well.
You can do that by putting your own "${your_language_with_dashes}_run.sh" (eg. "python-with-tkinter_run.sh") file in this folder on moodle: "$MOODLEPATH/mod/vpl/jail/default_scripts" (repo examples).
Then you will get your own flavor of python from the "Run script" dropdown in "Execution options" in a moodle VPL activity.