Received: (at 47106) by debbugs.gnu.org; 14 Apr 2021 22:00:15 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 14 18:00:15 2021 Received: from localhost ([127.0.0.1]:35984 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lWnYV-0002YM-CP for submit <at> debbugs.gnu.org; Wed, 14 Apr 2021 18:00:15 -0400 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:48843) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@HIDDEN>) id 1lWnYT-0002PW-CE for 47106 <at> debbugs.gnu.org; Wed, 14 Apr 2021 18:00:13 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 3C5185C011B; Wed, 14 Apr 2021 18:00:08 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Wed, 14 Apr 2021 18:00:08 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=RQTmlHXbI2ktihXty3/+nqQV ebqeUyzEjTEU7s+qwm4=; b=kxA7R8K0XCpsvjFAj6LFC+gzlF6d79riemg7O5JX X68qY18UPuBR4Ng7qiUYfgjUDZyVFz833vUwbb0oDDovUWan02Pyc4Y2M2A+Hr0q X34V4M7nZQEqJkwSkRKaJ45Ire6d67iiHwAg4lRSRla6FLum0ZfOtUwZcEWDwD1L tm4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=RQTmlH XbI2ktihXty3/+nqQVebqeUyzEjTEU7s+qwm4=; b=kQsnrcfmxlwWfFhmNbIKt7 JVLtHfIgyATAQhs/+236o0J7uNBdBRpL7f5GZvnOk30/YZaH+h2trvqJjpD5R26Q Qa21ytGTpObpKLxWMeuvKDZzyhVMToxYteYbGJxFespjyioAtTSfb5pyEYZ+vwzO uEPPnf71780IJne5FtRLXsEfP+BA8T4YxBaU7f68MRWlOOyJQDTxQbh1NLP0zq3j Qc9Re4clYSLsYXNKQUgMAOFzeJptV8c50WKQUu0m13kh3lWfpQuhv3dxercV3tkt jTBYLTWos8b1xN1hdN2dh2Aw+l6zZ5PkqFujTbuSXC5EUYBAhzDEFn5z74zyoBrA == X-ME-Sender: <xms:52V3YHNu9QBiml60BsLW1-mpcxbBqc4gVtJxgvh_p4tZ_MgeH6j2ew> <xme:52V3YMhmqeOrR7DuTjerJEG19VV4YCG83JqY_oITh8AQeTX2gJj28oPoiSJodSmQ9 JjrbR6-okf_gMhRYw> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudelvddgtdefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvffukfhfgggtuggjsehttdertddttddvnecuhfhrohhmpefnvghoucfh rghmuhhlrghrihcuoehlvghosehfrghmuhhlrghrihdrnhgrmhgvqeenucggtffrrghtth gvrhhnpeeukeektdffvddtudegjeegtdevhfeufeeivdejiedtieegtdevjedvjeehffev gfenucfkphepuddttddruddurdduieelrdduudeknecuvehluhhsthgvrhfuihiivgeptd enucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: <xmx:52V3YC2B-CqtAcZfAGNT-k_aDDDeNugWeb0d5Nju0wijjtllMXTv2Q> <xmx:52V3YOijmlgnmtI_DXqzwbPFUVFE8wixwCLMFp_3XqAHsTUxSSoRtw> <xmx:52V3YKeHkEEzjF3A2qXi7N7dfcn-ZQ0QsX-udK0-MeDTdtw733BbEg> <xmx:6GV3YFG4R2oGwzaEsd6Fnuppn8OX29XWJciN-C6PWSUh4w1E7-i21g> Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net [100.11.169.118]) by mail.messagingengine.com (Postfix) with ESMTPA id 9DCED1080069; Wed, 14 Apr 2021 18:00:06 -0400 (EDT) Date: Wed, 14 Apr 2021 18:00:02 -0400 From: Leo Famulari <leo@HIDDEN> To: Leo Prikler <leo.prikler@HIDDEN> Subject: Re: bug#47106: Bubblewrap =?utf-8?Q?hates_?= =?utf-8?Q?Guix_containers_=F0=9F=98=9E?= Message-ID: <YHdl4re+gltgRrL5@HIDDEN> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <YHdLeYOvZKHh/3v0@HIDDEN> <d53a3d55f49f7f858eda39862d4b23753b850cb4.camel@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <d53a3d55f49f7f858eda39862d4b23753b850cb4.camel@HIDDEN> X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) On Wed, Apr 14, 2021 at 11:23:28PM +0200, Leo Prikler wrote: > Am Mittwoch, den 14.04.2021, 16:07 -0400 schrieb Leo Famulari: > > This bug is registered as "blocking" the upcoming release. > > > > Is there any chance it will be closed in the next 3 days? Or should I > > "unblock"? > There is a slim chance, that someone might fix it "by accident", but > I'm personally not diving that deep into bubblewrap, so I don't even > have an estimate of how much we would need to change. I think > unblocking is the wiser choice here; we can update the manual post > string freeze. Alright, thanks for explaining. I've done the "unblocking".
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Leo Famulari <leo@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.Received: (at 47106) by debbugs.gnu.org; 14 Apr 2021 21:23:37 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 14 17:23:37 2021 Received: from localhost ([127.0.0.1]:35908 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lWmz3-0001KM-9R for submit <at> debbugs.gnu.org; Wed, 14 Apr 2021 17:23:37 -0400 Received: from mailrelay.tugraz.at ([129.27.2.202]:39979) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo.prikler@HIDDEN>) id 1lWmyz-0001K9-GN for 47106 <at> debbugs.gnu.org; Wed, 14 Apr 2021 17:23:35 -0400 Received: from nijino.local (194-96-13-79.adsl.highway.telekom.at [194.96.13.79]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4FLFns64fsz3x6y; Wed, 14 Apr 2021 23:23:29 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1618435410; bh=KzGEbRMegLnq5VWUtUH2DwYB0iiKlukUWHxCakA3EJk=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=rXhtV0GxlB7rlwYQSTgUF+hk6+eVacqSfXCxXqi+q7Vx4TVjNYhQV0R+/Wi8zitTA 15gyHHlgMdrr8p8pap8cUDZrLEF7pn291wAXwyzifQjA1zrv1qn4sa1d2636DZ4dKk zGLn2Ljqds5hXxwKOoY7YsLbnlAk47bsNXXWiZ8o= Message-ID: <d53a3d55f49f7f858eda39862d4b23753b850cb4.camel@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= From: Leo Prikler <leo.prikler@HIDDEN> To: Leo Famulari <leo@HIDDEN> Date: Wed, 14 Apr 2021 23:23:28 +0200 In-Reply-To: <YHdLeYOvZKHh/3v0@HIDDEN> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <YHdLeYOvZKHh/3v0@HIDDEN> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.117 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Am Mittwoch, den 14.04.2021, 16:07 -0400 schrieb Leo Famulari: > This bug is registered as "blocking" the upcoming release. > > Is there any chance it will be closed in the next 3 days? Or should I > "unblock"? There is a slim chance, that someone might fix it "by accident", but I'm personally not diving that deep into bubblewrap, so I don't even have an estimate of how much we would need to change. I think unblocking is the wiser choice here; we can update the manual post string freeze. Regards, Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 14 Apr 2021 20:07:31 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 14 16:07:31 2021 Received: from localhost ([127.0.0.1]:35818 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lWlnP-0005jD-9z for submit <at> debbugs.gnu.org; Wed, 14 Apr 2021 16:07:31 -0400 Received: from out4-smtp.messagingengine.com ([66.111.4.28]:43525) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo@HIDDEN>) id 1lWlnN-0005iz-PB for 47106 <at> debbugs.gnu.org; Wed, 14 Apr 2021 16:07:30 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 775065C0118; Wed, 14 Apr 2021 16:07:24 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Wed, 14 Apr 2021 16:07:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=f6Mbw3Lo373sHn7JSBLajZ5b 0yXFvcw4hGA8OSNXrYw=; b=RC3dXK5l8GTLx9z4TlagWDhtTUuvfNKFO6tcqro9 I9zlsLTKPMzRmMeQOyUAHeHIqfv5UGHRrswTD2YBJKDPX48HEkiqkRfrKnYV+7jg cPk4kvv8N8hacMR/jiovWgY21fHvI482Lh4nd4kI3y8OcbNOHAoXapebBXMwX6sh awY= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=f6Mbw3 Lo373sHn7JSBLajZ5b0yXFvcw4hGA8OSNXrYw=; b=P/iJHyt2ncQnefXNl28CJq x1Qe5xVdcD8+bBYpjwnej4FO6qrk3zosgj0k9u8xd/38dNdBzdwsF+k2dEbfse5x safkwsY3xKWno7NLdCeJKQ1Q1i810hlEDFz3fLcP0MmLfbXKb6lrzH0B65QH3PHu tfkNEhRGgja7LHPqEFefp7FoBdISngV/uNQJKDaTABuSPPPRnx1XLBgIk9GHfx4P TtlcY2V2vzx1fJRKU8TM6e+U7caQPIf/njqUhZKHVKiWTc+BD/IwD4CGe5Z7zVSa CSh6CepxQ8lvqzJZ7NwPSrYWeBGk1vCtxzOOWSUGrRhvIx/0iCBCuisrsnC2I3Pw == X-ME-Sender: <xms:e0t3YJuVVwNPl2_po4EF6Qw-2izSCDc4hUMmvi6xgIl8lG07SXssSQ> <xme:e0t3YBoQY0HTHSSgslK2zw630whPzEWinKuqSNH9Vo8nlzeV2QpftZyl2hOd0hV0p xnPQ0YfB4VcjinYNQ> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudeluddgudegjecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvuffkfhggtggujgesthdtredttddtvdenucfhrhhomhepnfgvohcu hfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhirdhnrghmvgeqnecuggftrfgrth htvghrnhepueekkedtffdvtddugeejgedtvefhueefiedvjeeitdeigedtveejvdejheff vefgnecukfhppedutddtrdduuddrudeiledruddukeenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: <xmx:e0t3YPehzvhG8CSue-L4wxVzgOajLggUpfNuEA6Jv5nahnsR_ALfkA> <xmx:e0t3YJkZhN_osfX4HL8aUeAI9mftJkiKOKEsW9sSmDdBUwpvcAFSzw> <xmx:e0t3YGaZ-FObBnhTgARzXHR1AXUKxRbSjr5nzgBImwbiHj99o05pKg> <xmx:fEt3YORItTLbnxabW9TC-F1f4aKopQu6qSqQf_mxk_e9KLyEvFOTQw> Received: from localhost (pool-100-11-169-118.phlapa.fios.verizon.net [100.11.169.118]) by mail.messagingengine.com (Postfix) with ESMTPA id 057AC1080066; Wed, 14 Apr 2021 16:07:23 -0400 (EDT) Date: Wed, 14 Apr 2021 16:07:21 -0400 From: Leo Famulari <leo@HIDDEN> To: Leo Prikler <leo.prikler@HIDDEN> Subject: Re: bug#47106: Bubblewrap =?utf-8?Q?hates_?= =?utf-8?Q?Guix_containers_=F0=9F=98=9E?= Message-ID: <YHdLeYOvZKHh/3v0@HIDDEN> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) This bug is registered as "blocking" the upcoming release. Is there any chance it will be closed in the next 3 days? Or should I "unblock"?
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.zimoun <zimon.toutoune@HIDDEN>
to control <at> debbugs.gnu.org.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 16 Mar 2021 11:13:16 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Mar 16 07:13:16 2021
Received: from localhost ([127.0.0.1]:38324 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lM7dT-0002Nt-PU
for submit <at> debbugs.gnu.org; Tue, 16 Mar 2021 07:13:16 -0400
Received: from mailrelay.tugraz.at ([129.27.2.202]:18685)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <leo.prikler@HIDDEN>) id 1lM7dS-0002Nl-5y
for 47106 <at> debbugs.gnu.org; Tue, 16 Mar 2021 07:13:15 -0400
Received: from nijino.local (217-149-164-20.nat.highway.telekom.at
[217.149.164.20])
by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4F09d24vNDz1LBRw;
Tue, 16 Mar 2021 12:13:10 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 mailrelay.tugraz.at 4F09d24vNDz1LBRw
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at;
s=mailrelay; t=1615893191;
bh=vQ4FzedacoiPN54T91fdSO6VVFyp5VyAe9AwNNUADio=;
h=Subject:From:To:Cc:Date:In-Reply-To:References:From;
b=q39sBAv4NmGtcG/9e4yjPIZY4fcaLuV16XChLALduGdrd1Mdzw3+HzzRvxbV9r20Z
XMe8dbkjI6e9FJdWg6McAfu4orHrFyP1wd65AWYpjrr9D3eZkjh6hZ/5BJZU+c1YBy
72DdSVzf9rbHZ0B0HKoXGUOoyZKGQgO/P3ZKP1eo=
Message-ID: <65e3ddcc4b625ed496222f6072542cd250b08a76.camel@HIDDEN>
Subject: Re: bug#47106: Bubblewrap hates Guix containers
=?UTF-8?Q?=F0=9F=98=9E?=
From: Leo Prikler <leo.prikler@HIDDEN>
To: Bengt Richter <bokr@HIDDEN>
Date: Tue, 16 Mar 2021 12:13:10 +0100
In-Reply-To: <20210316105442.GA3903@LionPure>
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
<20210313170704.GA3712@LionPure>
<a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
<20210314174539.GA10548@LionPure>
<d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN>
<20210316105442.GA3903@LionPure>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.34.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw
X-Spam-Scanner: SpamAssassin 3.003001
X-Spam-Score-relay: -1.9
X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Hi,
Am Dienstag, den 16.03.2021, 11:54 +0100 schrieb Bengt Richter:
> Hi Leo,
> One more favor? ;)
>
> On +2021-03-14 19:05:24 +0100, Leo Prikler wrote:
> > Hi again³
> >
> > Am Sonntag, den 14.03.2021, 18:45 +0100 schrieb Bengt Richter:
> > > Hi again^2,
> > >
> > > Maybe
> > > pstree -at
> > > would show a little more?
> > sh
> > |-dbus-daemon --syslog-only --fork --print-pid 5 --print-address
> > 7
> > --sess
> > |-dbus-launch --autolaunch=fa7a4d52637958ddd37547bb5d8bd9d2
> > --binary-
> > synt
> > `-screen
> > `-screen
> > |-sh
> > | `-.epiphany-real
> > | |-WebKitNetworkPr 3 21
> > | | |-{BMScavenger}
> > | | |-{ReceiveQueue}
> > | | |-{StorageTask}
> > | | |-{Storage}
> > | | |-{WebStorage}
> > | | |-{background}
> > | | |-{dconf worker}
> > | | |-{erialBackground}
> > | | |-{gdbus}
> > | | `-{gmain}
> > | |-bwrap --args 37 --
> > /gnu/store/hqhxgw0i8xh38h6kwmyrkywcd24q5f1z-webk
> > | | `-bwrap --args 37 --
> > /gnu/store/hqhxgw0i8xh38h6kwmyrkywcd24q5f1z-webk
> > | | `-WebKitWebProces 1277 28
> > | |-{.epiphany-real}
> > | |-{BMScavenger}
> > | |-{HashSaltStorage}
> > | |-{IconDatabase}
> > | |-{PressureMonitor}
> > | |-2*[{ReceiveQueue}]
> > | |-{dconf worker}
> > | |-{e Compile Queue}
> > | |-{ebsiteDataStore}
> > | |-{gdbus}
> > | |-{gmain}
> > | |-{re Remove Queue}
> > | `-{tore Read Queue}
> > `-sh
> > `-pstree -at
> > > Also,
> > > ls -lr /sys/class/drm
> > total 0
> > -r--r--r-- 1 65534 overflow 4096 Mar 14 17:59 version
> > lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 ttm ->
> > ../../devices/virtual/drm/ttm
> > lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 renderD128 ->
> > ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/renderD128
> > lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 card0-VGA-1 ->
> > ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-
> > VGA-
> > 1
> > lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 card0-HDMI-A-1 ->
> > ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-
> > HDMI-A-1
> > lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 card0-DVI-D-1 ->
> > ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-
> > DVI-
> > D-1
> > lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 card0 ->
> > ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0
> > > if that's accessible -- I'm wondering if the version of screen
> > > in the container is built with libdrm and is bypassing X or ??
> > I doubt it is being built differently than screen normally is.
> >
> > > Do you have a makefile or a guix something.scm defining
> > > what's built/packed into your container?
> > Nah, it's a rather ad-hoc definition grown from what should be an
> > Eolie
> > container from the cookbook (also refer to #47097).
> >
> > guix environment --preserve='^DISPLAY$' --preserve=XAUTHORITY \
> > --preserve=TERM \
> > --expose=$XAUTHORITY \
> > --expose=/etc/machine-id \
> > --expose=/etc/ssl/certs/ \
> > --expose=/sys/block --expose=/sys/class --expose=/sys/bus \
> > --expose=/sys/dev --expose=/sys/devices \
> > --ad-hoc epiphany nss-certs dbus procps coreutils psmisc
> > screen
> >
> > Given that I expose most of /sys explicitly, you should take the
> > above
> > with a grain of salt.
> >
> > > Sorry if my curiosity is making work for you, but I'd like to
> > > try containers down the road -- tho right now I'm taking a break
> > > from events IRL, so I may disappear for a while...
> > I'm not personally impacted by this bug or anything, it's much
> > rather a
> > follow-up to my attempted fix of #47097. I think there might be
> > some
> > flaw in trying to run a sandbox inside a sandbox (like bubblewrap
> > inside `guix container`), that doesn't actually improve security in
> > any
> > meaningful way.
> >
> > Regards,
> > Leo
> >
>
> If you can run this inside your container, I think it will be
> interesting:
> lsof -U|grep -i wayland
>
> The above ought to show quickly if wayland is running.
>
> lsof -U shows the open sockets.
>
> If the above shows nothing, try
> lsof -U|grep -i x11
> or
> lsof -U|grep X
Nothing showed up for either, but this got me thinking. Exposing
/tmp/.X11-unix/X1 did do away with the warning, now it's unexposed
dbus, missing icons, etc. etc. Exposing all of /tmp instead yields
** (epiphany:2): ERROR **: 11:11:28.855: Failed to start embed shell D-
Bus server on unix:dir=(null): Error binding to address: No such file
or directory
I still think that exposing all of that is perhaps not the wisest idea,
but eh…
Regards,
Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 16 Mar 2021 10:55:02 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Mar 16 06:55:02 2021
Received: from localhost ([127.0.0.1]:38290 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lM7Lq-0001q3-1c
for submit <at> debbugs.gnu.org; Tue, 16 Mar 2021 06:55:02 -0400
Received: from imta-38.everyone.net ([216.200.145.38]:39154)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <bokr@HIDDEN>) id 1lM7Ln-0001ph-ID
for 47106 <at> debbugs.gnu.org; Tue, 16 Mar 2021 06:55:00 -0400
Received: from pps.filterd (omta003.sj2.proofpoint.com [127.0.0.1])
by imta-38.everyone.net (8.16.0.43/8.16.0.43) with SMTP id 12GAqYbI022416;
Tue, 16 Mar 2021 03:54:57 -0700
X-Eon-Originating-Account: PWA8kbIySTUxJ6dzi1ZYH4BQ7FXTSavK3r6B33nlqms
X-Eon-Dm: m0116787.ppops.net
Received: by m0116787.mta.everyone.net (EON-AUTHRELAY2 - 5a81cfb8)
id m0116787.603eb1d4.c9f2e; Tue, 16 Mar 2021 03:54:56 -0700
X-Eon-Sig: AQMHrIJgUI6AfXZsnwIAAAAD,b83093b5dea7232fc859ca7f427bda9f
X-Eip: YnAcN7gtBeI2ArwYFoYcxeXAwCoAc6_gE8YjC0Jqixg
Date: Tue, 16 Mar 2021 11:54:42 +0100
From: Bengt Richter <bokr@HIDDEN>
To: Leo Prikler <leo.prikler@HIDDEN>
Subject: Re: bug#47106: Bubblewrap =?utf-8?Q?hates_?=
=?utf-8?Q?Guix_containers_=F0=9F=98=9E?=
Message-ID: <20210316105442.GA3903@LionPure>
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
<20210313170704.GA3712@LionPure>
<a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
<20210314174539.GA10548@LionPure>
<d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761
definitions=2021-03-16_03:2021-03-16,
2021-03-16 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 adultscore=0
priorityscore=1501
lowpriorityscore=0 spamscore=0 mlxlogscore=999 bulkscore=0 clxscore=1034
impostorscore=0 malwarescore=0 suspectscore=0 mlxscore=0 phishscore=0
classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000
definitions=main-2103160075
X-Spam-Score: 0.3 (/)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Bengt Richter <bokr@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.7 (/)
Hi Leo,
One more favor? ;)
On +2021-03-14 19:05:24 +0100, Leo Prikler wrote:
> Hi again³
>
> Am Sonntag, den 14.03.2021, 18:45 +0100 schrieb Bengt Richter:
> > Hi again^2,
> >
> > Maybe
> > pstree -at
> > would show a little more?
> sh
> |-dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7
> --sess
> |-dbus-launch --autolaunch=fa7a4d52637958ddd37547bb5d8bd9d2--binary-
> synt
> `-screen
> `-screen
> |-sh
> | `-.epiphany-real
> | |-WebKitNetworkPr 3 21
> | | |-{BMScavenger}
> | | |-{ReceiveQueue}
> | | |-{StorageTask}
> | | |-{Storage}
> | | |-{WebStorage}
> | | |-{background}
> | | |-{dconf worker}
> | | |-{erialBackground}
> | | |-{gdbus}
> | | `-{gmain}
> | |-bwrap --args 37 --
> /gnu/store/hqhxgw0i8xh38h6kwmyrkywcd24q5f1z-webk
> | | `-bwrap --args 37 --
> /gnu/store/hqhxgw0i8xh38h6kwmyrkywcd24q5f1z-webk
> | | `-WebKitWebProces 1277 28
> | |-{.epiphany-real}
> | |-{BMScavenger}
> | |-{HashSaltStorage}
> | |-{IconDatabase}
> | |-{PressureMonitor}
> | |-2*[{ReceiveQueue}]
> | |-{dconf worker}
> | |-{e Compile Queue}
> | |-{ebsiteDataStore}
> | |-{gdbus}
> | |-{gmain}
> | |-{re Remove Queue}
> | `-{tore Read Queue}
> `-sh
> `-pstree -at
> > Also,
> > ls -lr /sys/class/drm
> total 0
> -r--r--r-- 1 65534 overflow 4096 Mar 14 17:59 version
> lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 ttm ->
> ../../devices/virtual/drm/ttm
> lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 renderD128 ->
> ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/renderD128
> lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 card0-VGA-1 ->
> ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-VGA-
> 1
> lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 card0-HDMI-A-1 ->
> ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-
> HDMI-A-1
> lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 card0-DVI-D-1 ->
> ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-DVI-
> D-1
> lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 card0 ->
> ../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0
> > if that's accessible -- I'm wondering if the version of screen
> > in the container is built with libdrm and is bypassing X or ??
> I doubt it is being built differently than screen normally is.
>
> > Do you have a makefile or a guix something.scm defining
> > what's built/packed into your container?
> Nah, it's a rather ad-hoc definition grown from what should be an Eolie
> container from the cookbook (also refer to #47097).
>
> guix environment --preserve='^DISPLAY$' --preserve=XAUTHORITY \
> --preserve=TERM \
> --expose=$XAUTHORITY \
> --expose=/etc/machine-id \
> --expose=/etc/ssl/certs/ \
> --expose=/sys/block --expose=/sys/class --expose=/sys/bus \
> --expose=/sys/dev --expose=/sys/devices \
> --ad-hoc epiphany nss-certs dbus procps coreutils psmisc screen
>
> Given that I expose most of /sys explicitly, you should take the above
> with a grain of salt.
>
> > Sorry if my curiosity is making work for you, but I'd like to
> > try containers down the road -- tho right now I'm taking a break
> > from events IRL, so I may disappear for a while...
> I'm not personally impacted by this bug or anything, it's much rather a
> follow-up to my attempted fix of #47097. I think there might be some
> flaw in trying to run a sandbox inside a sandbox (like bubblewrap
> inside `guix container`), that doesn't actually improve security in any
> meaningful way.
>
> Regards,
> Leo
>
If you can run this inside your container, I think it will be interesting:
lsof -U|grep -i wayland
The above ought to show quickly if wayland is running.
lsof -U shows the open sockets.
If the above shows nothing, try
lsof -U|grep -i x11
or
lsof -U|grep X
finally, it is interesting to see
lsof -U|less
but on my laptop I just got
lsof -U|wc
403 3760 34643
so its a lot to look at.
Hopefully less in a container ;)
--
Regards,
Bengt Richter
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 15 Mar 2021 13:29:30 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Mar 15 09:29:30 2021
Received: from localhost ([127.0.0.1]:35082 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lLnHm-0006s2-7n
for submit <at> debbugs.gnu.org; Mon, 15 Mar 2021 09:29:30 -0400
Received: from eggs.gnu.org ([209.51.188.92]:48302)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <ludo@HIDDEN>) id 1lLnHj-0006rl-Jl
for 47106 <at> debbugs.gnu.org; Mon, 15 Mar 2021 09:29:28 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:40363)
by eggs.gnu.org with esmtp (Exim 4.90_1)
(envelope-from <ludo@HIDDEN>)
id 1lLnHc-0004mR-N9; Mon, 15 Mar 2021 09:29:20 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=45590 helo=ribbon)
by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
(Exim 4.82) (envelope-from <ludo@HIDDEN>)
id 1lLnHb-0007Pr-Nq; Mon, 15 Mar 2021 09:29:20 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Leo Prikler <leo.prikler@HIDDEN>
Subject: Re: bug#47106: Bubblewrap hates Guix containers
=?utf-8?Q?=F0=9F=98=9E?=
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
<20210313170704.GA3712@LionPure>
<a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
<20210314174539.GA10548@LionPure>
<d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN>
<87sg4xlbn0.fsf@HIDDEN>
<6c6b39f495962ec906255cac212b66962d549eab.camel@HIDDEN>
<87pn00iw1f.fsf@HIDDEN>
<b7e184f6a0ceece097f9fc3f25cb47a0ccdf6d34.camel@HIDDEN>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 25 =?utf-8?Q?Vent=C3=B4se?= an 229 de la =?utf-8?Q?R?=
=?utf-8?Q?=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
Date: Mon, 15 Mar 2021 14:29:17 +0100
In-Reply-To: <b7e184f6a0ceece097f9fc3f25cb47a0ccdf6d34.camel@HIDDEN>
(Leo Prikler's message of "Mon, 15 Mar 2021 11:14:11 +0100")
Message-ID: <87sg4wh7f6.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Bengt Richter <bokr@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.7 (-)
Hi,
Leo Prikler <leo.prikler@HIDDEN> skribis:
> Okay, so here's my basic workflow: Starting with an empty set of --
> expose:
> bwrap: Can't find source path /sys/block: No such file or directory
> repeated a few times along with warnings, that the web process crashed
> until finally Epiphany itself crashes.=20
> I add /sys/block, and Epiphany miraculously doesn't crash, but bwrap
> still complains and the web processes still crash, so we march on.=20
> I'll abbreviate it a little and only show the error messages.
> bwrap: Can't find source path /sys/bus: No such file or directory
> bwrap: Can't find source path /sys/class: No such file or directory=20
> bwrap: Can't find source path /sys/dev: No such file or directory=20
> bwrap: Can't find source path /sys/devices: No such file or directory
OK. Additional data points from my Guix System laptop:
--8<---------------cut here---------------start------------->8---
$ guix environment -C --ad-hoc findutils -- find /sys |wc -l
37575
$ find /sys | wc -l
find: =E2=80=98/sys/kernel/debug=E2=80=99: Mankas permeso
38026
$ guix environment -C --ad-hoc findutils -- find /sys/block |wc -l
27
$ find /sys/block | wc -l
27
--8<---------------cut here---------------end--------------->8---
The offending Bubblewrap code is:
--8<---------------cut here---------------start------------->8---
static void
resolve_symlinks_in_ops (void)
{
SetupOp *op;
for (op =3D ops; op !=3D NULL; op =3D op->next)
{
const char *old_source;
switch (op->type)
{
case SETUP_RO_BIND_MOUNT:
case SETUP_DEV_BIND_MOUNT:
case SETUP_BIND_MOUNT:
old_source =3D op->source;
op->source =3D realpath (old_source, NULL);
if (op->source =3D=3D NULL)
{
if (op->flags & ALLOW_NOTEXIST && errno =3D=3D ENOENT)
op->source =3D old_source;
else
die_with_error("Can't find source path %s", old_source);
}
break;
default:
break;
}
}
}
--8<---------------cut here---------------end--------------->8---
I wonder how =E2=80=98realpath=E2=80=99 can fail here. In fact, it Works F=
or Me:
--8<---------------cut here---------------start------------->8---
$ cat realpath.scm
(use-modules (system foreign))
(define realpath
(let ((proc (pointer->procedure '* (dynamic-func "realpath" (dynamic-link=
))
'(* *))))
(lambda (path)
(let ((result (proc (string->pointer path) %null-pointer)))
(and (not (null-pointer? result))
(pointer->string result))))))
(pk 'realpath-> (realpath "/sys/block"))
$ guix environment -C --ad-hoc guile -- guile -s realpath.scm
;;; note: auto-compilation is enabled, set GUILE_AUTO_COMPILE=3D0
;;; or pass the --no-auto-compile argument to disable.
;;; compiling /home/ludo/src/guix-debugging/realpath.scm
;;; compiled /home/ludo/.cache/guile/ccache/3.0-LE-8-4.4/home/ludo/src/guix=
-debugging/realpath.scm.go
;;; (realpath-> "/sys/block")
--8<---------------cut here---------------end--------------->8---
So I presume bwrap does something else before it reaches that warning.
We should really strace it.
Thanks,
Ludo=E2=80=99.
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 15 Mar 2021 10:14:20 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Mar 15 06:14:20 2021 Received: from localhost ([127.0.0.1]:34913 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLkEu-00081g-G8 for submit <at> debbugs.gnu.org; Mon, 15 Mar 2021 06:14:20 -0400 Received: from mailrelay.tugraz.at ([129.27.2.202]:43179) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo.prikler@HIDDEN>) id 1lLkEq-00081T-Bc for 47106 <at> debbugs.gnu.org; Mon, 15 Mar 2021 06:14:18 -0400 Received: from nijino.local (217-149-164-20.nat.highway.telekom.at [217.149.164.20]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DzXMS74RTz1LZ3K; Mon, 15 Mar 2021 11:14:12 +0100 (CET) DKIM-Filter: OpenDKIM Filter v2.11.0 mailrelay.tugraz.at 4DzXMS74RTz1LZ3K DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1615803253; bh=EOaG+LN6PE0xPrZwwhxpbrQIEUASi8l5Qlp+VW/EoAw=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=Ht55gR9+fQ6Ehfn+CuUhbIJss6ogoWUoKO4VHE6UCjw8jhtYwji4DR1NPbzRnQlVd pUZiR2xfU9mQAf5JfwpZiYUA8GBC4NFthzqTOTfUI9uEwFMUccPWdm6LBS8TLDpIg1 46V4Dbigerx0wtblpTsNZQD1Xoukv8wqj9EgScek= Message-ID: <b7e184f6a0ceece097f9fc3f25cb47a0ccdf6d34.camel@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= From: Leo Prikler <leo.prikler@HIDDEN> To: Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN> Date: Mon, 15 Mar 2021 11:14:11 +0100 In-Reply-To: <87pn00iw1f.fsf@HIDDEN> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> <20210313122718.GA11708@LionPure> <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN> <20210313170704.GA3712@LionPure> <a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN> <20210314174539.GA10548@LionPure> <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN> <87sg4xlbn0.fsf@HIDDEN> <6c6b39f495962ec906255cac212b66962d549eab.camel@HIDDEN> <87pn00iw1f.fsf@HIDDEN> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org, Bengt Richter <bokr@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Am Montag, den 15.03.2021, 10:52 +0100 schrieb Ludovic Courtès: > Hi Leo, > > Leo Prikler <leo.prikler@HIDDEN> skribis: > > > > /sys is already mounted inside ‘guix environment -C’ containers > > > so I > > > don’t see what difference it would make. > > I think I've been told this several times, but I don't believe > > it. Not > > adding all these expose=/sys lines triggers the "warnings" in the > > original post. (Okay, perhaps one of /sys/dev and /sys/devices is > > superfluous, I would need to check.) > > It would be great if you could pinpoint which of these -- > expose=/sys/xyz > makes a difference. From there we could compare the output of ‘find > /sys/xyz’ inside and outside the container, without --expose. Okay, so here's my basic workflow: Starting with an empty set of -- expose: bwrap: Can't find source path /sys/block: No such file or directory repeated a few times along with warnings, that the web process crashed until finally Epiphany itself crashes. I add /sys/block, and Epiphany miraculously doesn't crash, but bwrap still complains and the web processes still crash, so we march on. I'll abbreviate it a little and only show the error messages. bwrap: Can't find source path /sys/bus: No such file or directory bwrap: Can't find source path /sys/class: No such file or directory bwrap: Can't find source path /sys/dev: No such file or directory bwrap: Can't find source path /sys/devices: No such file or directory After exposing all of the above, I get Unable to init server: Could not connect: Connection refused (WebKitWebProcess:2): Gtk-WARNING **: 10:09:01.497: cannot open display: :1 Using --share instead of --expose for the final set does not seem to change anything. For /sys/block, the find inside the container is empty before exposing it and non-empty on the host. I assume the same holds for the others. Regards, Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 15 Mar 2021 09:52:28 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Mar 15 05:52:28 2021 Received: from localhost ([127.0.0.1]:34904 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLjtk-0007V3-EG for submit <at> debbugs.gnu.org; Mon, 15 Mar 2021 05:52:28 -0400 Received: from eggs.gnu.org ([209.51.188.92]:54114) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1lLjtj-0007Up-02 for 47106 <at> debbugs.gnu.org; Mon, 15 Mar 2021 05:52:27 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:37709) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1lLjtY-0004wV-Tv; Mon, 15 Mar 2021 05:52:19 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=43478 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1lLjtV-0003L1-U1; Mon, 15 Mar 2021 05:52:15 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Leo Prikler <leo.prikler@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?utf-8?Q?=F0=9F=98=9E?= References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> <20210313122718.GA11708@LionPure> <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN> <20210313170704.GA3712@LionPure> <a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN> <20210314174539.GA10548@LionPure> <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN> <87sg4xlbn0.fsf@HIDDEN> <6c6b39f495962ec906255cac212b66962d549eab.camel@HIDDEN> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 25 =?utf-8?Q?Vent=C3=B4se?= an 229 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Mon, 15 Mar 2021 10:52:12 +0100 In-Reply-To: <6c6b39f495962ec906255cac212b66962d549eab.camel@HIDDEN> (Leo Prikler's message of "Sun, 14 Mar 2021 21:43:57 +0100") Message-ID: <87pn00iw1f.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org, Bengt Richter <bokr@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Hi Leo, Leo Prikler <leo.prikler@HIDDEN> skribis: >> /sys is already mounted inside =E2=80=98guix environment -C=E2=80=99 con= tainers so I >> don=E2=80=99t see what difference it would make. > I think I've been told this several times, but I don't believe it. Not > adding all these expose=3D/sys lines triggers the "warnings" in the > original post. (Okay, perhaps one of /sys/dev and /sys/devices is > superfluous, I would need to check.) It would be great if you could pinpoint which of these --expose=3D/sys/xyz makes a difference. From there we could compare the output of =E2=80=98find /sys/xyz=E2=80=99 inside and outside the container, without --expose. Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 14 Mar 2021 20:44:04 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 14 16:44:04 2021 Received: from localhost ([127.0.0.1]:34289 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLXam-0001hH-DA for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 16:44:04 -0400 Received: from mailrelay.tugraz.at ([129.27.2.202]:24962) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo.prikler@HIDDEN>) id 1lLXak-0001gi-9l for 47106 <at> debbugs.gnu.org; Sun, 14 Mar 2021 16:44:03 -0400 Received: from nijino.local (217-149-164-20.nat.highway.telekom.at [217.149.164.20]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DzBNZ6J3fz3xm8; Sun, 14 Mar 2021 21:43:58 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1615754639; bh=gT5Fr9o0EmxTYR0v3N9bfvjnpU39C3GqoiPRU0nX6Ho=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=DzaMRcBUjEEWJ01FuDG6ojuVGAfXTm8YPsK+ZH1EvoHDjgDhPEDDnjsLooc1K6KnP vZYKjcipoCMfRQqybVEOn7uEO9oyOkjKDTo87ulNqvlUOMxkqcQTletkv+/SrhV01W nxkkCoeUoEXSJ+RruoQLbKetvnlumoAEzITR7VT0= Message-ID: <6c6b39f495962ec906255cac212b66962d549eab.camel@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= From: Leo Prikler <leo.prikler@HIDDEN> To: Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN> Date: Sun, 14 Mar 2021 21:43:57 +0100 In-Reply-To: <87sg4xlbn0.fsf@HIDDEN> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> <20210313122718.GA11708@LionPure> <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN> <20210313170704.GA3712@LionPure> <a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN> <20210314174539.GA10548@LionPure> <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN> <87sg4xlbn0.fsf@HIDDEN> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org, Bengt Richter <bokr@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Am Sonntag, den 14.03.2021, 21:32 +0100 schrieb Ludovic Courtès: > Hi Leo, > > Leo Prikler <leo.prikler@HIDDEN> skribis: > > > Nah, it's a rather ad-hoc definition grown from what should be an > > Eolie > > container from the cookbook (also refer to #47097). > > > > guix environment --preserve='^DISPLAY$' --preserve=XAUTHORITY \ > > --preserve=TERM \ > > --expose=$XAUTHORITY \ > > --expose=/etc/machine-id \ > > --expose=/etc/ssl/certs/ \ > > --expose=/sys/block --expose=/sys/class --expose=/sys/bus \ > > --expose=/sys/dev --expose=/sys/devices \ > > --ad-hoc epiphany nss-certs dbus procps coreutils psmisc > > screen > > I’m not sure I follow; does it work when you do this? It does work insofar as I don't get any warnings about resources missing from /sys, but the bubblewrapped WebKit processes don't have access to $DISPLAY even though epiphany itself has. While they don't crash the browser itself and just infinitely respawn, that's still far from usable. > /sys is already mounted inside ‘guix environment -C’ containers so I > don’t see what difference it would make. I think I've been told this several times, but I don't believe it. Not adding all these expose=/sys lines triggers the "warnings" in the original post. (Okay, perhaps one of /sys/dev and /sys/devices is superfluous, I would need to check.) > But wait, the example above lacks ‘-C’; a mistake? Indeed, -CN should also be given, but I hastily edited the command line inside the email to make it appear more beautiful than it actually is, thereby deleting it. I'm sorry. The preserves and exposes should be the same list as I'm actually using however. Regards, Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 14 Mar 2021 20:32:31 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 14 16:32:31 2021 Received: from localhost ([127.0.0.1]:34269 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lLXPb-0001QS-Be for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 16:32:31 -0400 Received: from eggs.gnu.org ([209.51.188.92]:56744) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1lLXPZ-0001QF-D6 for 47106 <at> debbugs.gnu.org; Sun, 14 Mar 2021 16:32:29 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:59215) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1lLXPS-0007IW-41; Sun, 14 Mar 2021 16:32:22 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=40488 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1lLXPR-0003rR-8W; Sun, 14 Mar 2021 16:32:21 -0400 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Leo Prikler <leo.prikler@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?utf-8?Q?=F0=9F=98=9E?= References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> <20210313122718.GA11708@LionPure> <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN> <20210313170704.GA3712@LionPure> <a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN> <20210314174539.GA10548@LionPure> <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 24 =?utf-8?Q?Vent=C3=B4se?= an 229 de la =?utf-8?Q?R?= =?utf-8?Q?=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Sun, 14 Mar 2021 21:32:19 +0100 In-Reply-To: <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN> (Leo Prikler's message of "Sun, 14 Mar 2021 19:05:24 +0100") Message-ID: <87sg4xlbn0.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org, Bengt Richter <bokr@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Hi Leo, Leo Prikler <leo.prikler@HIDDEN> skribis: > Nah, it's a rather ad-hoc definition grown from what should be an Eolie > container from the cookbook (also refer to #47097). > > guix environment --preserve=3D'^DISPLAY$' --preserve=3DXAUTHORITY \ > --preserve=3DTERM \ > --expose=3D$XAUTHORITY \ > --expose=3D/etc/machine-id \ > --expose=3D/etc/ssl/certs/ \ > --expose=3D/sys/block --expose=3D/sys/class --expose=3D/sys/bus \ > --expose=3D/sys/dev --expose=3D/sys/devices \ > --ad-hoc epiphany nss-certs dbus procps coreutils psmisc screen I=E2=80=99m not sure I follow; does it work when you do this? /sys is already mounted inside =E2=80=98guix environment -C=E2=80=99 contai= ners so I don=E2=80=99t see what difference it would make. But wait, the example above lacks =E2=80=98-C=E2=80=99; a mistake? Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 14 Mar 2021 18:05:30 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 14 14:05:30 2021
Received: from localhost ([127.0.0.1]:34174 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lLV7K-0005Sc-BQ
for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 14:05:30 -0400
Received: from mailrelay.tugraz.at ([129.27.2.202]:24319)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <leo.prikler@HIDDEN>) id 1lLV7I-0005ST-HQ
for 47106 <at> debbugs.gnu.org; Sun, 14 Mar 2021 14:05:29 -0400
Received: from nijino.local (217-149-164-20.nat.highway.telekom.at
[217.149.164.20])
by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4Dz6sc712rz3xmf;
Sun, 14 Mar 2021 19:05:24 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at;
s=mailrelay; t=1615745125;
bh=fMQnoVe24+ivB4ucJ8nNvZ/p7vOPPEUXW6rQDjOJ5lo=;
h=Subject:From:To:Cc:Date:In-Reply-To:References;
b=rbw8RjU0LJFGlLv3JqFDtyp2IfVl4tiA+VRtG2LhHEgARKsgRG28TEfP6gxCNfhJR
9N+0kxNoClbEORAHF/EAz/BjZFzms0ZUC5EYTJaj/xW3TM/WM+RJcP0GYHI8yrXlI8
IYbcVJkbCS5YO0d6EDLpUtjqIbfGOpWHbDXXdK9E=
Message-ID: <d0638eba7e63c71edd4267c1675e0ea7f5b7b4ae.camel@HIDDEN>
Subject: Re: bug#47106: Bubblewrap hates Guix containers
=?UTF-8?Q?=F0=9F=98=9E?=
From: Leo Prikler <leo.prikler@HIDDEN>
To: Bengt Richter <bokr@HIDDEN>
Date: Sun, 14 Mar 2021 19:05:24 +0100
In-Reply-To: <20210314174539.GA10548@LionPure>
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
<20210313170704.GA3712@LionPure>
<a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
<20210314174539.GA10548@LionPure>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.34.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw
X-Spam-Scanner: SpamAssassin 3.003001
X-Spam-Score-relay: -1.9
X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Hi again³
Am Sonntag, den 14.03.2021, 18:45 +0100 schrieb Bengt Richter:
> Hi again^2,
>
> Maybe
> pstree -at
> would show a little more?
sh
|-dbus-daemon --syslog-only --fork --print-pid 5 --print-address 7
--sess
|-dbus-launch --autolaunch=fa7a4d52637958ddd37547bb5d8bd9d2--binary-
synt
`-screen
`-screen
|-sh
| `-.epiphany-real
| |-WebKitNetworkPr 3 21
| | |-{BMScavenger}
| | |-{ReceiveQueue}
| | |-{StorageTask}
| | |-{Storage}
| | |-{WebStorage}
| | |-{background}
| | |-{dconf worker}
| | |-{erialBackground}
| | |-{gdbus}
| | `-{gmain}
| |-bwrap --args 37 --
/gnu/store/hqhxgw0i8xh38h6kwmyrkywcd24q5f1z-webk
| | `-bwrap --args 37 --
/gnu/store/hqhxgw0i8xh38h6kwmyrkywcd24q5f1z-webk
| | `-WebKitWebProces 1277 28
| |-{.epiphany-real}
| |-{BMScavenger}
| |-{HashSaltStorage}
| |-{IconDatabase}
| |-{PressureMonitor}
| |-2*[{ReceiveQueue}]
| |-{dconf worker}
| |-{e Compile Queue}
| |-{ebsiteDataStore}
| |-{gdbus}
| |-{gmain}
| |-{re Remove Queue}
| `-{tore Read Queue}
`-sh
`-pstree -at
> Also,
> ls -lr /sys/class/drm
total 0
-r--r--r-- 1 65534 overflow 4096 Mar 14 17:59 version
lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 ttm ->
../../devices/virtual/drm/ttm
lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 renderD128 ->
../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/renderD128
lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 card0-VGA-1 ->
../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-VGA-
1
lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:59 card0-HDMI-A-1 ->
../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-
HDMI-A-1
lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 card0-DVI-D-1 ->
../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0/card0-DVI-
D-1
lrwxrwxrwx 1 65534 overflow 0 Mar 14 17:58 card0 ->
../../devices/pci0000:00/0000:00:02.0/0000:01:00.0/drm/card0
> if that's accessible -- I'm wondering if the version of screen
> in the container is built with libdrm and is bypassing X or ??
I doubt it is being built differently than screen normally is.
> Do you have a makefile or a guix something.scm defining
> what's built/packed into your container?
Nah, it's a rather ad-hoc definition grown from what should be an Eolie
container from the cookbook (also refer to #47097).
guix environment --preserve='^DISPLAY$' --preserve=XAUTHORITY \
--preserve=TERM \
--expose=$XAUTHORITY \
--expose=/etc/machine-id \
--expose=/etc/ssl/certs/ \
--expose=/sys/block --expose=/sys/class --expose=/sys/bus \
--expose=/sys/dev --expose=/sys/devices \
--ad-hoc epiphany nss-certs dbus procps coreutils psmisc screen
Given that I expose most of /sys explicitly, you should take the above
with a grain of salt.
> Sorry if my curiosity is making work for you, but I'd like to
> try containers down the road -- tho right now I'm taking a break
> from events IRL, so I may disappear for a while...
I'm not personally impacted by this bug or anything, it's much rather a
follow-up to my attempted fix of #47097. I think there might be some
flaw in trying to run a sandbox inside a sandbox (like bubblewrap
inside `guix container`), that doesn't actually improve security in any
meaningful way.
Regards,
Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 14 Mar 2021 17:46:04 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 14 13:46:04 2021
Received: from localhost ([127.0.0.1]:34147 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lLUoV-0004zD-Ny
for submit <at> debbugs.gnu.org; Sun, 14 Mar 2021 13:46:03 -0400
Received: from imta-37.everyone.net ([216.200.145.37]:46914
helo=imta-38.everyone.net)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <bokr@HIDDEN>) id 1lLUoT-0004ya-Rj
for 47106 <at> debbugs.gnu.org; Sun, 14 Mar 2021 13:46:02 -0400
Received: from pps.filterd (localhost.localdomain [127.0.0.1])
by imta-38.everyone.net (8.16.0.43/8.16.0.43) with SMTP id 12EHgd05015767;
Sun, 14 Mar 2021 10:46:00 -0700
X-Eon-Originating-Account: 3cLtK-juvhbCCNNW9BvWGNaf00VE6aQIx-kIYqhUXLQ
X-Eon-Dm: m0117124.ppops.net
Received: by m0117124.mta.everyone.net (EON-AUTHRELAY2 - 5a81ca92)
id m0117124.603eb1e9.fb848; Sun, 14 Mar 2021 10:45:53 -0700
X-Eon-Sig: AQMHrIJgTkvRwqqdbwIAAAAD,791728d8ef958c1f93894fb60abbc5a5
X-Eip: dglXpDcTS_SW7v8OTp-l8DbEGFfVCWdCWnb6YvE8jnI
Date: Sun, 14 Mar 2021 18:45:39 +0100
From: Bengt Richter <bokr@HIDDEN>
To: Leo Prikler <leo.prikler@HIDDEN>
Subject: Re: bug#47106: Bubblewrap =?utf-8?Q?hates_?=
=?utf-8?Q?Guix_containers_=F0=9F=98=9E?=
Message-ID: <20210314174539.GA10548@LionPure>
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
<20210313170704.GA3712@LionPure>
<a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761
definitions=2021-03-14_09:2021-03-12,
2021-03-14 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0
adultscore=0 spamscore=0
priorityscore=1501 mlxlogscore=999 impostorscore=0 mlxscore=0
malwarescore=0 phishscore=0 suspectscore=0 clxscore=1034
lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1
engine=8.12.0-2009150000 definitions=main-2103140138
X-Spam-Score: 0.2 (/)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Bengt Richter <bokr@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.8 (/)
Hi again^2,
On +2021-03-13 19:01:29 +0100, Leo Prikler wrote:
> Am Samstag, den 13.03.2021, 18:07 +0100 schrieb Bengt Richter:
> > I am not a Wayland developer, if that's what you mean by "Wayland
> > folk" :)
> I meant it as "folk using Wayland in their display manager".
>
> > I am curious what the commands below would show inside your
> > container.
> > "pidparents" [1] is a little script I find handy, which would have to
> > be
> > accessible in your container of course. Idk how you put local bash
> > scripts
> > in your container. I assume it's possible :)
> Far from getting a script into my container, I can't even really get
> into my container through means like `guix container exec`, so I simply
> bloated it with screen and pstree. The result:
>
> --8<---------------cut here---------------start------------->8---
> sh-+-dbus-daemon
> |-dbus-launch
> `-screen---screen-+-sh---.epiphany-real-+-WebKitNetworkPr---
> 11*[{WebKitNetworkPr}]
> | |-bwrap---bwrap---
> WebKitWebProces
> | `-18*[{.epiphany-real}]
> `-sh---pstree
> --8<---------------cut here---------------end--------------->8---
>
> I think these processes are created and die too quickly for me to
> reliably extract PIDs.
>
> Regards,
> Leo
>
Maybe
pstree -at
would show a little more?
Also,
ls -lr /sys/class/drm
if that's accessible -- I'm wondering if the version of screen
in the container is built with libdrm and is bypassing X or ??
Do you have a makefile or a guix something.scm defining
what's built/packed into your container?
Sorry if my curiosity is making work for you, but I'd like to
try containers down the road -- tho right now I'm taking a break
from events IRL, so I may disappear for a while...
--
Regards,
Bengt Richter
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 13 Mar 2021 18:01:38 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 13 13:01:38 2021
Received: from localhost ([127.0.0.1]:60644 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lL8a1-0003ro-Hf
for submit <at> debbugs.gnu.org; Sat, 13 Mar 2021 13:01:38 -0500
Received: from mailrelay.tugraz.at ([129.27.2.202]:56189)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <leo.prikler@HIDDEN>) id 1lL8Zy-0003rc-9i
for 47106 <at> debbugs.gnu.org; Sat, 13 Mar 2021 13:01:35 -0500
Received: from nijino.local (217-149-164-20.nat.highway.telekom.at
[217.149.164.20])
by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DyVqZ4BbGz3xnS;
Sat, 13 Mar 2021 19:01:30 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at;
s=mailrelay; t=1615658490;
bh=5DraWiv4Sfuim/cpx0QHGFR/L5YMj1we2s43GgvXBbI=;
h=Subject:From:To:Cc:Date:In-Reply-To:References;
b=cJsE7NlLFVjuCrAiE2hFwXJOUj88lYtMxZTSGyYn3lBJKf741mN+vJk42hBZmNmNz
7jKoMXqTXRZ8iWTEXxVk3SgMAONX6Bu7r8LtSZamauyEvaatd9MximUwfj7dPzgDZt
mvgCAcR+wKM+OoELcfDTout9wpJABaqnnj9E2S8c=
Message-ID: <a4efcc5c7928de5d89596500803dee510d85b7c0.camel@HIDDEN>
Subject: Re: bug#47106: Bubblewrap hates Guix containers
=?UTF-8?Q?=F0=9F=98=9E?=
From: Leo Prikler <leo.prikler@HIDDEN>
To: Bengt Richter <bokr@HIDDEN>
Date: Sat, 13 Mar 2021 19:01:29 +0100
In-Reply-To: <20210313170704.GA3712@LionPure>
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
<20210313170704.GA3712@LionPure>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.34.2
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw
X-Spam-Scanner: SpamAssassin 3.003001
X-Spam-Score-relay: -1.9
X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -3.3 (---)
Am Samstag, den 13.03.2021, 18:07 +0100 schrieb Bengt Richter:
> I am not a Wayland developer, if that's what you mean by "Wayland
> folk" :)
I meant it as "folk using Wayland in their display manager".
> I am curious what the commands below would show inside your
> container.
> "pidparents" [1] is a little script I find handy, which would have to
> be
> accessible in your container of course. Idk how you put local bash
> scripts
> in your container. I assume it's possible :)
Far from getting a script into my container, I can't even really get
into my container through means like `guix container exec`, so I simply
bloated it with screen and pstree. The result:
--8<---------------cut here---------------start------------->8---
sh-+-dbus-daemon
|-dbus-launch
`-screen---screen-+-sh---.epiphany-real-+-WebKitNetworkPr---
11*[{WebKitNetworkPr}]
| |-bwrap---bwrap---
WebKitWebProces
| `-18*[{.epiphany-real}]
`-sh---pstree
--8<---------------cut here---------------end--------------->8---
I think these processes are created and die too quickly for me to
reliably extract PIDs.
Regards,
Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
Received: (at 47106) by debbugs.gnu.org; 13 Mar 2021 17:07:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 13 12:07:25 2021
Received: from localhost ([127.0.0.1]:60599 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1lL7jY-0002aK-QB
for submit <at> debbugs.gnu.org; Sat, 13 Mar 2021 12:07:25 -0500
Received: from imta-36.everyone.net ([216.200.145.36]:38396
helo=imta-38.everyone.net)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <bokr@HIDDEN>) id 1lL7jW-0002aB-GU
for 47106 <at> debbugs.gnu.org; Sat, 13 Mar 2021 12:07:23 -0500
Received: from pps.filterd (omta002.sj2.proofpoint.com [127.0.0.1])
by imta-38.everyone.net (8.16.0.43/8.16.0.43) with SMTP id 12DH2u6x023173;
Sat, 13 Mar 2021 09:07:21 -0800
X-Eon-Originating-Account: ghZWNUNKa9UxsgdRue6yNm7cAUbYpj1vhKAcdIrq82A
X-Eon-Dm: m0116953.ppops.net
Received: by m0116953.mta.everyone.net (EON-AUTHRELAY2 - 5a81c7fd)
id m0116953.603eb1da.e9dde; Sat, 13 Mar 2021 09:07:18 -0800
X-Eon-Sig: AQMHrIJgTPFGCoIIYQIAAAAD,7f400721e11077ea3c60ccac62cac415
X-Eip: ze_byNXqiGUsfe3aOGxYYkbOO4EJm3tfCLKmgNRDkos
Date: Sat, 13 Mar 2021 18:07:04 +0100
From: Bengt Richter <bokr@HIDDEN>
To: Leo Prikler <leo.prikler@HIDDEN>
Subject: Re: bug#47106: Bubblewrap =?utf-8?Q?hates_?=
=?utf-8?Q?Guix_containers_=F0=9F=98=9E?=
Message-ID: <20210313170704.GA3712@LionPure>
References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN>
<87r1kjpbvx.fsf@HIDDEN>
<2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN>
<20210313122718.GA11708@LionPure>
<fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN>
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761
definitions=2021-03-13_06:2021-03-12,
2021-03-13 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0
lowpriorityscore=0 adultscore=0
malwarescore=0 clxscore=1034 bulkscore=0 mlxlogscore=999 suspectscore=0
priorityscore=1501 spamscore=0 mlxscore=0 phishscore=0 impostorscore=0
classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000
definitions=main-2103130133
X-Spam-Score: 0.3 (/)
X-Debbugs-Envelope-To: 47106
Cc: 47106 <at> debbugs.gnu.org, Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Reply-To: Bengt Richter <bokr@HIDDEN>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.7 (/)
Hi again,
On +2021-03-13 15:43:15 +0100, Leo Prikler wrote:
> Am Samstag, den 13.03.2021, 13:27 +0100 schrieb Bengt Richter:
> > Hi,
> >
> > On +2021-03-13 12:07:51 +0100, Leo Prikler wrote:
> > > Hi!
> > > Am Samstag, den 13.03.2021, 11:48 +0100 schrieb Ludovic Courtès:
> > > > Hi!
> > > >
> > > > Leo Prikler <leo.prikler@HIDDEN> skribis:
> > > >
> > > > > both Epiphany and Eolie (post fixing #47097; will submit patch
> > > > > shortly)
> > > > > fail inside Guix containers with the suggested
> > > > > incantation. After
> > > > > getting the environment to no longer complain about $DISPLAY by
> > > > > adding
> > > > > `--preserve="XAUTHORITY" --expose=$XAUTHORITY', it repeatedly
> > > > > outputsn
> > > > > lines like
> > > > > bwrap: Can't find source path /sys/class: No such file or
> > > > > directory
> > > > > before closing the process altogether.
> > > >
> > > > What is ‘bwrap’ looking for? /sys is mounted inside ‘guix
> > > > environment -C’,
> > > > but perhaps it needs something special?
> > > >
> > > > I suggest running these things (or ‘bwrap’ directly) in ‘strace
> > > > -f -o
> > > > log’ inside the container to see.
> > > It seems to be
> > > > openat(AT_FDCWD, "/sys/class/dmi/id/chassis_type", O_RDONLY) = -1
> > > > ENOENT (No such file or directory)
> > > > openat(AT_FDCWD, "/sys/firmware/acpi/pm_profile", O_RDONLY) = -1
> > > > ENOENT (No such file or directory)
> > >
> > > I haven't repeated that for all warnings of similar kind, but if I
> > > add
> > > `--expose=/sys/block --expose=/sys/class --expose=/sys/bus --
> > > expose=/sys/dev --expose=/sys/devices` to the invocation, I instead
> > > get
> > > a warning, that the WebKitWebProcess can't open $DISPLAY. I'm not
> > > sure
> > > how to resolve that one, given that I already had to sneak DISPLAY
> > > and
> > > XAUTHORITY into the container, but it's a start.
> > >
> > > Regards,
> > > Leo
> > >
> > Does $DISPLAY mean ":0" and does the Wayland server answer that with
> > its XWayland X-interface?
> In my setup $DISPLAY=:1, but obviously the exact value depends on other
> circumstances (i.e. if there's already an open session belonging to
> another user it'd be :2, :3, ...). I'm not sure how X vs. Wayland
> plays out here, but I'm still using Gnome on X, so that should
> hopefully not be an issue here.
>
> > I am wonderering how that is resolved inside a container.
> Well, for X you'd usually preserve DISPLAY and XAUTHORITY and also
> expose $XAUTHORITY or something along those lines. Not sure how you
> Wayland folk do that.
>
I am not a Wayland developer, if that's what you mean by "Wayland folk" :)
But I have been experimenting with writing my own text and graphics widget,
poking 32-bit pixels into buffers for display by the Wayland compositor,
so I've learned a little :) I am using the linux kernel's sun12x22 bitmap
font to do text at a low level.
Idk much about containers yet, but I imagine using lowlevel stuff to
make images for a trivial web server running in a container could be interesting.
> Regards,
> Leo
>
I am curious what the commands below would show inside your container.
"pidparents" [1] is a little script I find handy, which would have to be
accessible in your container of course. Idk how you put local bash scripts
in your container. I assume it's possible :)
I did these commands in a debian gnome terminal window, where pidparents[1]
showed (timetagged later, since I just went back to do that) this context:
--8<---------------cut here---------------start------------->8---
[17:29 ~/bs]$ pidparents
pidparents pts/1 5800 S+ /usr/bin/bash /home/bokr/bin/pidparents
bash pts/1 5711 Ss /bin/bash
tilix ? 2007 Sl /usr/bin/tilix --gapplication-service
systemd ? 1308 Ss /lib/systemd/systemd --user
systemd ? 1 Ss /sbin/init splash
--8<---------------cut here---------------end--------------->8---
;;;; First I just look for processes with X11 or way in their names,
;;;; then I use pidparents to see how they are started.
[17:18 ~/bs]$ ps af|egrep -i 'x11|way'
5741 pts/1 S+ 0:00 \_ grep -E -i x11|way
1329 tty2 Ssl+ 0:00 /usr/lib/gdm3/gdm-wayland-session /usr/bin/gnome-session
1433 tty2 Sl+ 0:13 | \_ /usr/bin/Xwayland :0 -rootless -terminate -accessx -core -listen 4 -listen 5 -displayfd 6
1468 tty2 Sl 0:00 /usr/lib/ibus/ibus-x11 --kill-daemon
[17:21 ~/bs]$ pidparents 1329
gdm-wayland-ses tty2 1329 Ssl+ /usr/lib/gdm3/gdm-wayland-session /usr/bin/gnome-session
gdm-session-wor ? 1304 Sl gdm-session-worker [pam/gdm-password]
gdm3 ? 711 Ssl /usr/sbin/gdm3
systemd ? 1 Ss /sbin/init splash
;;;; this one might be the most interesting in your container
;;;; can you SSH into it to do these things?
[17:22 ~/bs]$ pidparents 1433
Xwayland tty2 1433 Sl+ /usr/bin/Xwayland :0 -rootless -terminate -accessx -core -listen 4 -listen 5 -displayfd 6
gnome-shell tty2 1408 Rl+ /usr/bin/gnome-shell
gnome-session-b tty2 1333 Sl+ /usr/lib/gnome-session/gnome-session-binary
gdm-wayland-ses tty2 1329 Ssl+ /usr/lib/gdm3/gdm-wayland-session /usr/bin/gnome-session
gdm-session-wor ? 1304 Sl gdm-session-worker [pam/gdm-password]
gdm3 ? 711 Ssl /usr/sbin/gdm3
systemd ? 1 Ss /sbin/init splash
;;;; not really sure what this one does
[17:22 ~/bs]$ pidparents 1468
ibus-x11 tty2 1468 Sl /usr/lib/ibus/ibus-x11 --kill-daemon
systemd ? 1 Ss /sbin/init splash
;;;; [1] here is pidparents -- pretty short, so you could manually
;;;; enter it if necessary :)
[17:22 ~/bs]$ cat $(which pidparents)|gxsnip
--8<---------------cut here---------------start------------->8---
#!/usr/bin/bash
# ~/bin/pidparents
pid=${1:-$$} #this process if no pid specified as $1
while [ $(($pid)) -gt 0 ]; do
ps h -p $pid -o comm,tt,pid,stat,args
pid=$(ps -q $pid -o ppid=)
done
--8<---------------cut here---------------end--------------->8---
[17:24 ~/bs]$
Hopefully this would reveal a little more about what $DISPLAY means in your container.
WDYT?
--
Regards,
Bengt Richter
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 13 Mar 2021 14:43:22 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 13 09:43:22 2021 Received: from localhost ([127.0.0.1]:59376 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lL5UA-0007Lm-GJ for submit <at> debbugs.gnu.org; Sat, 13 Mar 2021 09:43:22 -0500 Received: from mailrelay.tugraz.at ([129.27.2.202]:25627) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo.prikler@HIDDEN>) id 1lL5U7-0007Lb-V8 for 47106 <at> debbugs.gnu.org; Sat, 13 Mar 2021 09:43:21 -0500 Received: from nijino.local (217-149-164-20.nat.highway.telekom.at [217.149.164.20]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DyQQr3yvHz3wZs; Sat, 13 Mar 2021 15:43:16 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1615646596; bh=Kb6R8bC1dm//a85gyhcSx4DBi4EOdL7Pigq0Ro2VEPI=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=amSPIaLDeMym8FQTQHb67+gSorpETGnpB8+D8Kd039vE8aL3mDRQtmc8OA1HiC6wg hUgQseqWBcnZO7ejKFgJQL4d60G1jmSnliB6NX0V+p2Cesd5OTN/561tsANOSueTOk T897tIRwUDpaIDHL5usvR+T3W3xKKIlBEaHA+qSs= Message-ID: <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= From: Leo Prikler <leo.prikler@HIDDEN> To: Bengt Richter <bokr@HIDDEN> Date: Sat, 13 Mar 2021 15:43:15 +0100 In-Reply-To: <20210313122718.GA11708@LionPure> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> <20210313122718.GA11708@LionPure> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org, Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Am Samstag, den 13.03.2021, 13:27 +0100 schrieb Bengt Richter: > Hi, > > On +2021-03-13 12:07:51 +0100, Leo Prikler wrote: > > Hi! > > Am Samstag, den 13.03.2021, 11:48 +0100 schrieb Ludovic Courtès: > > > Hi! > > > > > > Leo Prikler <leo.prikler@HIDDEN> skribis: > > > > > > > both Epiphany and Eolie (post fixing #47097; will submit patch > > > > shortly) > > > > fail inside Guix containers with the suggested > > > > incantation. After > > > > getting the environment to no longer complain about $DISPLAY by > > > > adding > > > > `--preserve="XAUTHORITY" --expose=$XAUTHORITY', it repeatedly > > > > outputsn > > > > lines like > > > > bwrap: Can't find source path /sys/class: No such file or > > > > directory > > > > before closing the process altogether. > > > > > > What is ‘bwrap’ looking for? /sys is mounted inside ‘guix > > > environment -C’, > > > but perhaps it needs something special? > > > > > > I suggest running these things (or ‘bwrap’ directly) in ‘strace > > > -f -o > > > log’ inside the container to see. > > It seems to be > > > openat(AT_FDCWD, "/sys/class/dmi/id/chassis_type", O_RDONLY) = -1 > > > ENOENT (No such file or directory) > > > openat(AT_FDCWD, "/sys/firmware/acpi/pm_profile", O_RDONLY) = -1 > > > ENOENT (No such file or directory) > > > > I haven't repeated that for all warnings of similar kind, but if I > > add > > `--expose=/sys/block --expose=/sys/class --expose=/sys/bus -- > > expose=/sys/dev --expose=/sys/devices` to the invocation, I instead > > get > > a warning, that the WebKitWebProcess can't open $DISPLAY. I'm not > > sure > > how to resolve that one, given that I already had to sneak DISPLAY > > and > > XAUTHORITY into the container, but it's a start. > > > > Regards, > > Leo > > > Does $DISPLAY mean ":0" and does the Wayland server answer that with > its XWayland X-interface? In my setup $DISPLAY=:1, but obviously the exact value depends on other circumstances (i.e. if there's already an open session belonging to another user it'd be :2, :3, ...). I'm not sure how X vs. Wayland plays out here, but I'm still using Gnome on X, so that should hopefully not be an issue here. > I am wonderering how that is resolved inside a container. Well, for X you'd usually preserve DISPLAY and XAUTHORITY and also expose $XAUTHORITY or something along those lines. Not sure how you Wayland folk do that. Regards, Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 13 Mar 2021 12:27:41 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 13 07:27:41 2021 Received: from localhost ([127.0.0.1]:59247 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lL3Mi-0008OG-Ga for submit <at> debbugs.gnu.org; Sat, 13 Mar 2021 07:27:41 -0500 Received: from imta-36.everyone.net ([216.200.145.36]:52862 helo=imta-38.everyone.net) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <bokr@HIDDEN>) id 1lL3Mg-0008O7-DH for 47106 <at> debbugs.gnu.org; Sat, 13 Mar 2021 07:27:31 -0500 Received: from pps.filterd (m0004960.ppops.net [127.0.0.1]) by imta-38.everyone.net (8.16.0.43/8.16.0.43) with SMTP id 12DCM1qQ003009; Sat, 13 Mar 2021 04:27:29 -0800 X-Eon-Originating-Account: XGDhnEnpFR5j842qCs84PT4-xpOtTMZz8asKZ7sCaqk X-Eon-Dm: m0116787.ppops.net Received: by m0116787.mta.everyone.net (EON-AUTHRELAY2 - 5a81c7fd) id m0116787.603eb1d4.9b34e; Sat, 13 Mar 2021 04:27:27 -0800 X-Eon-Sig: AQMHrIJgTK+vrehdZAIAAAAD,a6f384750298bba74f2adcb1b5d29a54 X-Eip: 7Xk1DqOGza4ZCgUrKELYY7oqCNz1nJNruonUu7owmSM Date: Sat, 13 Mar 2021 13:27:18 +0100 From: Bengt Richter <bokr@HIDDEN> To: Leo Prikler <leo.prikler@HIDDEN> Subject: Re: bug#47106: Bubblewrap =?utf-8?Q?hates_?= =?utf-8?Q?Guix_containers_=F0=9F=98=9E?= Message-ID: <20210313122718.GA11708@LionPure> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> User-Agent: Mutt/1.10.1 (2018-07-13) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-03-13_05:2021-03-12, 2021-03-13 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 lowpriorityscore=0 bulkscore=0 suspectscore=0 priorityscore=1501 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 malwarescore=0 impostorscore=0 phishscore=0 clxscore=1034 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2103130092 X-Spam-Score: 0.3 (/) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org, Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Reply-To: Bengt Richter <bokr@HIDDEN> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.7 (/) Hi, On +2021-03-13 12:07:51 +0100, Leo Prikler wrote: > Hi! > Am Samstag, den 13.03.2021, 11:48 +0100 schrieb Ludovic Courtès: > > Hi! > > > > Leo Prikler <leo.prikler@HIDDEN> skribis: > > > > > both Epiphany and Eolie (post fixing #47097; will submit patch > > > shortly) > > > fail inside Guix containers with the suggested incantation. After > > > getting the environment to no longer complain about $DISPLAY by > > > adding > > > `--preserve="XAUTHORITY" --expose=$XAUTHORITY', it repeatedly > > > outputsn > > > lines like > > > bwrap: Can't find source path /sys/class: No such file or directory > > > before closing the process altogether. > > > > What is ‘bwrap’ looking for? /sys is mounted inside ‘guix > > environment -C’, > > but perhaps it needs something special? > > > > I suggest running these things (or ‘bwrap’ directly) in ‘strace -f -o > > log’ inside the container to see. > It seems to be > > openat(AT_FDCWD, "/sys/class/dmi/id/chassis_type", O_RDONLY) = -1 > > ENOENT (No such file or directory) > > openat(AT_FDCWD, "/sys/firmware/acpi/pm_profile", O_RDONLY) = -1 > > ENOENT (No such file or directory) > > I haven't repeated that for all warnings of similar kind, but if I add > `--expose=/sys/block --expose=/sys/class --expose=/sys/bus -- > expose=/sys/dev --expose=/sys/devices` to the invocation, I instead get > a warning, that the WebKitWebProcess can't open $DISPLAY. I'm not sure > how to resolve that one, given that I already had to sneak DISPLAY and > XAUTHORITY into the container, but it's a start. > > Regards, > Leo > Does $DISPLAY mean ":0" and does the Wayland server answer that with its XWayland X-interface? I am wonderering how that is resolved inside a container. HTH with the detective work ;) -- Regards, Bengt Richter
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 13 Mar 2021 11:08:02 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 13 06:08:02 2021 Received: from localhost ([127.0.0.1]:59171 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lL27l-00068k-Lb for submit <at> debbugs.gnu.org; Sat, 13 Mar 2021 06:08:02 -0500 Received: from mailrelay.tugraz.at ([129.27.2.202]:10851) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo.prikler@HIDDEN>) id 1lL27f-00068O-CI for 47106 <at> debbugs.gnu.org; Sat, 13 Mar 2021 06:08:00 -0500 Received: from nijino.local (217-149-164-20.nat.highway.telekom.at [217.149.164.20]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DyKfJ1Y7qz3xrS; Sat, 13 Mar 2021 12:07:51 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1615633672; bh=ApR0+zkLF+XtV5bI0Cbk4PWZqoas3plWSCKKuzkRBcQ=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=vAipQzpzQNNPrFwgASVbLtWxsHMbm+0b6sGzxkyncurWDqr3MZW9oZkPdjt1dtbq4 9ZDS4T8b5wXWSzYYm9KnYyRxrs/Iw8/lEV/SvXTMSYgZ3RJFpI5KQzt1MBRE8hZhxx +ukIAftmb2lN5wpmhyrzcnbnTwxOHi8J+6V+Q66Q= Message-ID: <2922127e61435e64f95d3d398ef6932a02336188.camel@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= From: Leo Prikler <leo.prikler@HIDDEN> To: Ludovic =?ISO-8859-1?Q?Court=E8s?= <ludo@HIDDEN> Date: Sat, 13 Mar 2021 12:07:51 +0100 In-Reply-To: <87r1kjpbvx.fsf@HIDDEN> References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> <87r1kjpbvx.fsf@HIDDEN> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -3.3 (---) Hi! Am Samstag, den 13.03.2021, 11:48 +0100 schrieb Ludovic Courtès: > Hi! > > Leo Prikler <leo.prikler@HIDDEN> skribis: > > > both Epiphany and Eolie (post fixing #47097; will submit patch > > shortly) > > fail inside Guix containers with the suggested incantation. After > > getting the environment to no longer complain about $DISPLAY by > > adding > > `--preserve="XAUTHORITY" --expose=$XAUTHORITY', it repeatedly > > outputs > > lines like > > bwrap: Can't find source path /sys/class: No such file or directory > > before closing the process altogether. > > What is ‘bwrap’ looking for? /sys is mounted inside ‘guix > environment -C’, > but perhaps it needs something special? > > I suggest running these things (or ‘bwrap’ directly) in ‘strace -f -o > log’ inside the container to see. It seems to be > openat(AT_FDCWD, "/sys/class/dmi/id/chassis_type", O_RDONLY) = -1 > ENOENT (No such file or directory) > openat(AT_FDCWD, "/sys/firmware/acpi/pm_profile", O_RDONLY) = -1 > ENOENT (No such file or directory) I haven't repeated that for all warnings of similar kind, but if I add `--expose=/sys/block --expose=/sys/class --expose=/sys/bus -- expose=/sys/dev --expose=/sys/devices` to the invocation, I instead get a warning, that the WebKitWebProcess can't open $DISPLAY. I'm not sure how to resolve that one, given that I already had to sneak DISPLAY and XAUTHORITY into the container, but it's a start. Regards, Leo
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at 47106) by debbugs.gnu.org; 13 Mar 2021 10:49:02 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 13 05:49:02 2021 Received: from localhost ([127.0.0.1]:59137 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lL1pN-0005eh-T1 for submit <at> debbugs.gnu.org; Sat, 13 Mar 2021 05:49:02 -0500 Received: from eggs.gnu.org ([209.51.188.92]:50732) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1lL1pL-0005eN-Je for 47106 <at> debbugs.gnu.org; Sat, 13 Mar 2021 05:49:00 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:60535) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1lL1pE-0001fL-EI; Sat, 13 Mar 2021 05:48:52 -0500 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=35676 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from <ludo@HIDDEN>) id 1lL1pD-00013C-R1; Sat, 13 Mar 2021 05:48:52 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Leo Prikler <leo.prikler@HIDDEN> Subject: Re: bug#47106: Bubblewrap hates Guix containers =?utf-8?Q?=F0=9F=98=9E?= References: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> Date: Sat, 13 Mar 2021 11:48:50 +0100 In-Reply-To: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> (Leo Prikler's message of "Fri, 12 Mar 2021 18:43:55 +0100") Message-ID: <87r1kjpbvx.fsf@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 47106 Cc: 47106 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -1.7 (-) Hi! Leo Prikler <leo.prikler@HIDDEN> skribis: > both Epiphany and Eolie (post fixing #47097; will submit patch shortly) > fail inside Guix containers with the suggested incantation. After > getting the environment to no longer complain about $DISPLAY by adding > `--preserve=3D"XAUTHORITY" --expose=3D$XAUTHORITY', it repeatedly outputs > lines like > bwrap: Can't find source path /sys/class: No such file or directory > before closing the process altogether. What is =E2=80=98bwrap=E2=80=99 looking for? /sys is mounted inside =E2=80= =98guix environment -C=E2=80=99, but perhaps it needs something special? I suggest running these things (or =E2=80=98bwrap=E2=80=99 directly) in =E2= =80=98strace -f -o log=E2=80=99 inside the container to see. Thanks, Ludo=E2=80=99.
bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.Received: (at submit) by debbugs.gnu.org; 12 Mar 2021 17:44:13 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri Mar 12 12:44:13 2021 Received: from localhost ([127.0.0.1]:58283 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1lKlpd-0001lb-HW for submit <at> debbugs.gnu.org; Fri, 12 Mar 2021 12:44:13 -0500 Received: from lists.gnu.org ([209.51.188.17]:46320) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <leo.prikler@HIDDEN>) id 1lKlpb-0001lT-DN for submit <at> debbugs.gnu.org; Fri, 12 Mar 2021 12:44:12 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:35410) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <leo.prikler@HIDDEN>) id 1lKlpY-0000oA-AR for bug-guix@HIDDEN; Fri, 12 Mar 2021 12:44:09 -0500 Received: from mailrelay.tugraz.at ([129.27.2.202]:14318) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <leo.prikler@HIDDEN>) id 1lKlpT-0000NF-9c for bug-guix@HIDDEN; Fri, 12 Mar 2021 12:44:07 -0500 Received: from nijino.local (217-149-164-20.nat.highway.telekom.at [217.149.164.20]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DxtTn08LHz1LBCr for <bug-guix@HIDDEN>; Fri, 12 Mar 2021 18:43:56 +0100 (CET) DKIM-Filter: OpenDKIM Filter v2.11.0 mailrelay.tugraz.at 4DxtTn08LHz1LBCr DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1615571037; bh=85T5Fpvy2hrtWXC+3OIVaqci6beWKTAD74RWgYfPnE0=; h=Subject:From:To:Date:From; b=T+CRMWvSRkUFA8+AonWyMIb2ojrkIsFFiU3B7hW/lD4DJErCWG0oRMs+zdY1nFP/l /Bpp9NqSGGJLcmGrOw1THa6GOoKPYTlw9V5dLw0pyQ8PmKLGsXGcJpL9xNRTBqdKcC pxLBDCkqJ+UQw7kZ4oL/xz6rSvmNq/svlusXyOEk= Message-ID: <fbb3401a61ae78f092b33b7a36428f8520a7a6bd.camel@HIDDEN> Subject: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= From: Leo Prikler <leo.prikler@HIDDEN> To: bug-guix@HIDDEN Date: Fri, 12 Mar 2021 18:43:55 +0100 Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.117 Received-SPF: pass client-ip=129.27.2.202; envelope-from=leo.prikler@HIDDEN; helo=mailrelay.tugraz.at X-Spam_score_int: -42 X-Spam_score: -4.3 X-Spam_bar: ---- X-Spam_report: (-4.3 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -2.3 (--) Hi Guix, both Epiphany and Eolie (post fixing #47097; will submit patch shortly) fail inside Guix containers with the suggested incantation. After getting the environment to no longer complain about $DISPLAY by adding `--preserve="XAUTHORITY" --expose=$XAUTHORITY', it repeatedly outputs lines like bwrap: Can't find source path /sys/class: No such file or directory before closing the process altogether. Regards, Leo
Leo Prikler <leo.prikler@HIDDEN>:bug-guix@HIDDEN.
Full text available.bug-guix@HIDDEN:bug#47106; Package guix.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.