bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#35662: Really relocatable binaries crash with Permission denied

From: Ludovic Courtès
Subject: bug#35662: Really relocatable binaries crash with Permission denied
Date: Mon, 13 May 2019 15:54:11 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) 
Hi Florian,

"pelzflorian (Florian Pelz)" <address@hidden> skribis:

> 32476 clone(child_stack=NULL, flags=CLONE_NEWNS|CLONE_NEWUSER|SIGCHLD) = 32477

[...]

> 32477 mount("//lib", "/tmp/guix-exec-eqHoYA/lib", 0x47e0c5, 
> MS_RDONLY|MS_BIND|MS_REC, NULL) = -1 EACCES (Permission denied)
> 32477 mkdir("/tmp/guix-exec-eqHoYA/home", 0700) = 0
> 32477 mount("//home", "/tmp/guix-exec-eqHoYA/home", 0x47e0c5, 
> MS_RDONLY|MS_BIND|MS_REC, NULL) = -1 EACCES (Permission denied)

This is weird.  On a machine without Guix and with “proper” user
namespace support, I see:

--8<---------------cut here---------------start------------->8---
4519  clone(child_stack=0, flags=CLONE_NEWNS|CLONE_NEWUSER|SIGCHLD) = 4520

[...]

4520  mkdir("/tmp/guix-exec-4lVNRO/tmp", 0700) = 0
4520  mount("//tmp", "/tmp/guix-exec-4lVNRO/tmp", 0x47e0cc, 
MS_RDONLY|MS_BIND|MS_REC, NULL) = 0
4520  mkdir("/tmp/guix-exec-4lVNRO/boot", 0700) = 0
4520  mount("//boot", "/tmp/guix-exec-4lVNRO/boot", 0x47e0cc, 
MS_RDONLY|MS_BIND|MS_REC, NULL) = 0
--8<---------------cut here---------------end--------------->8---

That is, all bind-mount operations in the child process, which lives in
a separate namespace, succeed.

Can you show the mount options of you root file system?

  mount | grep 'on / '

What’s the exit code of this command:

  guile -c '((@@ (guix scripts environment) assert-container-features))'

?

Thanks for helping out!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]