From: "pelzflorian (Florian Pelz)" <pelzflorian@pelzflorian.de>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: 35662@debbugs.gnu.org
Subject: bug#35662: Really relocatable binaries crash with Permission denied
Date: Sat, 11 May 2019 07:05:18 +0200 [thread overview]
Message-ID: <20190511050518.ozmvhsov6meg6g5f@pelzflorian.localdomain> (raw)
In-Reply-To: <87o94ax9lw.fsf@gnu.org>
On Fri, May 10, 2019 at 11:50:19PM +0200, Ludovic Courtès wrote:
> That suggests the wrapper chose the user namespace method (not PRoot),
> but that didn’t quite work.
>
> Could you post the output of:
>
> strace ./mybin/sh
>
> ?
>
[f_pelz12@tux6 ~]$ strace ./mybin/sh
execve("./mybin/sh", ["./mybin/sh"], 0x7fffcdf87290 /* 39 vars */) = 0
brk(NULL) = 0x2301000
brk(0x23021c0) = 0x23021c0
arch_prctl(ARCH_SET_FS, 0x2301880) = 0
uname({sysname="Linux", nodename="tux6", ...}) = 0
readlink("/proc/self/exe", "/home/f_pelz12/gnu/store/wl2l59l"..., 4096) = 77
brk(0x23231c0) = 0x23231c0
brk(0x2324000) = 0x2324000
readlink("/proc/self/exe", "/home/f_pelz12/gnu/store/wl2l59l"..., 4095) = 77
lstat("/gnu/store/qn1ax1fkj16x280m1rv7mcimfmn9l2pf-bash-4.4.23/bin/sh", 0x7ffd9741c980) = -1 ENOENT (No such file or directory)
gettimeofday({tv_sec=1557550876, tv_usec=116037}, NULL) = 0
getpid() = 28923
mkdir("/tmp/guix-exec-ABt7cT", 0700) = 0
stat(".", {st_mode=S_IFDIR|0700, st_size=113, ...}) = 0
stat("/home/f_pelz12", {st_mode=S_IFDIR|0700, st_size=113, ...}) = 0
clone(child_stack=NULL, flags=CLONE_NEWNS|CLONE_NEWUSER|SIGCHLD) = 28924
openat(AT_FDCWD, "/proc/28924/setgroups", O_WRONLY) = 3
write(3, "deny\0", 5) = 5
close(3) = 0
getuid() = 24038
openat(AT_FDCWD, "/proc/28924/uid_map", O_WRONLY) = 3
write(3, "24038 24038 1\n", 14) = 14
close(3) = 0
getgid() = 10004
openat(AT_FDCWD, "/proc/28924/gid_map", O_WRONLY) = 3
write(3, "10004 10004 1\n", 14) = 14
close(3) = 0
wait4(28924, sh: run.c:162: bind_mount: Unexpected error: Permission denied.
[{WIFSIGNALED(s) && WTERMSIG(s) == SIGABRT}], 0, NULL) = 28924
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=28924, si_uid=24038, si_status=SIGABRT, si_utime=0, si_stime=0} ---
chdir("/") = 0
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0700, st_size=25, ...}) = 0
getdents64(3, /* 25 entries */, 131072) = 632
unlink("/tmp/guix-exec-ABt7cT/home") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/home", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
mmap(NULL, 135168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4e71c68000
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
munmap(0x7f4e71c68000, 135168) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/home") = 0
unlink("/tmp/guix-exec-ABt7cT/tmp") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/tmp", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
brk(0x2363000) = 0x2363000
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/tmp") = 0
unlink("/tmp/guix-exec-ABt7cT/mnt") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/mnt", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/mnt") = 0
unlink("/tmp/guix-exec-ABt7cT/sys") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/sys", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/sys") = 0
unlink("/tmp/guix-exec-ABt7cT/libx32") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/libx32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/libx32") = 0
unlink("/tmp/guix-exec-ABt7cT/opt") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/opt", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/opt") = 0
unlink("/tmp/guix-exec-ABt7cT/srv") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/srv", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/srv") = 0
unlink("/tmp/guix-exec-ABt7cT/dev") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/dev", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/dev") = 0
unlink("/tmp/guix-exec-ABt7cT/var") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/var", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/var") = 0
unlink("/tmp/guix-exec-ABt7cT/sbin") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/sbin", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/sbin") = 0
unlink("/tmp/guix-exec-ABt7cT/lib64") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/lib64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/lib64") = 0
unlink("/tmp/guix-exec-ABt7cT/lib32") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/lib32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/lib32") = 0
unlink("/tmp/guix-exec-ABt7cT/media") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/media", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/media") = 0
unlink("/tmp/guix-exec-ABt7cT/usr") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/usr", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/usr") = 0
unlink("/tmp/guix-exec-ABt7cT/bin") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/bin", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/bin") = 0
unlink("/tmp/guix-exec-ABt7cT/boot") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/boot", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/boot") = 0
unlink("/tmp/guix-exec-ABt7cT/etc") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/etc", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/etc") = 0
unlink("/tmp/guix-exec-ABt7cT/run") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/run", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/run") = 0
unlink("/tmp/guix-exec-ABt7cT/core") = 0
unlink("/tmp/guix-exec-ABt7cT/snap") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/snap", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/snap") = 0
unlink("/tmp/guix-exec-ABt7cT/lib") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/lib", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/lib") = 0
unlink("/tmp/guix-exec-ABt7cT/proc") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/proc", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/proc") = 0
unlink("/tmp/guix-exec-ABt7cT/root") = -1 EISDIR (Is a directory)
openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/root", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4
fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0
getdents64(4, /* 2 entries */, 131072) = 48
getdents64(4, /* 0 entries */, 131072) = 0
close(4) = 0
rmdir("/tmp/guix-exec-ABt7cT/root") = 0
getdents64(3, /* 0 entries */, 131072) = 0
close(3) = 0
rmdir("/tmp/guix-exec-ABt7cT") = 0
exit_group(6) = ?
+++ exited with 6 +++
Thank you for looking into it!
Regards,
Florian
next prev parent reply other threads:[~2019-05-11 5:15 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-09 22:01 bug#35662: Really relocatable binaries crash with Permission denied pelzflorian (Florian Pelz)
2019-05-10 5:54 ` pelzflorian (Florian Pelz)
2019-05-10 21:50 ` Ludovic Courtès
2019-05-11 5:05 ` pelzflorian (Florian Pelz) [this message]
2019-05-13 7:49 ` Ludovic Courtès
2019-05-13 10:34 ` pelzflorian (Florian Pelz)
2019-05-13 13:54 ` Ludovic Courtès
2019-05-13 15:17 ` pelzflorian (Florian Pelz)
2019-05-13 20:39 ` Ludovic Courtès
2019-05-13 20:45 ` pelzflorian (Florian Pelz)
2019-05-14 8:05 ` pelzflorian (Florian Pelz)
2019-05-14 20:43 ` Ludovic Courtès
2019-05-14 21:04 ` pelzflorian (Florian Pelz)
2019-05-15 16:15 ` Ludovic Courtès
2019-05-15 15:20 ` Giovanni Biscuolo
2019-05-16 11:02 ` pelzflorian (Florian Pelz)
2019-05-16 11:10 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190511050518.ozmvhsov6meg6g5f@pelzflorian.localdomain \
--to=pelzflorian@pelzflorian.de \
--cc=35662@debbugs.gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).