From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id SJ5qNth1TmDBQgAA0tVLHw (envelope-from ) for ; Sun, 14 Mar 2021 20:45:12 +0000 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id yOEZMth1TmCTXgAAbx9fmQ (envelope-from ) for ; Sun, 14 Mar 2021 20:45:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 220AA25DF6 for ; Sun, 14 Mar 2021 21:45:12 +0100 (CET) Received: from localhost ([::1]:48378 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lLXbr-0000EM-B1 for larch@yhetil.org; Sun, 14 Mar 2021 16:45:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:47938) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lLXbi-0000E2-Q2 for bug-guix@gnu.org; Sun, 14 Mar 2021 16:45:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:50977) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lLXbi-0004bs-Ht for bug-guix@gnu.org; Sun, 14 Mar 2021 16:45:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lLXbi-0001il-EQ for bug-guix@gnu.org; Sun, 14 Mar 2021 16:45:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#47106: Bubblewrap hates Guix containers =?UTF-8?Q?=F0=9F=98=9E?= Resent-From: Leo Prikler Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sun, 14 Mar 2021 20:45:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47106 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 47106-submit@debbugs.gnu.org id=B47106.16157546446532 (code B ref 47106); Sun, 14 Mar 2021 20:45:02 +0000 Received: (at 47106) by debbugs.gnu.org; 14 Mar 2021 20:44:04 +0000 Received: from localhost ([127.0.0.1]:34289 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLXam-0001hH-DA for submit@debbugs.gnu.org; Sun, 14 Mar 2021 16:44:04 -0400 Received: from mailrelay.tugraz.at ([129.27.2.202]:24962) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lLXak-0001gi-9l for 47106@debbugs.gnu.org; Sun, 14 Mar 2021 16:44:03 -0400 Received: from nijino.local (217-149-164-20.nat.highway.telekom.at [217.149.164.20]) by mailrelay.tugraz.at (Postfix) with ESMTPSA id 4DzBNZ6J3fz3xm8; Sun, 14 Mar 2021 21:43:58 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tugraz.at; s=mailrelay; t=1615754639; bh=gT5Fr9o0EmxTYR0v3N9bfvjnpU39C3GqoiPRU0nX6Ho=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=DzaMRcBUjEEWJ01FuDG6ojuVGAfXTm8YPsK+ZH1EvoHDjgDhPEDDnjsLooc1K6KnP vZYKjcipoCMfRQqybVEOn7uEO9oyOkjKDTo87ulNqvlUOMxkqcQTletkv+/SrhV01W nxkkCoeUoEXSJ+RruoQLbKetvnlumoAEzITR7VT0= Message-ID: <6c6b39f495962ec906255cac212b66962d549eab.camel@student.tugraz.at> From: Leo Prikler Date: Sun, 14 Mar 2021 21:43:57 +0100 In-Reply-To: <87sg4xlbn0.fsf@gnu.org> References: <87r1kjpbvx.fsf@gnu.org> <2922127e61435e64f95d3d398ef6932a02336188.camel@student.tugraz.at> <20210313122718.GA11708@LionPure> <20210313170704.GA3712@LionPure> <20210314174539.GA10548@LionPure> <87sg4xlbn0.fsf@gnu.org> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TUG-Backscatter-control: bt4lQm5Tva3SBgCuw0EnZw X-Spam-Scanner: SpamAssassin 3.003001 X-Spam-Score-relay: -1.9 X-Scanned-By: MIMEDefang 2.74 on 129.27.10.116 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 47106@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1615754712; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=gT5Fr9o0EmxTYR0v3N9bfvjnpU39C3GqoiPRU0nX6Ho=; b=CbGC8E+v3HfqgQl4j/Y6r9HWbvnGl63nBh8C7vVWD5aWQUXegYx9Fsw9GM9fcUYuZBNey1 EU2TE10WXkZRocKkJaq1KzMPx/fQcTGAKS15K/wiT69yLi6o5OWifpkhVkJaiNfu+x72pB naBspG2x+V7xEuOc290oTNDvSWYSsJB5pjVQbID5u72RBfxGwfX6T2khIU7vDDzfVZ/Cxj 3d3a1Y/KNagXFGUaSAYTkFTgbfxJTnQjvKh6RUDTtHwSszJrkQsdNxVvM2z39CsBjVXR9v E5auuhe66IlNxjauW5H2611U4ew+grSNmMKGVe9KXHHZXKtYcDYIWbLhT5IytQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1615754712; a=rsa-sha256; cv=none; b=BVmFG3v9GHu7Yh4w6De43GBJqN3VGfkRcefHUkxiTFcGpsexpQiRaMimUWH951RP5oywXo VUabdlVqNMWXTAHA8TZ9wGRVdCPecI2Z50yK2wSYcwI7NiiUKfTKDnkXrBRsIMYC9A3Mlz pD3+r0dfe1ukMN2EwjPBSmkuIIvGgzu+dsCz3pt7cd4CGyEtwAzFZTUpBZbglxVcOJ9jO6 afWr6UrNELkDAoEAuLRX3eSpMsEgx1l44Yj8pMDvmmoscOhU2VMsTad9psCCtErHuRFkJS m6yyXOdfN738y9UReI7TFXiOd/qeEc6TGKwDv8+2BjnjPbJr0DsS0e+j+1PHQA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=tugraz.at header.s=mailrelay header.b=DzaMRcBU; dmarc=fail reason="SPF not aligned (relaxed)" header.from=student.tugraz.at (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: -1.30 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=tugraz.at header.s=mailrelay header.b=DzaMRcBU; dmarc=fail reason="SPF not aligned (relaxed)" header.from=student.tugraz.at (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: 220AA25DF6 X-Spam-Score: -1.30 X-Migadu-Scanner: scn0.migadu.com X-TUID: ojhQXkv3F9bG Am Sonntag, den 14.03.2021, 21:32 +0100 schrieb Ludovic Courtès: > Hi Leo, > > Leo Prikler skribis: > > > Nah, it's a rather ad-hoc definition grown from what should be an > > Eolie > > container from the cookbook (also refer to #47097). > > > > guix environment --preserve='^DISPLAY$' --preserve=XAUTHORITY \ > > --preserve=TERM \ > > --expose=$XAUTHORITY \ > > --expose=/etc/machine-id \ > > --expose=/etc/ssl/certs/ \ > > --expose=/sys/block --expose=/sys/class --expose=/sys/bus \ > > --expose=/sys/dev --expose=/sys/devices \ > > --ad-hoc epiphany nss-certs dbus procps coreutils psmisc > > screen > > I’m not sure I follow; does it work when you do this? It does work insofar as I don't get any warnings about resources missing from /sys, but the bubblewrapped WebKit processes don't have access to $DISPLAY even though epiphany itself has. While they don't crash the browser itself and just infinitely respawn, that's still far from usable. > /sys is already mounted inside ‘guix environment -C’ containers so I > don’t see what difference it would make. I think I've been told this several times, but I don't believe it. Not adding all these expose=/sys lines triggers the "warnings" in the original post. (Okay, perhaps one of /sys/dev and /sys/devices is superfluous, I would need to check.) > But wait, the example above lacks ‘-C’; a mistake? Indeed, -CN should also be given, but I hastily edited the command line inside the email to make it appear more beautiful than it actually is, thereby deleting it. I'm sorry. The preserves and exposes should be the same list as I'm actually using however. Regards, Leo