From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp0 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id sHlyO7F+mF94awAA0tVLHw
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 27 Oct 2020 20:10:25 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0 with LMTPS
	id 0LhON7F+mF/ZAgAA1q6Kng
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Tue, 27 Oct 2020 20:10:25 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 6E94A9402A8
	for <larch@yhetil.org>; Tue, 27 Oct 2020 20:10:25 +0000 (UTC)
Received: from localhost ([::1]:36594 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1kXVIW-0005xD-7m
	for larch@yhetil.org; Tue, 27 Oct 2020 16:10:24 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:58338)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1kXVIA-0005jP-TI
 for bug-guix@gnu.org; Tue, 27 Oct 2020 16:10:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:34459)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1kXVIA-0002BN-KN
 for bug-guix@gnu.org; Tue, 27 Oct 2020 16:10:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1kXVIA-0006Sq-Fe
 for bug-guix@gnu.org; Tue, 27 Oct 2020 16:10:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#44261: running a daemon with userns in relocateble pack breaks
Resent-From: Jan Nieuwenhuizen <janneke@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Tue, 27 Oct 2020 20:10:02 +0000
Resent-Message-ID: <handler.44261.B44261.160382935924772@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 44261
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 44261@debbugs.gnu.org
Received: via spool by 44261-submit@debbugs.gnu.org id=B44261.160382935924772
 (code B ref 44261); Tue, 27 Oct 2020 20:10:02 +0000
Received: (at 44261) by debbugs.gnu.org; 27 Oct 2020 20:09:19 +0000
Received: from localhost ([127.0.0.1]:46001 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1kXVHO-0006RP-Ow
 for submit@debbugs.gnu.org; Tue, 27 Oct 2020 16:09:19 -0400
Received: from eggs.gnu.org ([209.51.188.92]:57868)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <janneke@gnu.org>) id 1kXVHN-0006RD-14
 for 44261@debbugs.gnu.org; Tue, 27 Oct 2020 16:09:13 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:57684)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <janneke@gnu.org>)
 id 1kXVHF-000222-QR; Tue, 27 Oct 2020 16:09:05 -0400
Received: from [2001:980:1b4f:1:42d2:832d:bb59:862] (port=55458
 helo=dundal.janneke.lilypond.org)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <janneke@gnu.org>)
 id 1kXVHE-0008GW-Fb; Tue, 27 Oct 2020 16:09:05 -0400
From: Jan Nieuwenhuizen <janneke@gnu.org>
Organization: AvatarAcademy.nl
References: <87blgn30w0.fsf@gnu.org>
X-Url: http://AvatarAcademy.nl
Date: Tue, 27 Oct 2020 21:09:02 +0100
In-Reply-To: <87blgn30w0.fsf@gnu.org> (Jan Nieuwenhuizen's message of "Tue, 27
 Oct 2020 20:49:19 +0100")
Message-ID: <875z6v2zz5.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
X-Spam-Score: -2.3 (--)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-Spam-Score: -1.0 (-)
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+larch=yhetil.org@gnu.org>
X-Scanner: scn0
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=pass (policy=none) header.from=gnu.org;
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Spam-Score: -1.51
X-TUID: 8/0lXlgQsert

--=-=-=
Content-Type: text/plain

Jan Nieuwenhuizen writes:

Hi!

I tried the hint from Ludovic to use MS_PRIVATE in the attached patch
and that works for me; not sure if we want a test and even less sure how
to write that...

Janneke


--=-=-=
Content-Type: text/x-patch; charset=utf-8
Content-Disposition: inline;
 filename=0001-pack-Support-running-of-daemons-in-user-namespace-ba.patch
Content-Transfer-Encoding: quoted-printable

>From fd3104608c3fa6a2375b6c7df0862e5479976b39 Mon Sep 17 00:00:00 2001
From: "Jan (janneke) Nieuwenhuizen" <janneke@gnu.org>
Date: Tue, 27 Oct 2020 20:55:11 +0100
Subject: [PATCH] pack: Support running of daemons in user namespace-based
 relocation.
MIME-Version: 1.0
Content-Type: text/plain; charset=3DUTF-8
Content-Transfer-Encoding: 8bit
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=3DUTF-8

Add relocation via ld.so and fakechroot.
Fixes <https://bugs.gnu.org/44261>.

* gnu/packages/aux-files/run-in-namespace.c (bind_mount): Add 'MS_PRIVATE' =
to
avoid unmounting the bind mount when parent process exits.

Co-authored-by: Ludovic Court=C3=A8s <ludo@gnu.org>
---
 gnu/packages/aux-files/run-in-namespace.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/aux-files/run-in-namespace.c b/gnu/packages/aux-f=
iles/run-in-namespace.c
index 52a16a5362..67cea4fcd5 100644
--- a/gnu/packages/aux-files/run-in-namespace.c
+++ b/gnu/packages/aux-files/run-in-namespace.c
@@ -1,5 +1,6 @@
 /* GNU Guix --- Functional package management for GNU
    Copyright (C) 2018, 2019, 2020 Ludovic Court=C3=A8s <ludo@gnu.org>
+   Copyright (C) 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
=20
    This file is part of GNU Guix.
=20
@@ -138,7 +139,7 @@ bind_mount (const char *source, const struct dirent *en=
try,
     close (open (target, O_WRONLY | O_CREAT));
=20
   return mount (source, target, "none",
-		MS_BIND | MS_REC | MS_RDONLY, NULL);
+		MS_BIND | MS_PRIVATE | MS_REC | MS_RDONLY, NULL);
 }
=20
 #if HAVE_EXEC_WITH_LOADER
--=20
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar=C2=AE http://AvatarAcademy.com


--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable


--=20
Jan Nieuwenhuizen <janneke@gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar=C2=AE http://AvatarAcademy.com

--=-=-=--