From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ludovic =?UTF-8?Q?Court=C3=A8s?= Subject: bug#35662: Really relocatable binaries crash with Permission denied Date: Wed, 15 May 2019 18:15:19 +0200 Message-ID: <87d0kju220.fsf@gnu.org> References: <87o94ax9lw.fsf@gnu.org> <20190511050518.ozmvhsov6meg6g5f@pelzflorian.localdomain> <87ftpivlnv.fsf@gnu.org> <20190513103440.xkri3uk2oxtk4rn6@pelzflorian.localdomain> <87r292qx30.fsf@gnu.org> <20190513151736.ffbuofr3vmyqaoov@pelzflorian.localdomain> <87tvdyozra.fsf@gnu.org> <20190513204524.ozcnp6faamrbfkcv@pelzflorian.localdomain> <20190514080525.xspgsob6payn2ioa@pelzflorian.localdomain> <87h89wydf7.fsf@gnu.org> <20190514210453.2p7x3ibpgohwaxot@pelzflorian.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([209.51.188.92]:56029) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hQwZX-0003K1-Fw for bug-guix@gnu.org; Wed, 15 May 2019 12:16:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hQwZW-0000ev-IR for bug-guix@gnu.org; Wed, 15 May 2019 12:16:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:39695) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hQwZW-0000ej-E1 for bug-guix@gnu.org; Wed, 15 May 2019 12:16:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hQwZW-0002lf-95 for bug-guix@gnu.org; Wed, 15 May 2019 12:16:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20190514210453.2p7x3ibpgohwaxot@pelzflorian.localdomain> (pelzflorian@pelzflorian.de's message of "Tue, 14 May 2019 23:04:53 +0200") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: "pelzflorian (Florian Pelz)" Cc: 35662@debbugs.gnu.org Hi, "pelzflorian (Florian Pelz)" skribis: > Do I understand correctly that user namespaces are not really disabled > (?) but fail on ZFS? Correct. Specifically, read-only bind mounts of (and to?) files that reside on ZFS fail with EACCESS, which is normally =E2=80=9Cimpossible.=E2= =80=9D It would be great if you could ask the admins specifically what they did in relation to user namespaces. >> I don=E2=80=99t have any great option to offer. You could perhaps modify >> run-in-namespace.c so that it doesn=E2=80=99t even try user namespaces a= nd >> instead goes directly to the PRoot option? >> >> However working around this behavior of ZFS it not completely trivial >> and I=E2=80=99m not sure we should put much energy to paper over non-sta= ndard >> file system behavior. >>=20 >> Thoughts? >> > > If ZFS makes user namespaces fail, then could run-un-namespace.c fall > back to PRoot when detecting ZFS, somehow? It=E2=80=99s code, so everything is possible :-), but like I wrote it=E2=80= =99s a bit of work, and it=E2=80=99s something that cannot happen (AFAIK) with file syste= ms that are part of Linux. Thanks, Ludo=E2=80=99.