unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed
* bug#64014: guix pack regression
@ 2023-06-12 12:59 André A. Gomes
  2023-06-15 15:57 ` Ludovic Courtès
  0 siblings, 1 reply; 6+ messages in thread
From: André A. Gomes @ 2023-06-12 12:59 UTC (permalink / raw)
  To: 64014

Hello Guix,

I've produced a guix pack with the same command that I've always used
(which includes passing the -RR flag), but I now get the following
message:

--8<---------------cut here---------------start------------->8---
bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.
--8<---------------cut here---------------end--------------->8---

Any ideas?  Thanks.


Guix version:

--8<---------------cut here---------------start------------->8---
  guix f36b8a9
    repository URL: https://git.savannah.gnu.org/git/guix.git
    branch: master
    commit: f36b8a9763087d2b9d3705595fbc34b054297ab8
--8<---------------cut here---------------end--------------->8---

-- 
André A. Gomes
"You cannot even find the ruins..."




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#64014: guix pack regression
  2023-06-12 12:59 bug#64014: guix pack regression André A. Gomes
@ 2023-06-15 15:57 ` Ludovic Courtès
  2023-06-15 16:10   ` André A. Gomes
  0 siblings, 1 reply; 6+ messages in thread
From: Ludovic Courtès @ 2023-06-15 15:57 UTC (permalink / raw)
  To: André A. Gomes; +Cc: 64014

Hi,

André A. Gomes <andremegafone@gmail.com> skribis:

> I've produced a guix pack with the same command that I've always used
> (which includes passing the -RR flag), but I now get the following
> message:
>
> bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.

This message is apparently from bubblewrap, not from Guix.

I suppose you might get this is you do ‘guix pack -R bubblewrap’ and
then try to run ‘bwrap’ from that pack: the ‘bwrap’ executable already
runs in a separate user namespace and might be unable to create one (?).

HTH,
Ludo’.




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#64014: guix pack regression
  2023-06-15 15:57 ` Ludovic Courtès
@ 2023-06-15 16:10   ` André A. Gomes
  2023-06-17 14:08     ` Ludovic Courtès
  0 siblings, 1 reply; 6+ messages in thread
From: André A. Gomes @ 2023-06-15 16:10 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 64014

Ludovic Courtès <ludo@gnu.org> writes:

> I suppose you might get this is you do ‘guix pack -R bubblewrap’ and
> then try to run ‘bwrap’ from that pack: the ‘bwrap’ executable already
> runs in a separate user namespace and might be unable to create one (?).

Hi Ludovic,

Thanks for the answer.  You've helped me to figure it out.  The guix
pack I've created has webkitgtk in it, which in turn uses bubblewrap.

However, I didn't have this issue in the past.  It could be that
webkitgtk changed something in their logic perhaps.  I'd have to look
deeper.

Another strategy would be to try to reproduce your recipe in an older
Guix version to see what happens (guix pack -R bubblewrap followed by
bwrap).


-- 
André A. Gomes
"You cannot even find the ruins..."




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#64014: guix pack regression
  2023-06-15 16:10   ` André A. Gomes
@ 2023-06-17 14:08     ` Ludovic Courtès
  2023-06-30 14:56       ` André A. Gomes
  0 siblings, 1 reply; 6+ messages in thread
From: Ludovic Courtès @ 2023-06-17 14:08 UTC (permalink / raw)
  To: André A. Gomes; +Cc: 64014

Hi,

André A. Gomes <andremegafone@gmail.com> skribis:

> Ludovic Courtès <ludo@gnu.org> writes:
>
>> I suppose you might get this is you do ‘guix pack -R bubblewrap’ and
>> then try to run ‘bwrap’ from that pack: the ‘bwrap’ executable already
>> runs in a separate user namespace and might be unable to create one (?).

[...]

> Another strategy would be to try to reproduce your recipe in an older
> Guix version to see what happens (guix pack -R bubblewrap followed by
> bwrap).

Yes, that’d be great.  If you still have that older pack that didn’t
have the problem, you could also run it under ‘strace -f -o
/tmp/log.strace’ to see what happens before the failure.

Thanks,
Ludo’.




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#64014: guix pack regression
  2023-06-17 14:08     ` Ludovic Courtès
@ 2023-06-30 14:56       ` André A. Gomes
  2023-07-10 21:30         ` Ludovic Courtès
  0 siblings, 1 reply; 6+ messages in thread
From: André A. Gomes @ 2023-06-30 14:56 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 64014

Ludovic Courtès <ludo@gnu.org> writes:

> Yes, that’d be great.  If you still have that older pack that didn’t
> have the problem, you could also run it under ‘strace -f -o
> /tmp/log.strace’ to see what happens before the failure.

Ludovic, I didn't reach any meaningful conclusion.  Please close this
issue.  Thanks.


-- 
André A. Gomes
"You cannot even find the ruins..."




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#64014: guix pack regression
  2023-06-30 14:56       ` André A. Gomes
@ 2023-07-10 21:30         ` Ludovic Courtès
  0 siblings, 0 replies; 6+ messages in thread
From: Ludovic Courtès @ 2023-07-10 21:30 UTC (permalink / raw)
  To: André A. Gomes; +Cc: 64014-done

André A. Gomes <andremegafone@gmail.com> skribis:

> Ludovic Courtès <ludo@gnu.org> writes:
>
>> Yes, that’d be great.  If you still have that older pack that didn’t
>> have the problem, you could also run it under ‘strace -f -o
>> /tmp/log.strace’ to see what happens before the failure.
>
> Ludovic, I didn't reach any meaningful conclusion.  Please close this
> issue.  Thanks.

Done!




^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2023-07-10 21:31 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-06-12 12:59 bug#64014: guix pack regression André A. Gomes
2023-06-15 15:57 ` Ludovic Courtès
2023-06-15 16:10   ` André A. Gomes
2023-06-17 14:08     ` Ludovic Courtès
2023-06-30 14:56       ` André A. Gomes
2023-07-10 21:30         ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).