From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp2 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id cNxwFfHCj197JwAA0tVLHw (envelope-from ) for ; Wed, 21 Oct 2020 05:11:13 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp2 with LMTPS id UJFJEfHCj197MAAAB5/wlQ (envelope-from ) for ; Wed, 21 Oct 2020 05:11:13 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id C55C7940418 for ; Wed, 21 Oct 2020 05:11:12 +0000 (UTC) Received: from localhost ([::1]:38192 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kV6P0-00087L-80 for larch@yhetil.org; Wed, 21 Oct 2020 01:11:10 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:60542) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kV6Ot-00087B-W7 for guix-patches@gnu.org; Wed, 21 Oct 2020 01:11:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:35957) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kV6Os-0003fG-C8 for guix-patches@gnu.org; Wed, 21 Oct 2020 01:11:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1kV6Os-0004sL-7f for guix-patches@gnu.org; Wed, 21 Oct 2020 01:11:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#39807] [PATCH] guix: pack: Only wrap executable files. Resent-From: Eric Bavier Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 21 Oct 2020 05:11:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 39807 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 39807@debbugs.gnu.org Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= Received: via spool by 39807-submit@debbugs.gnu.org id=B39807.160325701318553 (code B ref 39807); Wed, 21 Oct 2020 05:11:02 +0000 Received: (at 39807) by debbugs.gnu.org; 21 Oct 2020 05:10:13 +0000 Received: from localhost ([127.0.0.1]:47503 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kV6O4-0004pA-TQ for submit@debbugs.gnu.org; Wed, 21 Oct 2020 01:10:13 -0400 Received: from mout02.posteo.de ([185.67.36.66]:47745) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1kV6O2-0004op-7r for 39807@debbugs.gnu.org; Wed, 21 Oct 2020 01:10:11 -0400 Received: from submission (posteo.de [89.146.220.130]) by mout02.posteo.de (Postfix) with ESMTPS id E65AF2400FC for <39807@debbugs.gnu.org>; Wed, 21 Oct 2020 07:10:03 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1603257003; bh=24trUx+xeV+X242O+nqoYHr8bxZuaFeCHZrtO9btjHQ=; h=Subject:From:To:Cc:Date:From; b=nrMliYqjMLzbfb+N4cHEST8rGFHksSKvM80Y1mgceFGIeCmcvWEkMQhOnG+q/b0lM lCBKobnJ0cTZ16FAtEfLs6p9n+uNIl5l90V8vXPvKI3jIzDQIh8DLzQBuKF6QEBpA1 T6kGpLP7gbb6Xkwk44yEJzkj3CyB2tfiBE43zJZrj+Q9Y1vZJCV1YkpcD8YwnqW3nO xrtDkC/yok/O2FpuYUO/RB3EwMiez/rDBUchnragr21iAgXE2NXdn2jtqsdb9JuW5t pUsUy+mIR7+9L1m6DOkRf4FCIvp98WIMXTpG4EEXh2wl9MP78Bq38gk3zzpTYA1Al/ mTZETOhRmrOPA== Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4CGJTQ47XWz6tmn; Wed, 21 Oct 2020 07:10:02 +0200 (CEST) Message-ID: <83416910901e77b537b64de392ee02598ccd72ff.camel@posteo.net> From: Eric Bavier Date: Wed, 21 Oct 2020 00:09:58 -0500 In-Reply-To: <3ace941f920d87da65de6e4fdc16add5b9725434.camel@posteo.net> References: <3ace941f920d87da65de6e4fdc16add5b9725434.camel@posteo.net> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: -2.3 (--) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -3.3 (---) X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=posteo.net header.s=2017 header.b=nrMliYqj; dmarc=fail reason="SPF not aligned (strict)" header.from=posteo.net (policy=none); spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: ik6pmjq81yhu On Mon, 2020-07-27 at 16:42 -0500, Eric Bavier wrote: > Call for help: the test does not pass! I get this error: > > hello: run.c:284: exec_in_user_namespace: Unexpected error: No such > file or directory. > > Could someone more familiar with user namespaces, etc help me work > this out? After following a helpful suggestion to try using `strace`, turns out the issue is not with user namespaces but mostly with string manipulation :) Apologies in advance for wall-of-text. $ unshare -mrf strace -s 80 -o trace -ff \ > sh -c 'mount -t tmpfs -o ro none "/gnu/store"; /tmp/pack-dir/opt/bin/hello' and in one the log file corresponding to the exec of the wrapper `hello` I see readlink("/proc/self/exe", "/tmp/pack-dir/gnu/store/80kbbxnzn3kgs1jkc6m6ydw2m44lnfaq-wrapperR/bin/hello", 4095) = 75 lstat("/gnu/store/zc92ghli8ws31qshf4bhzw1npzqhs4my-test/bin//hello", 0x7ffe308a4980) = -1 ENOENT (No such file or directory) and in the log corresponding to the child after forking in exec_in_user_namespace we see the call that leads to the above error: mount("/tmp/pack-dir/gnu/store/80", "/tmp/guix-exec-YMr7WJ//gnu/store", 0x4810a7, MS_RDONLY|MS_BIND|MS_REC, NULL) = -1 ENOENT (No such file or directory) write(2, "hello: run.c:284: exec_in_user_namespace: Unexpected error: No such file or dire"..., 87) = 87 So exec_in_user_namespace is trying to mount "/tmp/pack-dir/gnu/store/80", which is not a directory. In gnu/packages/aux-files/run-in-namespace.c:620-626 we try to calculate the name of the relocated store directory. So far this calculation seems to "accidentaly" work: /tmp/pack-dir/gnu/store/78xrsg1z...-emacs-no-x-27.1R/bin/emacs /gnu/store/w9csar3m...-emacs-no-x-27.1/bin//emacs The "R" suffix appended to the wrapper store directory name and the double-slash we get from find-files (c.f. guix/scripts/pack.scm:881) "cancel out". But we might not be so fortunate and can get something like this: | /tmp/pack-dir/gnu/store/80|kbbxnz...-wrapperR/bin/hello (self) /gnu/store|/zc92ghli...-test/bin//hello (@PROG@) /gnu/store| (original_store) | Because the manifest entry used in the tests added in this patch enters the "else" case of `wrapped-package` (c.f. guix/scripts/pack.scm:904) the index calculation strays and we get a non-directory mount point. I can make the test pass by using a slightly longer name of "testing" for the file-union :) I don't think we can enforce a stricter match between the wrapper and target store item names to ensure their lengths are the same, right? It seems like we maybe want to ignore @WRAPPED_PROGRAM@ and use only /proc/self/exe and original_store to find the relocated store directory? A regex search might be too costly. We could use strstr to search for the first occurrence of original_store, if we don't mind assuming that most people will probably not unpack into $HOME/.guix/gnu/store/mine/packs/foo e.g. --- a/gnu/packages/aux-files/run-in-namespace.c +++ b/gnu/packages/aux-files/run-in-namespace.c @@ -619,10 +619,8 @@ main (int argc, char *argv[]) /* SELF is something like "/home/ludo/.local/gnu/store/…-foo/bin/ls" and we want to extract "/home/ludo/.local/gnu/store". */ - size_t index = strlen (self) - - strlen ("@WRAPPED_PROGRAM@") + strlen (original_store); char *store = strdup (self); - store[index] = '\0'; + strstr (store, original_store)[sizeof original_store - 1] = '\0'; struct stat statbuf; WDYT? `~Eric