unofficial mirror of help-guix@gnu.org 
 help / color / mirror / Atom feed
* Container example for guix shell fails
@ 2021-12-16 13:09 Daniel Meißner
  2021-12-16 13:48 ` zimoun
  2021-12-16 13:49 ` ison
  0 siblings, 2 replies; 7+ messages in thread
From: Daniel Meißner @ 2021-12-16 13:09 UTC (permalink / raw)
  To: help-guix

Hi Guix!

I am currently trying to understand how to run programs in containers
with Guix.  In the manual it says the following should launch
ungoogled-chromium in an isolated environment with network.  However, it
fails:

--8<---------------cut here---------------start------------->8---
$ guix shell --container --network --no-cwd ungoogled-chromium --preserve='^DISPLAY$' -- chromium
substitute: Liste der Substitute von „https://ci.guix.gnu.org“ wird aktualisiert … 100.0%
Folgende Ableitung wird erstellt:
   /gnu/store/sxvvbwqzbg776i1ih5k7wwmn71m8p80b-profile.drv

67,6 MB werden heruntergeladen
 bash-5.1.8-doc  301KiB                                    3.2MiB/s 00:00 [##################] 100.0%
 bash-5.1.8-include  67KiB                                 2.3MiB/s 00:00 [##################] 100.0%
 ungoogled-chromium-96.0.4664.93-1  62.9MiB                9.0MiB/s 00:07 [##################] 100.0%
Zertifikatsbündel der Zertifikatsautoritäten wird erstellt …
Liste der Emacs-Unterverzeichnisse wird erzeugt …
Schriftartenverzeichnis wird erstellt …
generating GdkPixbuf loaders cache...
Zwischenspeicher für GLib-Schemata wird erzeugt …
Zwischenspeicher für GTK-Symbolthemen wird erzeugt …
Dateien im Zwischenspeicher für GTK-Eingabemethoden werden erstellt …
Verzeichnis von Info-Handbüchern wird erstellt …
Zwischenspeicher für XDG-Desktop-Dateien wird erzeugt …
XDG-Mime-Datenbank wird erstellt …
Profil mit 1 Paket wird erstellt …
No protocol specified
--8<---------------cut here---------------end--------------->8---

What am I doing wrong?

Best
Daniel


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Container example for guix shell fails
  2021-12-16 13:09 Container example for guix shell fails Daniel Meißner
@ 2021-12-16 13:48 ` zimoun
  2021-12-16 15:57   ` Daniel Meißner
  2021-12-16 17:37   ` Leo Famulari
  2021-12-16 13:49 ` ison
  1 sibling, 2 replies; 7+ messages in thread
From: zimoun @ 2021-12-16 13:48 UTC (permalink / raw)
  To: Daniel Meißner, help-guix

Hi,

On Thu, 16 Dec 2021 at 14:09, Daniel Meißner <daniel.meissner-i4k@ruhr-uni-bochum.de> wrote:

> --8<---------------cut here---------------start------------->8---
> $ guix shell --container --network --no-cwd ungoogled-chromium --preserve='^DISPLAY$' -- chromium

[...]
> --8<---------------cut here---------------end--------------->8---

It works for me.  Are you running Guix System or Guix on foreign distro?

On some foreign distro, I guess, this is required as root:

--8<---------------cut here---------------start------------->8---
# echo "kernel.unprivileged_userns_clone = 1" > /etc/sysctl.d/local.conf
# sysctl --system
--8<---------------cut here---------------end--------------->8---


Cheers,
simon


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Container example for guix shell fails
  2021-12-16 13:09 Container example for guix shell fails Daniel Meißner
  2021-12-16 13:48 ` zimoun
@ 2021-12-16 13:49 ` ison
  2021-12-16 14:00   ` Daniel Meißner
  1 sibling, 1 reply; 7+ messages in thread
From: ison @ 2021-12-16 13:49 UTC (permalink / raw)
  To: Daniel Meißner; +Cc: help-guix

Are you using xorg or wayland? If xorg then try adding an extra
--preserve='^XAUTHORITY$'

Daniel Meißner <daniel.meissner-i4k@ruhr-uni-bochum.de> writes:

> Hi Guix!
>
> I am currently trying to understand how to run programs in containers
> with Guix.  In the manual it says the following should launch
> ungoogled-chromium in an isolated environment with network.  However, it
> fails:
>
> $ guix shell --container --network --no-cwd ungoogled-chromium --preserve='^DISPLAY$' -- chromium
> substitute: Liste der Substitute von „https://ci.guix.gnu.org“ wird aktualisiert … 100.0%
> Folgende Ableitung wird erstellt:
>    /gnu/store/sxvvbwqzbg776i1ih5k7wwmn71m8p80b-profile.drv
>
> 67,6 MB werden heruntergeladen
>  bash-5.1.8-doc  301KiB                                    3.2MiB/s 00:00 [##################] 100.0%
>  bash-5.1.8-include  67KiB                                 2.3MiB/s 00:00 [##################] 100.0%
>  ungoogled-chromium-96.0.4664.93-1  62.9MiB                9.0MiB/s 00:07 [##################] 100.0%
> Zertifikatsbündel der Zertifikatsautoritäten wird erstellt …
> Liste der Emacs-Unterverzeichnisse wird erzeugt …
> Schriftartenverzeichnis wird erstellt …
> generating GdkPixbuf loaders cache...
> Zwischenspeicher für GLib-Schemata wird erzeugt …
> Zwischenspeicher für GTK-Symbolthemen wird erzeugt …
> Dateien im Zwischenspeicher für GTK-Eingabemethoden werden erstellt …
> Verzeichnis von Info-Handbüchern wird erstellt …
> Zwischenspeicher für XDG-Desktop-Dateien wird erzeugt …
> XDG-Mime-Datenbank wird erstellt …
> Profil mit 1 Paket wird erstellt …
> No protocol specified
>
> What am I doing wrong?
>
> Best
> Daniel



^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Container example for guix shell fails
  2021-12-16 13:49 ` ison
@ 2021-12-16 14:00   ` Daniel Meißner
  0 siblings, 0 replies; 7+ messages in thread
From: Daniel Meißner @ 2021-12-16 14:00 UTC (permalink / raw)
  To: ison; +Cc: help-guix

Hi ison,

> Are you using xorg or wayland? If xorg then try adding an extra
> --preserve='^XAUTHORITY$'

I am using xorg.  Unfortunately, adding the extra option does not help.
It still says ‘No protocol specified.’

Thanks,
Daniel


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Container example for guix shell fails
  2021-12-16 13:48 ` zimoun
@ 2021-12-16 15:57   ` Daniel Meißner
  2021-12-16 17:37   ` Leo Famulari
  1 sibling, 0 replies; 7+ messages in thread
From: Daniel Meißner @ 2021-12-16 15:57 UTC (permalink / raw)
  To: zimoun, help-guix

Hi zimoun!

zimoun writes:

> Hi,
>
> On Thu, 16 Dec 2021 at 14:09, Daniel Meißner <daniel.meissner-i4k@ruhr-uni-bochum.de> wrote:
>
>> --8<---------------cut here---------------start------------->8---
>> $ guix shell --container --network --no-cwd ungoogled-chromium --preserve='^DISPLAY$' -- chromium
>
> [...]
>> --8<---------------cut here---------------end--------------->8---
>
> It works for me.  Are you running Guix System or Guix on foreign
> distro?

I am running Guix System:

--8<---------------cut here---------------start------------->8---
  guix 8762454
    Repository-URL: https://git.savannah.gnu.org/git/guix.git
    Branch: master
    Commit: 87624540b486d710749ad00ef5aa427a9e5c1d0c
--8<---------------cut here---------------end--------------->8---

Thanks,
Daniel


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Container example for guix shell fails
  2021-12-16 13:48 ` zimoun
  2021-12-16 15:57   ` Daniel Meißner
@ 2021-12-16 17:37   ` Leo Famulari
  2021-12-16 18:22     ` zimoun
  1 sibling, 1 reply; 7+ messages in thread
From: Leo Famulari @ 2021-12-16 17:37 UTC (permalink / raw)
  To: zimoun; +Cc: help-guix

On Thu, Dec 16, 2021 at 02:48:29PM +0100, zimoun wrote:
> On some foreign distro, I guess, this is required as root:
> 
> --8<---------------cut here---------------start------------->8---
> # echo "kernel.unprivileged_userns_clone = 1" > /etc/sysctl.d/local.conf
> # sysctl --system
> --8<---------------cut here---------------end--------------->8---

I don't think this sysctl flag is supported by the kernel.

If I understand correctly, it was provided by a 3rd-party patch.

I think that Debian does still use the patch; at least on some systems
that I have access to, the parameter is available.

But it may not exist on other distros.

https://lwn.net/Articles/673597/


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: Container example for guix shell fails
  2021-12-16 17:37   ` Leo Famulari
@ 2021-12-16 18:22     ` zimoun
  0 siblings, 0 replies; 7+ messages in thread
From: zimoun @ 2021-12-16 18:22 UTC (permalink / raw)
  To: Leo Famulari; +Cc: help-guix

On Thu, 16 Dec 2021 at 18:37, Leo Famulari <leo@famulari.name> wrote:
> On Thu, Dec 16, 2021 at 02:48:29PM +0100, zimoun wrote:

> > On some foreign distro, I guess, this is required as root:
> >
> > --8<---------------cut here---------------start------------->8---
> > # echo "kernel.unprivileged_userns_clone = 1" > /etc/sysctl.d/local.conf
> > # sysctl --system
> > --8<---------------cut here---------------end--------------->8---
>
> I don't think this sysctl flag is supported by the kernel.
>
> If I understand correctly, it was provided by a 3rd-party patch.
>
> I think that Debian does still use the patch

Yes, last time I checked.
Anyway, that not the issue. :-)


Cheers,
simon


^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2021-12-16 18:23 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-12-16 13:09 Container example for guix shell fails Daniel Meißner
2021-12-16 13:48 ` zimoun
2021-12-16 15:57   ` Daniel Meißner
2021-12-16 17:37   ` Leo Famulari
2021-12-16 18:22     ` zimoun
2021-12-16 13:49 ` ison
2021-12-16 14:00   ` Daniel Meißner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).