containerized shell

containerized shell

[Cássio Tavares]

Hi there!

*Intro:*
I'm not a coder, I'm a teacher mostly of Literature, so... But being a
long-time pro-FSF and pro-GNU activist (mostly I spread the word and make
the case for Free Software), I have some familiarity with the linux
world... That means that I have some difficulty with the finer technical
details. So:

*Problem:*
So my somewhat old desktop is now fully compatible with linux-libre, so,
finally, I installed Guix a couple months ago. And I'm also de-googling
myself, for privacy. My problem is that I work for an institution that
adopts Google G-suite for email, cloud storage, meetings and classes. It
basically re-Googles me, and I don't like that, specially because I use the
same desktop for my personal stuff...

*Attempted solution:*
In the Guix Manual, I find this:

This --container option can also prove useful if you wish to run a
> security-sensitive application, such as a web browser, in an isolated
> environment. For example, the command below launches Ungoogled-Chromium in
> an isolated environment, this time sharing network access with the host and
> preserving its DISPLAY environment variable, but without even sharing the
> current directory:
>
guix shell --container --network --no-cwd ungoogled-chromium \

--preserve='^DISPLAY$' -- chromium


I added a few extra options:

   - to separate my personal user-id from my work-related google user-id:
   --user=teacher;
   - to have needed local storage: --share=$HOME/work=/home/teacher/teaching
   ;
   - to persist the environment: --root=$HOME/work/.guix-profile.

Didn't work. Even without the extra options it did not work. Chromium does
start, but it doesn't work correctly and eventually crashes. Down below is
the output I get.

Thanks,
Cássio Tavares

~$ guix shell --container --network --user=teacher
--root=/home/cas/chrome-dir/.guix-profile
--share=/home/cas/chrome-dir=teaching --no-cwd ungoogled-chromium
--preserve='^DISPLAY$' -- chromium
*The following derivation will be built:*
  /gnu/store/s8q3bq81msrqxbp1n8r09f00f2jn5kv8-profile.drv

1,6 MB serão baixados
 bash-5.1.8-doc  301KiB
                                                           395KiB/s 00:01
[##################] 100.0%
 bash-5.1.8-include  67KiB
                                                            709KiB/s 00:00
[##################] 100.0%
compilando pacote de certificados de AC...
listing Emacs sub-directories...
compilando diretório de fontes...
generating GdkPixbuf loaders cache...
gerando cache de esquemas de GLib...
criando cache de tema de ícones de GTK...
compilando arquivos de cache para métodos de entrada de GTK...
compilando diretório de manuais Info...
compilando cache de arquivos desktop XDG...
compilando banco de dados XDG MIME...
compilando perfil com 1 pacote...
libGL error: MESA-LOADER: failed to retrieve device information
[1:19:0330/111158.823552:ERROR:bus.cc(397)] Failed to connect to the bus:
Failed to connect to socket /var/run/dbus/system_bus_socket: No such file
or directory
[1:19:0330/111158.823637:ERROR:bus.cc(397)] Failed to connect to the bus:
Failed to connect to socket /var/run/dbus/system_bus_socket: No such file
or directory
[1:17:0330/111158.974616:ERROR:bus.cc(397)] Failed to connect to the bus:
Could not parse server address: Unknown address type (examples of valid
types are "tcp" and on UNIX "unix")
[1:17:0330/111158.974660:ERROR:bus.cc(397)] Failed to connect to the bus:
Could not parse server address: Unknown address type (examples of valid
types are "tcp" and on UNIX "unix")
[1:17:0330/111159.776554:ERROR:bus.cc(397)] Failed to connect to the bus:
Could not parse server address: Unknown address type (examples of valid
types are "tcp" and on UNIX "unix")
[1:17:0330/111159.776583:ERROR:bus.cc(397)] Failed to connect to the bus:
Could not parse server address: Unknown address type (examples of valid
types are "tcp" and on UNIX "unix")
libGL error: MESA-LOADER: failed to retrieve device information
[25:25:0330/111159.969020:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x00008D62. Skipping multisample
checks.
[25:25:0330/111159.969183:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x0000906F. Skipping multisample
checks.
[25:25:0330/111159.969356:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: OpenGL ES 2.0 is not
supportable.
[25:25:0330/111159.969488:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: OpenGL ES 2.0 is not supportable.
[25:25:0330/111159.969544:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGL failed with error EGL_NOT_INITIALIZED, trying next display type
[25:25:0330/111159.970041:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: Could not create a
backing OpenGL context.
[25:25:0330/111159.970096:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: Could not create a backing OpenGL context.
[25:25:0330/111159.970138:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGLES failed with error EGL_NOT_INITIALIZED
[25:25:0330/111159.970205:ERROR:gl_ozone_egl.cc(20)]
GLSurfaceEGL::InitializeOneOff failed.
[25:25:0330/111200.008758:ERROR:viz_main_impl.cc(188)] Exiting GPU process
due to errors during initialization
[1:17:0330/111200.323237:ERROR:bus.cc(397)] Failed to connect to the bus:
Could not parse server address: Unknown address type (examples of valid
types are "tcp" and on UNIX "unix")
[1:17:0330/111200.323353:ERROR:bus.cc(397)] Failed to connect to the bus:
Could not parse server address: Unknown address type (examples of valid
types are "tcp" and on UNIX "unix")
libGL error: MESA-LOADER: failed to retrieve device information
[73:73:0330/111201.396472:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x00008D62. Skipping multisample
checks.
[73:73:0330/111201.396608:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x0000906F. Skipping multisample
checks.
[73:73:0330/111201.396702:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: OpenGL ES 2.0 is not
supportable.
[73:73:0330/111201.396750:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: OpenGL ES 2.0 is not supportable.
[73:73:0330/111201.396785:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGL failed with error EGL_NOT_INITIALIZED, trying next display type
[73:73:0330/111201.397046:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: Could not create a
backing OpenGL context.
[73:73:0330/111201.397088:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: Could not create a backing OpenGL context.
[73:73:0330/111201.397114:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGLES failed with error EGL_NOT_INITIALIZED
[73:73:0330/111201.397139:ERROR:gl_ozone_egl.cc(20)]
GLSurfaceEGL::InitializeOneOff failed.
[73:73:0330/111201.398124:ERROR:viz_main_impl.cc(188)] Exiting GPU process
due to errors during initialization
libGL error: MESA-LOADER: failed to retrieve device information
[87:87:0330/111201.431188:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x00008D62. Skipping multisample
checks.
[87:87:0330/111201.431305:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x0000906F. Skipping multisample
checks.
[87:87:0330/111201.431418:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: OpenGL ES 2.0 is not
supportable.
[87:87:0330/111201.431471:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: OpenGL ES 2.0 is not supportable.
[87:87:0330/111201.431500:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGL failed with error EGL_NOT_INITIALIZED, trying next display type
[87:87:0330/111201.431778:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: Could not create a
backing OpenGL context.
[87:87:0330/111201.431815:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: Could not create a backing OpenGL context.
[87:87:0330/111201.431843:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGLES failed with error EGL_NOT_INITIALIZED
[87:87:0330/111201.431875:ERROR:gl_ozone_egl.cc(20)]
GLSurfaceEGL::InitializeOneOff failed.
[87:87:0330/111201.432906:ERROR:viz_main_impl.cc(188)] Exiting GPU process
due to errors during initialization
libGL error: MESA-LOADER: failed to retrieve device information
[94:94:0330/111201.484119:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x00008D62. Skipping multisample
checks.
[94:94:0330/111201.484235:ERROR:angle_platform_impl.cc(44)]
renderergl_utils.cpp:496 (GenerateTextureFormatCaps): glGetInternalformativ
generated error 0x00000500 for format 0x0000906F. Skipping multisample
checks.
[94:94:0330/111201.484330:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: OpenGL ES 2.0 is not
supportable.
[94:94:0330/111201.484378:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: OpenGL ES 2.0 is not supportable.
[94:94:0330/111201.484406:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGL failed with error EGL_NOT_INITIALIZED, trying next display type
[94:94:0330/111201.484670:ERROR:angle_platform_impl.cc(44)] Display.cpp:940
(initialize): ANGLE Display::initialize error 12289: Could not create a
backing OpenGL context.
[94:94:0330/111201.484705:ERROR:gl_surface_egl.cc(808)] EGL Driver message
(Critical) eglInitialize: Could not create a backing OpenGL context.
[94:94:0330/111201.484731:ERROR:gl_surface_egl.cc(1430)] eglInitialize
OpenGLES failed with error EGL_NOT_INITIALIZED
[94:94:0330/111201.484757:ERROR:gl_ozone_egl.cc(20)]
GLSurfaceEGL::InitializeOneOff failed.
[94:94:0330/111201.485861:ERROR:viz_main_impl.cc(188)] Exiting GPU process
due to errors during initialization
[101:101:0330/111201.495750:ERROR:angle_platform_impl.cc(44)]
Display.cpp:940 (initialize): ANGLE Display::initialize error 0: Internal
Vulkan error (-3): Initialization of an object could not be completed for
implementation-specific reasons, in
../../third_party/angle/src/libANGLE/renderer/vulkan/RendererVk.cpp,
initialize:1092.
[101:101:0330/111201.495847:ERROR:gl_surface_egl.cc(808)] EGL Driver
message (Critical) eglInitialize: Internal Vulkan error (-3):
Initialization of an object could not be completed for
implementation-specific reasons, in
../../third_party/angle/src/libANGLE/renderer/vulkan/RendererVk.cpp,
initialize:1092.
[101:101:0330/111201.495885:ERROR:gl_surface_egl.cc(1430)] eglInitialize
SwANGLE failed with error EGL_NOT_INITIALIZED
[101:101:0330/111201.495924:ERROR:gl_ozone_egl.cc(20)]
GLSurfaceEGL::InitializeOneOff failed.
[101:101:0330/111201.497050:ERROR:viz_main_impl.cc(188)] Exiting GPU
process due to errors during initialization
[108:108:0330/111201.581593:ERROR:gpu_init.cc(454)] Passthrough is not
supported, GL is disabled, ANGLE is
[1:54:0330/111205.689921:ERROR:chrome_browser_main_extra_parts_metrics.cc(227)]
START: ReportBluetoothAvailability(). If you don't see the END: message,
this is crbug.com/1216328.
[1:54:0330/111205.689947:ERROR:chrome_browser_main_extra_parts_metrics.cc(230)]
END: ReportBluetoothAvailability()
[1:53:0330/111308.587623:ERROR:ev_root_ca_metadata.cc(841)] Failed to
register OID: 0
Entity: line 1: parser error : Extra content at the end of the document

^
Entity: line 1: parser error : Extra content at the end of the document

^
[271:8:0330/112239.854537:ERROR:broker_posix.cc(46)] Received unexpected
number of handles
[327:8:0330/112245.239163:ERROR:broker_posix.cc(46)] Received unexpected
number of handles
[363:7:0330/112248.952771:ERROR:broker_posix.cc(46)] Received unexpected
number of handles
[37:4:0330/112402.213366:ERROR:node_controller.cc(585)] Trying to re-add
dropped peer B4148013D341CE51.9B52B55EC5E7A1BC
[30:33:0330/112425.861420:ERROR:broker_posix.cc(46)] Received unexpected
number of handles
[465:7:0330/112426.051740:ERROR:broker_posix.cc(46)] Received unexpected
number of handles
[564:8:0330/112722.426767:ERROR:broker_posix.cc(46)] Received unexpected
number of handles
[588:8:0330/112739.043836:ERROR:broker_posix.cc(46)] Received unexpected
number of handles

-----
Faculdade de Letras - UFG
*“*
*Ou a gente se Raôni, ou a gente se Sting**”*

Re: containerized shell

[zimoun]

Hi,

On Wed, 30 Mar 2022 at 11:40, Cássio Tavares <cassio.ufg@gmail.com> wrote:

> guix shell --container --network --no-cwd ungoogled-chromium \
>            --preserve='^DISPLAY$' -- chromium

The old legacy section of “guix environment” contains this snippet:

--8<---------------cut here---------------start------------->8---
     guix environment --preserve='^DISPLAY$' --container --network \
       --expose=/etc/machine-id \
       --expose=/etc/ssl/certs/ \
       --share=$HOME/.local/share/eolie/=$HOME/.local/share/eolie/ \
       --ad-hoc eolie nss-certs dbus --  eolie
--8<---------------cut here---------------end--------------->8---

Therefore, this quick adaptation

--8<---------------cut here---------------start------------->8---
     guix shell --preserve='^DISPLAY$' --container --network \
       --expose=/etc/machine-id \
       --expose=/etc/ssl/certs/ \
       ungoogled-chromium nss-certs dbus --  chromium
--8<---------------cut here---------------end--------------->8---

works for me.  Does it fit your needs?


Cheers,
simon