all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
From: Bengt Richter <bokr@bokr.com>
To: Leo Prikler <leo.prikler@student.tugraz.at>
Cc: 47106@debbugs.gnu.org
Subject: bug#47106: Bubblewrap hates Guix containers 😞
Date: Sat, 13 Mar 2021 18:07:04 +0100	[thread overview]
Message-ID: <20210313170704.GA3712@LionPure> (raw)
In-Reply-To: <fa11fb1fb6dfb6e2c048d4fe8dec005e3b2b114a.camel@student.tugraz.at>

Hi again,

On +2021-03-13 15:43:15 +0100, Leo Prikler wrote:
> Am Samstag, den 13.03.2021, 13:27 +0100 schrieb Bengt Richter:
> > Hi,
> > 
> > On +2021-03-13 12:07:51 +0100, Leo Prikler wrote:
> > > Hi!
> > > Am Samstag, den 13.03.2021, 11:48 +0100 schrieb Ludovic Courtès:
> > > > Hi!
> > > > 
> > > > Leo Prikler <leo.prikler@student.tugraz.at> skribis:
> > > > 
> > > > > both Epiphany and Eolie (post fixing #47097; will submit patch
> > > > > shortly)
> > > > > fail inside Guix containers with the suggested
> > > > > incantation.  After
> > > > > getting the environment to no longer complain about $DISPLAY by
> > > > > adding
> > > > > `--preserve="XAUTHORITY" --expose=$XAUTHORITY', it repeatedly
> > > > > outputsn
> > > > > lines like
> > > > > bwrap: Can't find source path /sys/class: No such file or
> > > > > directory
> > > > > before closing the process altogether.
> > > > 
> > > > What is ‘bwrap’ looking for?  /sys is mounted inside ‘guix
> > > > environment -C’,
> > > > but perhaps it needs something special?
> > > > 
> > > > I suggest running these things (or ‘bwrap’ directly) in ‘strace
> > > > -f -o
> > > > log’ inside the container to see.
> > > It seems to be 
> > > > openat(AT_FDCWD, "/sys/class/dmi/id/chassis_type", O_RDONLY) = -1
> > > > ENOENT (No such file or directory)
> > > > openat(AT_FDCWD, "/sys/firmware/acpi/pm_profile", O_RDONLY) = -1
> > > > ENOENT (No such file or directory)
> > > 
> > > I haven't repeated that for all warnings of similar kind, but if I
> > > add
> > > `--expose=/sys/block --expose=/sys/class --expose=/sys/bus --
> > > expose=/sys/dev --expose=/sys/devices` to the invocation, I instead
> > > get
> > > a warning, that the WebKitWebProcess can't open $DISPLAY.  I'm not
> > > sure
> > > how to resolve that one, given that I already had to sneak DISPLAY
> > > and
> > > XAUTHORITY into the container, but it's a start.
> > > 
> > > Regards,
> > > Leo
> > > 
> > Does $DISPLAY mean ":0" and does the Wayland server answer that with
> > its XWayland X-interface?
> In my setup $DISPLAY=:1, but obviously the exact value depends on other
> circumstances (i.e. if there's already an open session belonging to
> another user it'd be :2, :3, ...).  I'm not sure how X vs. Wayland
> plays out here, but I'm still using Gnome on X, so that should
> hopefully not be an issue here.
> 
> > I am wonderering how that is resolved inside a container.
> Well, for X you'd usually preserve DISPLAY and XAUTHORITY and also
> expose $XAUTHORITY or something along those lines.  Not sure how you
> Wayland folk do that.
>

I am not a Wayland developer, if that's what you mean by "Wayland folk" :)
But I have been experimenting with writing my own text and graphics widget,
poking 32-bit pixels into buffers for display by the Wayland compositor,
so I've learned a little :) I am using the linux kernel's sun12x22 bitmap
font to do text at a low level.

Idk much about containers yet, but I imagine using lowlevel stuff to
make images for a trivial web server running in a container could be interesting.

> Regards,
> Leo
> 

I am curious what the commands below would show inside your container.
"pidparents" [1] is a little script I find handy, which would have to be
accessible in your container of course. Idk how you put local bash scripts
in your container. I assume it's possible :)

I did these commands in a debian gnome terminal window, where pidparents[1]
showed (timetagged later, since I just went back to do that) this context:
--8<---------------cut here---------------start------------->8---
[17:29 ~/bs]$ pidparents
pidparents      pts/1     5800 S+   /usr/bin/bash /home/bokr/bin/pidparents
bash            pts/1     5711 Ss   /bin/bash
tilix           ?         2007 Sl   /usr/bin/tilix --gapplication-service
systemd         ?         1308 Ss   /lib/systemd/systemd --user
systemd         ?            1 Ss   /sbin/init splash
--8<---------------cut here---------------end--------------->8---

;;;; First I just look for processes with X11 or way in their names, 
;;;; then I use pidparents to see how they are started.

[17:18 ~/bs]$ ps af|egrep -i 'x11|way'
 5741 pts/1    S+     0:00  \_ grep -E -i x11|way
 1329 tty2     Ssl+   0:00 /usr/lib/gdm3/gdm-wayland-session /usr/bin/gnome-session
 1433 tty2     Sl+    0:13      |   \_ /usr/bin/Xwayland :0 -rootless -terminate -accessx -core -listen 4 -listen 5 -displayfd 6
 1468 tty2     Sl     0:00 /usr/lib/ibus/ibus-x11 --kill-daemon

[17:21 ~/bs]$ pidparents 1329
gdm-wayland-ses tty2      1329 Ssl+ /usr/lib/gdm3/gdm-wayland-session /usr/bin/gnome-session
gdm-session-wor ?         1304 Sl   gdm-session-worker [pam/gdm-password]
gdm3            ?          711 Ssl  /usr/sbin/gdm3
systemd         ?            1 Ss   /sbin/init splash

;;;; this one might be the most interesting in your container
;;;; can you SSH into it to do these things?
[17:22 ~/bs]$ pidparents 1433
Xwayland        tty2      1433 Sl+  /usr/bin/Xwayland :0 -rootless -terminate -accessx -core -listen 4 -listen 5 -displayfd 6
gnome-shell     tty2      1408 Rl+  /usr/bin/gnome-shell
gnome-session-b tty2      1333 Sl+  /usr/lib/gnome-session/gnome-session-binary
gdm-wayland-ses tty2      1329 Ssl+ /usr/lib/gdm3/gdm-wayland-session /usr/bin/gnome-session
gdm-session-wor ?         1304 Sl   gdm-session-worker [pam/gdm-password]
gdm3            ?          711 Ssl  /usr/sbin/gdm3
systemd         ?            1 Ss   /sbin/init splash

;;;; not really sure what this one does
[17:22 ~/bs]$ pidparents 1468
ibus-x11        tty2      1468 Sl   /usr/lib/ibus/ibus-x11 --kill-daemon
systemd         ?            1 Ss   /sbin/init splash

;;;; [1] here is pidparents -- pretty short, so you could manually
;;;; enter it if necessary :)

[17:22 ~/bs]$ cat $(which pidparents)|gxsnip 
--8<---------------cut here---------------start------------->8---
#!/usr/bin/bash
# ~/bin/pidparents

pid=${1:-$$}	#this process if no pid specified as $1

while [ $(($pid)) -gt 0 ]; do    
      ps h -p $pid -o comm,tt,pid,stat,args
      pid=$(ps -q $pid -o ppid=)
done

--8<---------------cut here---------------end--------------->8---
[17:24 ~/bs]$ 

Hopefully this would reveal a little more about what $DISPLAY means in your container.

WDYT?

-- 
Regards,
Bengt Richter




  reply	other threads:[~2021-03-13 17:09 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-12 17:43 bug#47106: Bubblewrap hates Guix containers 😞 Leo Prikler
2021-03-13 10:48 ` Ludovic Courtès
2021-03-13 11:07   ` Leo Prikler
2021-03-13 12:27     ` Bengt Richter
2021-03-13 14:43       ` Leo Prikler
2021-03-13 17:07         ` Bengt Richter [this message]
2021-03-13 18:01           ` Leo Prikler
2021-03-14 17:45             ` Bengt Richter
2021-03-14 18:05               ` Leo Prikler
2021-03-14 20:32                 ` Ludovic Courtès
2021-03-14 20:43                   ` Leo Prikler
2021-03-15  9:52                     ` Ludovic Courtès
2021-03-15 10:14                       ` Leo Prikler
2021-03-15 13:29                         ` Ludovic Courtès
2021-03-16 10:54                 ` Bengt Richter
2021-03-16 11:13                   ` Leo Prikler
2021-04-14 20:07 ` Leo Famulari
2021-04-14 21:23   ` Leo Prikler
2021-04-14 22:00     ` Leo Famulari

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210313170704.GA3712@LionPure \
    --to=bokr@bokr.com \
    --cc=47106@debbugs.gnu.org \
    --cc=leo.prikler@student.tugraz.at \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.