From mboxrd@z Thu Jan 1 00:00:00 1970 From: Giovanni Biscuolo Subject: bug#35662: Really relocatable binaries crash with Permission denied Date: Wed, 15 May 2019 17:20:25 +0200 Message-ID: <87pnojd9s6.fsf@roquette.mug.biscuolo.net> References: <20190509220136.tli7um2heocifrpq@pelzflorian.localdomain> <87o94ax9lw.fsf@gnu.org> <20190511050518.ozmvhsov6meg6g5f@pelzflorian.localdomain> <87ftpivlnv.fsf@gnu.org> <20190513103440.xkri3uk2oxtk4rn6@pelzflorian.localdomain> <87r292qx30.fsf@gnu.org> <20190513151736.ffbuofr3vmyqaoov@pelzflorian.localdomain> <87tvdyozra.fsf@gnu.org> <20190513204524.ozcnp6faamrbfkcv@pelzflorian.localdomain> <20190514080525.xspgsob6payn2ioa@pelzflorian.localdomain> <87h89wydf7.fsf@gnu.org> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Return-path: Received: from eggs.gnu.org ([209.51.188.92]:44042) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hQvkX-0002GT-AS for bug-guix@gnu.org; Wed, 15 May 2019 11:23:22 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hQviI-0004I4-Vu for bug-guix@gnu.org; Wed, 15 May 2019 11:21:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:39644) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hQviI-0004Hk-K1 for bug-guix@gnu.org; Wed, 15 May 2019 11:21:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hQviI-0007kU-9k for bug-guix@gnu.org; Wed, 15 May 2019 11:21:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <87h89wydf7.fsf@gnu.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= , "pelzflorian (Florian Pelz)" Cc: 35662@debbugs.gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello Ludovic and Florian, I cannot help here, just some thoughts as you probably already know, Florian, ZFS is not supported in Linux for various reasons, above all for a controversial licensing problem [1] so using zfsonlinux (the ZFS Linux unofficial kernel module) is basically calling for problems Ludovic Court=C3=A8s writes: > "pelzflorian (Florian Pelz)" skribis: [...] >> The admins have confirmed that they use =E2=80=9CProxmox on ZFS=E2=80=9D= (judging from >> it is ZFS on Linux) it's not clearly stated there, I guess it's https://github.com/zfsonlinux/zfs >> and >> they have confirmed that they have disabled user namespaces in their >> Proxmox settings. I do not understand what this means: if namespaces are disabled **in kernel** that whould be detected and guix relocatable binaries should use PRoot by default: am I wrong? If "disabled user namespace in Promox settings" means it have something to do with ZFS filesystem settings, well: it's unorthodox at least :-) > User namespaces are orthogonal to file systems, but anyway it looks like > ZFS is refusing to let us do these things. I don't know if this have something to do with this bug, but: ZFS is confused by user namespaces (uid/gid mapping) when used with acltype= =3Dposixacl https://github.com/zfsonlinux/zfs/issues/4177 Florian: it should be solved but AFAIU it depends on the kernel/zfsonlinux combination > I don=E2=80=99t have any great option to offer. You could perhaps modify > run-in-namespace.c so that it doesn=E2=80=99t even try user namespaces and > instead goes directly to the PRoot option? Ludovic (and others): is it possible to add an option to "guix pack -RR" (-RRF?!?) to force the use of PRoot for resulting relocated binaries? > However working around this behavior of ZFS it not completely trivial > and I=E2=80=99m not sure we should put much energy to paper over non-stan= dard > file system behavior. I agree, this seems a zfsonlinux bug: Florian please can you report it upstream to zfsonlinux? [...] HTH! Gio' [1] https://www.fsf.org/licensing/zfs-and-linux https://sfconservancy.org/blog/2016/feb/25/zfs-and-linux/ =2D-=20 Giovanni Biscuolo Xelera IT Infrastructures --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERcxjuFJYydVfNLI5030Op87MORIFAlzcLjsACgkQ030Op87M ORKDGQ//R7qR24I2QNzA3ZTusVarDD1+SXrMOaUIFynFqEx+c+PVEAs+YtMGbgsY hgGaNQu8SgboRIV5F/oMv3d5hauwYTPCSJx9vigoG+xTxzXtbggzFRKMOStHqVTf 9tMc4GoWzoEOzH/6GoPbvpwgkkViCqjO/yvWf2mh+eyGPHxzpAWfy2l6Ql+PP5Iz l5vsLkBTk1QvfwxJ6y0EVfEzdk0d/yJuAQnHlGYvBVYxhbF2oRXMqAEhMeXOG3FU pONsRzMB8/gn/HbQaxQWu56nrnz2Ps7lSOOrDaipJTXiRbe+aJcPAvgQV90t6hEM dbuQ2P+B1jO4UjMFdyOU8lsqi9d4DvPFD5iS9b59K2DpLZRlZLFLp1DieubVh3e6 WSXcTPz4f3cy09SjXOu99gWchBJsc37XttPMFEicbHToSzU8nN4Alr1CWyCE+E00 9CV/VFRBA2YrsMFw0cV/1CkIJigl+ijfhKoJjasfzxhSNF/xi42v4Sx9EO0kzY6d ilkjgDPm7ZUb0KoqjGqgOf9BgfKXol78CqNrhV0xNzxNXEYrvLXwAch7ZLp98riW g83Eciok2tE57yNpgggqQonb074mOiGuZD3CWpZF9aviiux7oBFUY+Sc9UmftrL0 KLvvdlQf2h8B5xwI5osJ3C3Uf3wra0teAECZJquLzW0Tp1dYv0E= =4A1m -----END PGP SIGNATURE----- --=-=-=--