On Mon, May 13, 2019 at 09:49:40AM +0200, Ludovic Courtès wrote: > Hi Florian, > > "pelzflorian (Florian Pelz)" skribis: > > > On Fri, May 10, 2019 at 11:50:19PM +0200, Ludovic Courtès wrote: > >> That suggests the wrapper chose the user namespace method (not PRoot), > >> but that didn’t quite work. > >> > >> Could you post the output of: > >> > >> strace ./mybin/sh > >> > >> ? > > My bad, this should be: > > strace -f -o log ./mybin/sh > > and then post the ‘log’ file (we need ‘-f’ because the problem happens > in the child process.) > > Thanks in advance, > Ludo’. Oh I did not know there is -f. [f_pelz12@tux6 ~]$ strace -f -o log ./mybin/sh sh: run.c:162: bind_mount: Unexpected error: Permission denied. The log file is attached. When I do not use -o log, the unexpected error is here: [pid 36622] mount("//sys", "/tmp/guix-exec-85li6j/sys", 0x47e0c5, MS_RDONLY|MS_BIND|MS_REC, NULL) = -1 EACCES (Permission denied) [pid 36622] openat(AT_FDCWD, "/tmp/guix-exec-85li6j/core", O_WRONLY|O_CREAT, 056306) = 4 [pid 36622] close(4) = 0 [pid 36622] mount("//core", "/tmp/guix-exec-85li6j/core", 0x47e0c5, MS_RDONLY|MS_BIND|MS_REC, NULL) = -1 EACCES (Permission denied) [pid 36622] write(2, "sh: run.c:162: bind_mount: Unexp"..., 64sh: run.c:162: bind_mount: Unexpected error: Permission denied. ) = 64 [pid 36622] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4b024f4000 [pid 36622] rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0 [pid 36622] rt_sigprocmask(SIG_BLOCK, ~[RTMIN RT_1], [], 8) = 0 [pid 36622] getpid() = 36622 [pid 36622] gettid() = 36622 [pid 36622] tgkill(36622, 36622, SIGABRT) = 0 [pid 36622] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 [pid 36622] --- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=36622, si_uid=24038} --- [pid 36622] +++ killed by SIGABRT +++ Regards, Florian