From debbugs-submit-bounces@debbugs.gnu.org Sat May 11 01:05:49 2019 Received: (at 35662) by debbugs.gnu.org; 11 May 2019 05:05:49 +0000 Received: from localhost ([127.0.0.1]:39688 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hPKCi-0000GU-S9 for submit@debbugs.gnu.org; Sat, 11 May 2019 01:05:49 -0400 Received: from pelzflorian.de ([5.45.111.108]:50046 helo=mail.pelzflorian.de) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1hPKCf-0000G4-Ju for 35662@debbugs.gnu.org; Sat, 11 May 2019 01:05:47 -0400 Received: from pelzflorian.localdomain (unknown [5.45.111.108]) by mail.pelzflorian.de (Postfix) with ESMTPSA id 1BDB6360038; Sat, 11 May 2019 07:05:19 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1557551119; bh=CqzD/5BIru+eN+Yx877edqRbSXKR8U2uyJioY8y9F5s=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=KJTVL8LnM2M08yU/rfivJVrxayLmQ/5Uilyl6ro+oM2wy7VWxSWvYVCkYELKrD5Zl 80rRqbYVCAvS2l9SQ6laP7XTzWYr62+1rxjV9gdaZjN9Ff8buuo+Owp1Cms+DxWa1x 4PNQiJhps+7lklkU1EBkmj6P8WyRklIWTfKoRyfs= Date: Sat, 11 May 2019 07:05:18 +0200 From: "pelzflorian (Florian Pelz)" To: Ludovic =?utf-8?Q?Court=C3=A8s?= Subject: Re: bug#35662: Really relocatable binaries crash with Permission denied Message-ID: <20190511050518.ozmvhsov6meg6g5f@pelzflorian.localdomain> References: <20190509220136.tli7um2heocifrpq@pelzflorian.localdomain> <87o94ax9lw.fsf@gnu.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87o94ax9lw.fsf@gnu.org> User-Agent: NeoMutt/20180716 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 35662 Cc: 35662@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) On Fri, May 10, 2019 at 11:50:19PM +0200, Ludovic Courtès wrote: > That suggests the wrapper chose the user namespace method (not PRoot), > but that didn’t quite work. > > Could you post the output of: > > strace ./mybin/sh > > ? > [f_pelz12@tux6 ~]$ strace ./mybin/sh execve("./mybin/sh", ["./mybin/sh"], 0x7fffcdf87290 /* 39 vars */) = 0 brk(NULL) = 0x2301000 brk(0x23021c0) = 0x23021c0 arch_prctl(ARCH_SET_FS, 0x2301880) = 0 uname({sysname="Linux", nodename="tux6", ...}) = 0 readlink("/proc/self/exe", "/home/f_pelz12/gnu/store/wl2l59l"..., 4096) = 77 brk(0x23231c0) = 0x23231c0 brk(0x2324000) = 0x2324000 readlink("/proc/self/exe", "/home/f_pelz12/gnu/store/wl2l59l"..., 4095) = 77 lstat("/gnu/store/qn1ax1fkj16x280m1rv7mcimfmn9l2pf-bash-4.4.23/bin/sh", 0x7ffd9741c980) = -1 ENOENT (No such file or directory) gettimeofday({tv_sec=1557550876, tv_usec=116037}, NULL) = 0 getpid() = 28923 mkdir("/tmp/guix-exec-ABt7cT", 0700) = 0 stat(".", {st_mode=S_IFDIR|0700, st_size=113, ...}) = 0 stat("/home/f_pelz12", {st_mode=S_IFDIR|0700, st_size=113, ...}) = 0 clone(child_stack=NULL, flags=CLONE_NEWNS|CLONE_NEWUSER|SIGCHLD) = 28924 openat(AT_FDCWD, "/proc/28924/setgroups", O_WRONLY) = 3 write(3, "deny\0", 5) = 5 close(3) = 0 getuid() = 24038 openat(AT_FDCWD, "/proc/28924/uid_map", O_WRONLY) = 3 write(3, "24038 24038 1\n", 14) = 14 close(3) = 0 getgid() = 10004 openat(AT_FDCWD, "/proc/28924/gid_map", O_WRONLY) = 3 write(3, "10004 10004 1\n", 14) = 14 close(3) = 0 wait4(28924, sh: run.c:162: bind_mount: Unexpected error: Permission denied. [{WIFSIGNALED(s) && WTERMSIG(s) == SIGABRT}], 0, NULL) = 28924 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=28924, si_uid=24038, si_status=SIGABRT, si_utime=0, si_stime=0} --- chdir("/") = 0 openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3 fstat(3, {st_mode=S_IFDIR|0700, st_size=25, ...}) = 0 getdents64(3, /* 25 entries */, 131072) = 632 unlink("/tmp/guix-exec-ABt7cT/home") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/home", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 mmap(NULL, 135168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4e71c68000 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 munmap(0x7f4e71c68000, 135168) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/home") = 0 unlink("/tmp/guix-exec-ABt7cT/tmp") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/tmp", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 brk(0x2363000) = 0x2363000 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/tmp") = 0 unlink("/tmp/guix-exec-ABt7cT/mnt") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/mnt", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/mnt") = 0 unlink("/tmp/guix-exec-ABt7cT/sys") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/sys", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/sys") = 0 unlink("/tmp/guix-exec-ABt7cT/libx32") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/libx32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/libx32") = 0 unlink("/tmp/guix-exec-ABt7cT/opt") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/opt", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/opt") = 0 unlink("/tmp/guix-exec-ABt7cT/srv") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/srv", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/srv") = 0 unlink("/tmp/guix-exec-ABt7cT/dev") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/dev", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/dev") = 0 unlink("/tmp/guix-exec-ABt7cT/var") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/var", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/var") = 0 unlink("/tmp/guix-exec-ABt7cT/sbin") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/sbin", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/sbin") = 0 unlink("/tmp/guix-exec-ABt7cT/lib64") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/lib64", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/lib64") = 0 unlink("/tmp/guix-exec-ABt7cT/lib32") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/lib32", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/lib32") = 0 unlink("/tmp/guix-exec-ABt7cT/media") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/media", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/media") = 0 unlink("/tmp/guix-exec-ABt7cT/usr") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/usr", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/usr") = 0 unlink("/tmp/guix-exec-ABt7cT/bin") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/bin", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/bin") = 0 unlink("/tmp/guix-exec-ABt7cT/boot") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/boot", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/boot") = 0 unlink("/tmp/guix-exec-ABt7cT/etc") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/etc", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/etc") = 0 unlink("/tmp/guix-exec-ABt7cT/run") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/run", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/run") = 0 unlink("/tmp/guix-exec-ABt7cT/core") = 0 unlink("/tmp/guix-exec-ABt7cT/snap") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/snap", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/snap") = 0 unlink("/tmp/guix-exec-ABt7cT/lib") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/lib", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/lib") = 0 unlink("/tmp/guix-exec-ABt7cT/proc") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/proc", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/proc") = 0 unlink("/tmp/guix-exec-ABt7cT/root") = -1 EISDIR (Is a directory) openat(AT_FDCWD, "/tmp/guix-exec-ABt7cT/root", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 4 fstat(4, {st_mode=S_IFDIR|0700, st_size=2, ...}) = 0 getdents64(4, /* 2 entries */, 131072) = 48 getdents64(4, /* 0 entries */, 131072) = 0 close(4) = 0 rmdir("/tmp/guix-exec-ABt7cT/root") = 0 getdents64(3, /* 0 entries */, 131072) = 0 close(3) = 0 rmdir("/tmp/guix-exec-ABt7cT") = 0 exit_group(6) = ? +++ exited with 6 +++ Thank you for looking into it! Regards, Florian