From debbugs-submit-bounces@debbugs.gnu.org Sun Jan 29 16:58:59 2023 Received: (at submit) by debbugs.gnu.org; 29 Jan 2023 21:58:59 +0000 Received: from localhost ([127.0.0.1]:45495 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pMFhT-0003fK-EC for submit@debbugs.gnu.org; Sun, 29 Jan 2023 16:58:59 -0500 Received: from lists.gnu.org ([209.51.188.17]:38036) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pMFhR-0003fC-NR for submit@debbugs.gnu.org; Sun, 29 Jan 2023 16:58:58 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMFhR-0007jQ-CR for bug-guix@gnu.org; Sun, 29 Jan 2023 16:58:57 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMFhR-0007Vt-3k for bug-guix@gnu.org; Sun, 29 Jan 2023 16:58:57 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:Subject:To:From:in-reply-to: references; bh=0SDqQJO8/CXOjGgIcpXlfp4VA4Q36S9sw4QvIoBupjU=; b=VICZyfF/NxsOfR KvaIuNgXTRDSdAsC6BlA/sBIYMd8Jd2srzKaiFOFMgBaRsrWM3xG8kiBXE4UUNiQeVk+5trYNHVRO aEAsqwTSDksvxvKjm+LQsc5grud4ytNjntapzY9+9yOH7iwL+KKThmf9+hhaS0jxQss6jjSgiJwjw 5N9cqvcU69tP4xfH6m7fLLG58azXGY4qzUYSt8rN/MY4UWLQo5vBap7gIGJiQYnyy4FUU6ARMxICo tXxGc3bpVDhiKDOqbA+bD37K9chqFnjohAwDRv0zFDsYA/VP2fe/Ktb5aK2S3lOTFjQjaark3B9uL 3cC5MzI0hppBWTF5Zafw==; Received: from 91-160-117-201.subs.proxad.net ([91.160.117.201] helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pMFhQ-0006PS-Ey for bug-guix@gnu.org; Sun, 29 Jan 2023 16:58:56 -0500 From: =?utf-8?Q?Ludovic_Court=C3=A8s?= To: bug-guix@gnu.org Subject: =?utf-8?Q?=E2=80=98guix?= container =?utf-8?Q?exec=E2=80=99?= does not actually change PID namespaces X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: =?utf-8?Q?D=C3=A9cadi?= 10 =?utf-8?Q?Pluvi=C3=B4se?= an 231 de la =?utf-8?Q?R=C3=A9volution=2C?= jour de la =?utf-8?Q?Cogn=C3=A9e?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Sun, 29 Jan 2023 22:58:54 +0100 Message-ID: <87edrd2eap.fsf@inria.fr> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Currently, when a Guix program runs in separate user, mount, and PID namespaces (for example via (guix least-authority)), =E2=80=98guix container exec=E2=80=99 fails badly: guix container exec 10652 /gnu/store/720rj90bch716isd8z7lcwrnvz28ap4y-bas= h-static-5.1.8/bin/sh guix container: error: process terminated with signal 11 or, similarly: nsenter --preserve-credentials -U -m -t 10652 -m -U -p -F /gnu/store/720= rj90bch716isd8z7lcwrnvz28ap4y-bash-static-5.1.8/bin/sh Segmentation fault Stracing reveals that the child process segfaults immediately after attempting to read /proc/self/exe: 14111 readlink("/proc/self/exe", 0x7ffccefa29c0, 4096) =3D -1 ENOENT (No = such file or directory) 14111 --- SIGSEGV {si_signo=3DSIGSEGV, si_code=3DSEGV_MAPERR, si_addr=3D0= xffffffffffffffff} --- The segfault is due to . But why isn=E2=80=99t /proc visible in the first place? It *is* definitely mounted within that process=E2=80=99s namespace, as confirmed here: $ ls -ld /proc/10652/root/proc dr-xr-xr-x 326 root root 0 Jan 29 21:55 /proc/10652/root/proc/ The reason is that calling setns(2) on a PID namespace =E2=80=9Cchanges onl= y the PID namespace that subsequently created child processes of the caller will be placed in; it does not change the PID namespace of the caller itself.=E2=80=9D This is why removing =E2=80=98-F=E2=80=99 in the =E2=80=98nsenter=E2=80=99 = command line above solves the problem. Conclusion: =E2=80=99container-excursion=E2=80=99 should fork so that the P= ID namespace change takes effect. Ludo=E2=80=99.