Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[solved] issues with bwrap and musl
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Unsupported Software
View previous topic :: View next topic  
Author Message
darkmagiciangirl
n00b
n00b


Joined: 05 Sep 2020
Posts: 2

PostPosted: Sat Sep 05, 2020 2:39 pm    Post subject: [solved] issues with bwrap and musl Reply with quote

When I run bwrap (sys-apps/bubblewrap-0.4.1::musl) I get the following error:
Code:

$ bwrap --dev-bind / / bash
bwrap: Can't bind mount /oldroot/ on /newroot/: No such file or directory
bwrap: Can't read from privileged_op_socket

Any thoughts on what my issue could be?

I only recently started using gentoo so sorry if I miss some important information or this is the wrong place to ask

Some information about my setup:
platform: arm64
libc: musl (1.1.24)
init: openrc
profile: arm64/17.0/musl/hardened
overlays: musl
fs: ext4

Some things i've tried:

  • I tried another musl based linux distro (alpine) on my device and it doesn't have that error
  • I upgraded musl to 1.2.1 but still had that error. Are there other things that statically link libc that I might need to recompile?
  • As an experiment I did a fresh install of gentoo arm64/glibc with the exact same kernel .config, and I don't get that error. So I think I should have enough things enabled in my kernel
  • Running the command with sudo removes the privileged error but the other one is still there

Thanks


Last edited by darkmagiciangirl on Sun Sep 06, 2020 4:03 am; edited 1 time in total
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5606

PostPosted: Sat Sep 05, 2020 4:28 pm    Post subject: Reply with quote

according to the first error, /oldroot/ or /newroot/ doesn't exists.
do you need to create them?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
darkmagiciangirl
n00b
n00b


Joined: 05 Sep 2020
Posts: 2

PostPosted: Sun Sep 06, 2020 4:03 am    Post subject: Reply with quote

Found a solution! (see for more details: github.com/containers/bubblewrap/issues/387)

So, this is my understanding of the issue. bwrap (Unprivileged sandboxing tool, namespaces-powered chroot-like solution) uses the libc function called realpath. Under the musl implementation it relies on /proc being mounted. Under the glibc implementation it can handle the case where /proc is not mounted. Looks like bwrap assumes the glibc behaviour.

In the github issue above, a patch is linked which implements a fallback mode when no proc is mounted for musl. I just dumped that in my user patches folder, ran emerge, and it no longer has that error.

The patch is quite old (2016), and when I looked at upstream musl, there wasn't a fix for it. This makes me think that maybe the glibc implementation somehow doesn't conform to some standard, and the real fix might need to appear in bwrap itself.

This solution is a bit hacky, but hopefully it can help someone else out.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Unsupported Software All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum