I upgraded from LXD 3.9 (installed via DEB) to 4.0 (installed via SNAP) and now proot in the container is not working anymore.
I always get a signal 31.
To test:
create an Ubuntu 18.04 container
go into containers bash
install proot and build-essential
make a minimal helloworld.cpp in a test folder and compile it with g++ --static
export PROOT_NO_SECCOMP=1
execute proot -v 1 -w / -r /root/test/ ./a.out
I get
proot info: binding = /root/test:/
proot info: exe = /a.out
proot info: argv = ./a.out
proot info: initial cwd = /
proot info: verbose level = 1
proot info: pid 344: access to "/dev/pts/2" (fd 0) won't be translated until closed
proot info: pid 344: access to "/dev/pts/2" (fd 1) won't be translated until closed
proot info: pid 344: access to "/dev/pts/2" (fd 2) won't be translated until closed
proot info: pid 344: access to "/proc/344/fd" (fd 3) won't be translated until closed
proot info: pid 345: terminated with signal 31
On my LXD 3.9, this was working.
What changed?
Is there a solution?
Thanks
Mike
simos
(Simos Xenitellis)
November 25, 2020, 5:20pm
2
Hi!
I cannot replicate on LXD 4.8 (snap package, Ubuntu host). Here is what I do.
$ lxc launch ubuntu:18.04 proot
Creating proot
Starting proot
$ lxc shell proot
root@proot:~# mkdir /tmp/proot/
root@proot:~# file /bin/busybox
/bin/busybox: ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, for GNU/Linux 3.2.0, BuildID[sha1]=fd704543e094ebb1d02668d9a79666e7955b65e8, stripped
root@proot:~# cp /bin/busybox /tmp/proot/
root@proot:~# proot -v 1 -w / -r /tmp/proot/ ./busybox
proot info: binding = /tmp/proot:/
proot info: exe = /busybox
proot info: argv = ./busybox
proot info: initial cwd = /
proot info: verbose level = 1
proot info: pid 5948: access to "/dev/pts/0" (fd 0) won't be translated until closed
proot info: pid 5948: access to "/dev/pts/0" (fd 1) won't be translated until closed
proot info: pid 5948: access to "/dev/pts/0" (fd 2) won't be translated until closed
proot info: pid 5948: access to "/proc/5948/fd" (fd 3) won't be translated until closed
BusyBox v1.27.2 (Ubuntu 1:1.27.2-2ubuntu3.3) multi-call binary.
BusyBox is copyrighted by many authors between 1998-2015.
Licensed under GPLv2. See source distribution for detailed
copyright notices.
Usage: busybox [function [arguments]...]
...
I also tested with a C++ statically compiled helloworld program.
@simos
Thanks, that was helpful. I have a locally built LXD snap 4.8 built by Snapcraft and never tried the store one.
Here my observations:
If I install it using
sudo snap install lxd_4.8_amd64.snap --devmode --dangerous
this leads to the proot error described.
If I install it by omitting the --devmode
and do the snap alias and connect by hand, it works fine:
sudo snap install lxd_4.8_amd64.snap --dangerous
sudo snap alias lxd.lxc lxc
sudo snap connect lxd:lxd-support
sudo snap connect lxd:system-observe
Could someone at your side please explain what is happening and why the two ways differ in regard to proot?
Thanks
Mike
simos
(Simos Xenitellis)
November 26, 2020, 1:35pm
4
There is an LXD interface (snap parlance), and you need to manually connect your LXD snap package to it. Your snap does not have it by default, hence the issue.
Edit: here it is, https://snapcraft.io/docs/lxd-interface It looks like this interface does not do tremendous stuff. I am probably wrong here.