Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Jan 30 14:47
    marquis-ng commented #124
  • Jan 30 08:12
    marquis-ng commented #124
  • Jan 27 14:38

    oxr463 on master

    Add link to usage survey [skip… (compare)

  • Jan 17 14:24
    KimonHoffmann commented #342
  • Jan 17 10:16
    KimonHoffmann commented #342
  • Jan 17 09:07
    avian2 commented #319
  • Jan 16 16:51
    oxr463 milestoned #342
  • Jan 16 16:51
    oxr463 milestoned #342
  • Jan 16 16:50
    oxr463 assigned #342
  • Jan 16 16:50
    oxr463 commented #342
  • Jan 16 15:17
    marzban2030 commented #94
  • Jan 16 15:15
    marzban2030 commented #94
  • Dec 31 2022 18:07
    oxr463 closed #341
  • Dec 31 2022 00:27
    FredericGuilbault opened #341
  • Dec 26 2022 18:15
    m13253 commented #334
  • Oct 29 2022 19:32
    oxr463 commented #339
  • Oct 29 2022 18:06
    oxr463 labeled #338
  • Oct 29 2022 18:06

    oxr463 on master

    Add: faccess2(2) syscall Remove extra tab for PR_faccess… (compare)

  • Oct 29 2022 18:06
    oxr463 closed #338
  • Oct 29 2022 17:34
    oxr463 commented #340
pie_
@jcie74:matrix.org
[m]
oxr463: yeah that was the problem. the tmp dir wasnt readable from the mapped test user uid
so many pieces to all this stuff x)
oxr463
@oxr463:matrix.org
[m]
Yeah, it's complicated
Why use PRoot if you already have root?
I'm curious about the use case
pie_
@jcie74:matrix.org
[m]
I think I dont have a usecase
I realized that about half an hour ago after taking a shower :P
I used to have issues figuring out bind mounts but I might be able to do it now
alternatively, proot is easier to prototype with
oxr463
@oxr463:matrix.org
[m]
Ah alright lol
That's good
pie_
@jcie74:matrix.org
[m]
I think I kind of sort of barely figured out how to use unshare to do the rootless stuff at this point
oxr463
@oxr463:matrix.org
[m]
With that stale PR?
pie_
@jcie74:matrix.org
[m]
Oh no, just in general
pie_
@jcie74:matrix.org
[m]
oxr463: oh wow you actually merged my PR, did you actually check the syscall if it needs any handling on the new argument? :O
I seriously did not expect this to be it
though I guess its possible you are just merging it and then building on it haha
oxr463
@oxr463:matrix.org
[m]
Yep
pie_
@jcie74:matrix.org
[m]
anyway no big deal I'm just surprised my code was good for anything
oxr463
@oxr463:matrix.org
[m]
If it breaks something the we'll just have to fix it later
pie_
@jcie74:matrix.org
[m]
oxr463: your issue commnt just reminded me, I think I was able to strace proot, why?
I did see something about seccomp mode being supported on that given proot
so in that case is ptrace not used?
oxr463
@oxr463:matrix.org
[m]
Ptrace is always used by PRoot
pie_
@jcie74:matrix.org
[m]
hm, not sure what happened there then though I didnt read the output very carefully
oxr463
@oxr463:matrix.org
[m]
Seccomp is a big piece of the puzzle and has caused a lot of issues
pie_
@jcie74:matrix.org
[m]
specifically for stracing though you cant ptrace a ptrace so that shouldnt work
hmmmmm
the other possibility is that strace is using seccomp for tracing, unless i completely misunderstood everything and this isnt even a thing
       --seccomp-bpf
                   Try  to  enable  use  of seccomp-bpf (see seccomp(2)) to have ptrace(2)-stops only when system calls that are being traced occur in the traced processes.  This option has no effect unless -f/--follow-forks is also
                   specified.  --seccomp-bpf is also not applicable to processes attached using -p/--attach option.  An attempt to enable system calls filtering using seccomp-bpf may fail for various reasons, e.g. there are too many
                   system calls to filter, the seccomp API is not available, or strace itself is being traced.  In cases when seccomp-bpf filter setup failed, strace proceeds as usual and stops traced processes on every system call.
I don't 100% understand what this is sayng
it only fails to ptrace processes that are already being ptraced but works otherwise?
oxr463
@oxr463:matrix.org
[m]
Yeah, I think so
pie_
@jcie74:matrix.org
[m]
well that wouldnt help much for proot since its ptracing everything (?)
1 reply
oxr463
@oxr463:matrix.org
[m]
If there is no PTRACE_TRACEME then it won't work
pie_
@jcie74:matrix.org
[m]
you mean for child processes of proot it would work?
(wouldnt proot have to be ptracing all children to work?)
oxr463
@oxr463:matrix.org
[m]
Yes
But if a program doesn't allow ptrace then it won't work
So you can use gdb or strace on PRoot itself... but depends on what runs inside the PRoot if you can ptrace it
pie_
@jcie74:matrix.org
[m]
uhuh
pie_
@jcie74:matrix.org
[m]
oxr463: proot doesnt translate (bind) mount does it?
1 reply
pie_
@jcie74:matrix.org
[m]
well half my problem was I kept messing up a file name, so I did end up solving it with the fake mounts, but I was more wondering if (I really should just check with -v) internal mount --bind could /is be caught and emulated (if that makes sense)
1 reply
pie_
@jcie74:matrix.org
[m]
oxr463: any idea what will break when trying to use proot on a 2.6.32 kernel? (2013 build)
1 reply
oxr463: another suggestion: allow specifying a file to output -v output to
pie_
@jcie74:matrix.org
[m]
proot info: vpid 47: translate("/" + "/nix/store/ga9q4ikprn36wm32gqm4k521iv9kic5p-libsodium-1.0.18/lib/libsodium.so.23")
proot info: vpid 47:          -> "/Lustre01/home/qosnebc/pls/store/ga9q4ikprn36wm32gqm4k521iv9kic5p-libsodium-1.0.18/lib/libsodium.so.23.3.0"
proot info: vpid 47: sysenter start: read(0x3, 0x7fff0e468db8, 0x340, 0x0, 0x7fff0e468d9f, 0x0) = 0xffffffffffffffda [0x7fff0e468ad8, 0]
proot info: vpid 47: sysenter start: newfstatat(0x3, 0x6f0000028954, 0x7fff0e468c40, 0x1000, 0x7f911fecdf30, 0x6f0000033220) = 0xffffffffffffffda [0x7fff0e468bb8, 0]
proot info: vpid 47: sysenter start: close(0x3, 0x6f0000028954, 0x7fff0e468c40, 0x1000, 0x7f911fecdf30, 0x6f0000033220) = 0xffffffffffffffda [0x7fff0e468bb8, 0]
proot info: vpid 47: sysenter start: writev(0x2, 0x7fff0e468900, 0xa, 0x20, 0x7fff0e468d48, 0x7f911fecdf30) = 0xffffffffffffffda [0x7fff0e4688c0, 0]
/nix/store/xdlpraypxdimjyfrr4k06narrv8nmfgh-nix-2.11.1/bin/nix-store: error while loading shared libraries: libsodium.so.23: cannot stat shared object: Invalid argument
proot info: vpid 47: sysenter start: exit_group(0x7f, 0x3c, 0x7f, 0x20, 0xe7, 0x7f911fecdf30) = 0xffffffffffffffda [0x7fff0e468d38, 0]
proot info: vpid 47: exited with status 127
Does that make any sense to you?
Well, I guess it's not really a proot issue;
$ LD_LIBRARY_PATH=pls/store/ga9q4ikprn36wm32gqm4k521iv9kic5p-libsodium-1.0.18/lib/ pls/store/scd5n7xsn0hh0lvhhnycr9gx0h8xfzsl-glibc-2.34-210/lib64/ld-linux-x86-64.so.2 pls/store/xdlpraypxdimjyfrr4k06narrv8nmfgh-nix-2.11.1/bin/nix-store
pls/store/xdlpraypxdimjyfrr4k06narrv8nmfgh-nix-2.11.1/bin/nix-store: error while loading shared libraries: libsodium.so.23: cannot stat shared object: Invalid argument
oxr463
@oxr463:matrix.org
[m]
Like a verbose log file?
pie_
@jcie74:matrix.org
[m]
also reasonable