Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Installing php in the sandbox or making host php command accessible #22

Closed
david-gr opened this issue Oct 27, 2018 · 18 comments

Comments

@david-gr
Copy link

@david-gr david-gr commented Oct 27, 2018

Hello,

I have installed some extensions that need php to work (PHP IntelliSense and Code Runner) but is not available in the sandbox.

I have seen #14 and #21 threads but i have found no solution to my problem.

I tried to document-export my host php file and i can read it from the vscode terminal, but i can't run it and i can't change permissions of the file to add the execute permission (php.validate.executablePath and php.executablePath are set). I get Error spawning PHP: spawn EACCES

Is there any way to install php inside the vscode sandbox from the terminal (or any other way)?
Is there any way of making the host php command accessible within the app?
Any other way of making this work?

Thank you.

OS: Linux Mint 19

@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Oct 27, 2018

Try /run/host/usr/bin/php inside the sandbox?

@david-gr

This comment has been minimized.

Copy link
Author

@david-gr david-gr commented Oct 27, 2018

Yes,

sh-4.3$ /run/host/usr/bin/php -v
sh: /run/host/usr/bin/php: No such file or directory

And trying with the specific version the php command is pointing to:

sh-4.3$ /run/host/usr/bin/php7.2 -v
/run/host/usr/bin/php7.2: error while loading shared libraries: libargon2.so.0: cannot open shared object file: No such file or directory

And after "document-exporting" it:

sh-4.3$ /run/user/1000/doc/e05cc2f0/php7.2 -v
sh: /run/user/1000/doc/e05cc2f0/php7.2: Permission denied
sh-4.3$ chmod +x /run/user/1000/doc/e05cc2f0/php7.2
chmod: changing permissions of '/run/user/1000/doc/e05cc2f0/php7.2': Permission denied
sh-4.3$  sudo chmod +x /run/user/1000/doc/e05cc2f0/php7.2
sh: sudo: command not found

In the flatpak docs you can find (link):

As mentioned above the host option does not actually provide complete access to the host filesystem. > The main rules are:

These directories are blacklisted: /lib, /lib32, /lib64, /bin, /sbin, /usr, /boot, /root, /tmp, /etc, /app, /run, /proc, /sys, /dev, /var
Exceptions from the blacklist: /run/media
These directories are mounted under /var/run/host: /etc, /usr

@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Oct 28, 2018

Alright, therefore you can run LD_LIBRARY_PATH=/run/host/usr/lib:/run/host/usr/lib64 /run/host/usr/bin/php7.2 to indicate the path of the shared libraries needed by PHP.

@david-gr

This comment has been minimized.

Copy link
Author

@david-gr david-gr commented Oct 28, 2018

Thank you for your help @amtlib-dot-dll

I'm not sure i'm doing this right.

If i run (same with sudo):

flatpak override --user --env=LD_LIBRARY_PATH=/run/host/usr/lib:/run/host/usr/lib64 /run/host/usr/bin/php7.2
error: '/run/host/usr/bin/php7.2' no es un nombre de aplicación valido: Name can't start with /

I have tried with this:

sudo flatpak override --user --env=LD_LIBRARY_PATH=/run/host/usr/lib:/run/host/usr/lib64:/run/host/usr/bin

but i still get the same:

sh-4.3$ echo $LD_LIBRARY_PATH
/run/host/usr/lib:/run/host/usr/lib64:/run/host/usr/bin
sh-4.3$ php -v
sh: php: command not found
sh-4.3$ php7.2 -v
sh: php7.2: command not found
sh-4.3$ /run/host/usr/bin/php -v
sh: /run/host/usr/bin/php: No such file or directory
sh-4.3$ /run/host/usr/bin/php7.2 -v
/run/host/usr/bin/php7.2: error while loading shared libraries: libargon2.so.0: cannot open shared object file: No such file or directory

Anyway i have checked it and there is no lib64 (same result in host)

sh-4.3$ ls /run/host/usr/
bin  games  include  lib  local  sbin  share  src
sh-4.3$
@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Oct 28, 2018

Okay, may I ask you where is the required library file in your host system? That is, may you paste the output of these two commands here?

  • ldd /run/host/usr/bin/php7.2 (run this command inside the sandbox)
  • ldd /usr/bin/php7.2 (run this command outside the sandbox)

Or, just open a terminal in Visual Studio Code, and type export LD_LIBRARY_PATH=/run/host/usr/lib; /run/host/usr/bin/php7.2 --version, see what happens.

@david-gr

This comment has been minimized.

Copy link
Author

@david-gr david-gr commented Oct 28, 2018

Inside the sandbox:

sh-4.3$ ldd /run/host/usr/bin/php7.2
/run/host/usr/bin/php7.2: /lib/libc.so.6: version `GLIBC_2.25' not found (required by /run/host/usr/bin/php7.2)
/run/host/usr/bin/php7.2: /lib/libc.so.6: version `GLIBC_2.27' not found (required by /run/host/usr/bin/php7.2)
        linux-vdso.so.1 (0x00007ffd16f09000)
        libargon2.so.0 => not found
        libresolv.so.2 => /lib/libresolv.so.2 (0x00007fccbc31d000)
        libz.so.1 => /lib/libz.so.1 (0x00007fccbc107000)
        libpcre.so.3 => not found
        libm.so.6 => /lib/libm.so.6 (0x00007fccbbe03000)
        libdl.so.2 => /lib/libdl.so.2 (0x00007fccbbbff000)
        libxml2.so.2 => /lib/libxml2.so.2 (0x00007fccbb8a8000)
        libssl.so.1.1 => not found
        libcrypto.so.1.1 => not found
        libsodium.so.23 => not found
        libc.so.6 => /lib/libc.so.6 (0x00007fccbb50a000)
        /lib64/ld-linux-x86-64.so.2 (0x00007fccbc534000)

Outside:

ldd /usr/bin/php7.2
	linux-vdso.so.1 (0x00007ffe513cc000)
	libargon2.so.0 => /usr/lib/x86_64-linux-gnu/libargon2.so.0 (0x00007f9ec461a000)
	libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007f9ec43ff000)
	libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f9ec41e2000)
	libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f9ec3f70000)
	libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f9ec3bd2000)
	libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9ec39ce000)
	libxml2.so.2 => /usr/lib/x86_64-linux-gnu/libxml2.so.2 (0x00007f9ec360d000)
	libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9ec33a3000)
	libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9ec2f2b000)
	libsodium.so.23 => /usr/lib/x86_64-linux-gnu/libsodium.so.23 (0x00007f9ec2cda000)
	libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9ec28e9000)
	libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9ec26ca000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f9ec4eeb000)
	libicuuc.so.60 => /usr/lib/x86_64-linux-gnu/libicuuc.so.60 (0x00007f9ec2313000)
	liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f9ec20ed000)
	libicudata.so.60 => /usr/lib/x86_64-linux-gnu/libicudata.so.60 (0x00007f9ec0544000)
	libstdc++.so.6 => /usr/lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f9ec01bb000)
	libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f9ebffa3000)
@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Oct 28, 2018

Alright, export LD_LIBRARY_PATH=/run/host/usr/lib/x86_64-linux-gnu; /run/host/usr/bin/php7.2 --version would help, or fail with a different error 👀

@david-gr

This comment has been minimized.

Copy link
Author

@david-gr david-gr commented Oct 28, 2018

sh-4.3$ export LD_LIBRARY_PATH=/run/host/usr/lib/x86_64-linux-gnu; /run/host/usr/bin/php7.2 --version
/run/host/usr/bin/php7.2: error while loading shared libraries: libpcre.so.3: cannot open shared object file: No such file or directory

😕

@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Oct 28, 2018

Aha, that should be expected 🤔 as the /lib directory is in no way accessible inside the sandbox. Unfortunately you are using a distribution where /lib and /usr/lib is not the same one

@G-Ray

This comment has been minimized.

Copy link

@G-Ray G-Ray commented Nov 8, 2018

Is there a way to totally ignore the sandbox model from flatpak ? vscode and extensions often need to access hosts files.

@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Nov 8, 2018

@G-Ray You may try running /var/lib/flatpak/apps/com.visualstudio.code.oss/current/active/files/share/code-oss/code-oss directly. 🤔


By the way, which files do you want to access beyond the sandbox?

@G-Ray

This comment has been minimized.

Copy link

@G-Ray G-Ray commented Nov 8, 2018

Yeah nice solution I guess ahah. I like to use the terminal to run my npm scripts, so I would need to have access to my nodejs install

@amtlib-dot-dll

This comment has been minimized.

Copy link
Collaborator

@amtlib-dot-dll amtlib-dot-dll commented Nov 8, 2018

@G-Ray

Yeah nice solution I guess ahah. I like to use the terminal to run my npm scripts, so I would need to have access to my nodejs install

If your installation is located under /home, it can be easily accessed; if it is located under /usr or /opt, you can find it under /run/host inside the sandbox. The only exception is that some executables depend on shared libraries which are located under /lib on distributions in which /lib is not a symbolic link to /usr/lib, and thus inaccessible as in this issue.

@EvanWashkow

This comment has been minimized.

Copy link

@EvanWashkow EvanWashkow commented Jan 29, 2019

@G-Ray @amtlib-dot-dll

I fought this forever, until I read this little line on http://docs.flatpak.org/en/latest/sandbox-permissions.html:

  • These directories are blacklisted: /lib, /lib32, /lib64, /bin, /sbin, /usr, /boot, /root, /tmp, /etc, /app, /run, /proc, /sys, /dev, /var
  • These directories are mounted under /var/run/host: /etc, /usr

I tried this in VirtualBox (host is Manjaro), and it worked for me! Here are the steps I did, below:

  1. Installed PHP via sudo dnf install php
  2. Installed Visual Studio Code via FlatHub (doesn't matter if it's OSS or not)
  3. Search for setting "PHP > Validate: Executable Path"
  4. Use the link to edit the User Settings JSON file
  5. Set "php.validate.executablePath": "/var/run/host/usr/bin/php"

Note: You do not have to use any Flatpak commands to edit any options of Code. It just works!!

I think I'm going to drop Manjaro and install Fedora, now. This was a deal-killer for me before.

@tomsotte

This comment has been minimized.

Copy link

@tomsotte tomsotte commented Apr 20, 2019

@EvanWashkow

I'm on Fedora too, Workstation 29 x64, but I couldn't make it work as easy as you said. I've installed PHP via dnf, but when I try to run PHP via terminal it goes as the previous post, it cannot access shared libs:

sh-4.3$ /var/run/host/usr/bin/php
/var/run/host/usr/bin/php: error while loading shared libraries: libargon2.so.0: cannot open shared object file: No such file or directory
@TingPing

This comment has been minimized.

Copy link
Member

@TingPing TingPing commented Apr 21, 2019

This issue has gone completely off the rails. You can't run host things in the sandbox that is nonsensical.

There is one and only one way to run a host tool from the sandbox (by escaping it):

flatpak override --user --talk-name=org.freedesktop.Flatpak com.visualstudio.code.oss

Then in the sandbox flatpak-spawn --host php (or any tool).

@TingPing TingPing closed this Apr 21, 2019
@tomsotte

This comment has been minimized.

Copy link

@tomsotte tomsotte commented Apr 21, 2019

Thanks a lot, it seems to work now.

As a follow up to your answer, I had to add a file with the flatpak-spawn command to use it as an executable path, as required by some extensions.

For example I made the file flatpak-php in /home/user/bin and gave it execution permission via chmod +x.

#!/usr/bin/env sh
flatpak-spawn --host php "$@"

And then added the path in the JSON Settings of VS Code like this:

"php.validate.executablePath": "/home/user/bin/flatpak-php"
@stobbsm

This comment has been minimized.

Copy link

@stobbsm stobbsm commented Jun 26, 2019

I have a pull request open to add php 7.3 as an SDK item like dotnet. You can always pull that and build it for your use until it's accepted (not sure what the holdup is, tbh).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
7 participants
You can’t perform that action at this time.