flatpak run fails with no /etc/resolv.conf if no session helper #409
Comments
|
Tested the following PR both in my particular (downstream) use case and other regular scenarios: |
mariospr
pushed a commit
to endlessm/flatpak
that referenced
this issue
Nov 23, 2016
…lper When no session helper is available (e.g. running flatpak run from a socket-activated service unit), we need to be extra careful before making these two files appear inside the sandbox. Otherwise, if they are not reachable on the host system (or just symlinks to non-existent targets), flatpak won't be able to create the sandbox, which will fail due to a "No such file or directory error". flatpak/flatpak#409
mariospr
pushed a commit
to endlessm/flatpak
that referenced
this issue
Nov 23, 2016
…lper When no session helper is available (e.g. running flatpak run from a socket-activated service unit), we need to be extra careful before making these two files appear inside the sandbox. Otherwise, if they are not reachable on the host system (or just symlinks to non-existent targets), flatpak won't be able to create the sandbox, which will fail due to a "No such file or directory error". flatpak/flatpak#409 https://phabricator.endlessm.com/T14331
mariospr
pushed a commit
to endlessm/flatpak
that referenced
this issue
Nov 23, 2016
…lper When no session helper is available (e.g. running flatpak run from a socket-activated service unit), we need to be extra careful before making these two files appear inside the sandbox. Otherwise, if they are not reachable on the host system (or just symlinks to non-existent targets), flatpak won't be able to create the sandbox, which will fail due to a "No such file or directory error". flatpak/flatpak#409 https://phabricator.endlessm.com/T14331
alexlarsson
pushed a commit
that referenced
this issue
Nov 25, 2016
…lper When no session helper is available (e.g. running flatpak run from a socket-activated service unit), we need to be extra careful before making these two files appear inside the sandbox. Otherwise, if they are not reachable on the host system (or just symlinks to non-existent targets), flatpak won't be able to create the sandbox, which will fail due to a "No such file or directory error". #409
|
One more PR to address your last comment on the other one: #412 |
rshuler
pushed a commit
to endlessm/flatpak
that referenced
this issue
Dec 2, 2016
…lper When no session helper is available (e.g. running flatpak run from a socket-activated service unit), we need to be extra careful before making these two files appear inside the sandbox. Otherwise, if they are not reachable on the host system (or just symlinks to non-existent targets), flatpak won't be able to create the sandbox, which will fail due to a "No such file or directory error". flatpak/flatpak#409 https://phabricator.endlessm.com/T14331
alexlarsson
pushed a commit
that referenced
this issue
Jan 30, 2017
On unmonitored systems (if the session helper is not available), we currently decide whether to create a symlink or a read-only bind mount for /etc/localtime based on whether that's a symlink in the host or not, but we don't check whether that symlink would be reachable in the sandboxed environment, which might lead to bad situations. This patch adds some extra checks relying on GFile's API to check whether that symlink would be reachable before making the final decision: if it's not, then do a bind mount despite of the file being a symlink in the host. #409
matthiasclasen
pushed a commit
to matthiasclasen/flatpak
that referenced
this issue
Feb 21, 2017
On unmonitored systems (if the session helper is not available), we currently decide whether to create a symlink or a read-only bind mount for /etc/localtime based on whether that's a symlink in the host or not, but we don't check whether that symlink would be reachable in the sandboxed environment, which might lead to bad situations. This patch adds some extra checks relying on GFile's API to check whether that symlink would be reachable before making the final decision: if it's not, then do a bind mount despite of the file being a symlink in the host. flatpak#409
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The bind mount performed for
/etc/resolv->/run/host/monitor/resolv.confwhen no session helper is available will makeflatpak runfail if such a file is not available, with an error like this one:This can be a particularly bad problem when using NetworkManager in a system that hasn't connected to any network yet since the last boot, because NM makes
/etc/resolv.confa symlink to/var/run/NetworkManager/resolv.confand that symlink will be broken until NM connects to some network.Probably not a extremely common use case, as most of the times you'll have the session helper available, but it's particularly problematic with our KA Lite flatpak app because it has to run as a separate user upon socket activation (where the session helper won't be available), and so this means that the app can't be run when totally offline, which kind of defeats the purpose of KA Lite.
The text was updated successfully, but these errors were encountered: