nsdo
nsdo copied to clipboard
ausbin
Added slave propagation to mountns which allows snaps to function.
This is great, thanks for working on this.
I was having a problem #12 that snap wipes out my mount namespaces when I run e.g. snap Firefox in nsdo. I just tried this PR, and I'm still having that problem. Is this PR moreso for fixing snapd failing to start, or something like that?
Yeah this allows snaps to start, but you're right that the snap doesn't pick up the nsdo mount ns. Have not solved that one. It will for example screw up your DNS.
On Thu, Jun 16, 2022, 7:38 AM Austin Adams @.***> wrote:
This is great, thanks for working on this.
I was having a problem #12 https://github.com/ausbin/nsdo/issues/12 that snap wipes out my mount namespaces when I run e.g. snap Firefox in nsdo. I just tried this PR, and I'm still having that problem. Is this PR moreso for fixing snapd failing to start, or something like that?
— Reply to this email directly, view it on GitHub https://github.com/ausbin/nsdo/pull/11#issuecomment-1157808574, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASFD42NAJ77CWW7GPP3B6O3VPNC5ZANCNFSM5V3O3FBQ . You are receiving this because you authored the thread.Message ID: @.***>
I opened a thread here, let's see what happens: https://forum.snapcraft.io/t/snaps-interfere-with-mount-namespaces/30512
But for this issue: would you mind sharing some steps to reproduce? Sorry, not trying to be annoying, but I'm curious and want to learn more about these things
If you open Firefox and then open a file in /etc that's supposed to be shadowed, you'll see that you get the main /etc time instead.
On Thu, Jun 16, 2022, 3:13 PM Austin Adams @.***> wrote:
I opened a thread here, let's see what happens: https://forum.snapcraft.io/t/snaps-interfere-with-mount-namespaces/30512
But for this issue: would you mind sharing some steps to reproduce? Sorry, not trying to be annoying, but I'm curious and want to learn more about these things
— Reply to this email directly, view it on GitHub https://github.com/ausbin/nsdo/pull/11#issuecomment-1158249062, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASFD42MEWOUPPJNFOE2PKGLVPOYJDANCNFSM5V3O3FBQ . You are receiving this because you authored the thread.Message ID: @.***>
Forgive me for my slow responses sir, what are the steps to reproduce the problem this is fixing?
Is it starting snapd before or after the netns@X unit? I'm new to snaps and very curious
I'm not sure it matters when snapd starts. When you run a snap it creates a new mount namespace at that time and it does not include the nsdo mount namespace. Here's how I can reproduce:
- Start firefox via nsdo.
- Open a file that is supposed to be shadowed, e.g. file:///etc/hosts
- You will get the main FS version instead of the netns version.
B
On Fri, Jul 8, 2022 at 9:51 AM Austin Adams @.***> wrote:
Forgive me for my slow responses sir, what are the steps to reproduce the problem this is fixing?
Is it starting snapd before or after the @.*** unit? I'm new to snaps and very curious
— Reply to this email directly, view it on GitHub https://github.com/ausbin/nsdo/pull/11#issuecomment-1179076581, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASFD42NRTNOXMO3RDFTVKUDVTA57BANCNFSM5V3O3FBQ . You are receiving this because you authored the thread.Message ID: @.***>
No, that is still an outstanding issue that I have not figured out how to deal with. I tried changing the propagation but that caused other problems.
B
On Fri, Jul 8, 2022 at 10:05 AM Austin Adams @.***> wrote:
Oh wow, so this PR fixes that? Or are we talking about something different?
— Reply to this email directly, view it on GitHub https://github.com/ausbin/nsdo/pull/11#issuecomment-1179091143, or unsubscribe https://github.com/notifications/unsubscribe-auth/ASFD42OL5HEDXG75RR2MJG3VTA7T5ANCNFSM5V3O3FBQ . You are receiving this because you authored the thread.Message ID: @.***>