crouton
crouton copied to clipboard
dnschneid
crouton-installer-cache can't open; unable to setup any chroot
Please paste the output of the following command here: sudo edit-chroot -all
_Output of above command_
`sudo: edit-chroot: command not found`
Please describe your issue:
I have enabled devloper mode, and have got a password and access to sudo and have been using ctrl-alt-t to access crosh, typing in shell and then executing sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton. Additionally i have made sure that i have the newest crouton version.
Every time i try to setup a chroot, before i can even get it to begin installing packages, i keep getting this error, for kali-rolling, but i have sinced tried all the other supported distros and i keep getting the same error
**$** sudo crouton -r kali-rolling -t core,x11,xorg,xiwi,extension,xfce,audio
WARNING: USB booting is enabled; consider disabling it.
WARNING: Signed boot verification is disabled; consider enabling it.
You can use the following command: sudo crossystem dev_boot_usb=0 dev_boot_signed_only=1
Installing kali-rolling-amd64 chroot to /usr/local/chroots/kali-rolling
/tmp/crouton-installer-cache/crouton: 634: .: Can't open /tmp/crouton-installer-cache/crouton.YUM/installer/kali/bootstrap
The YUM is always a random 3 characters and this is consistent for every distro i try to setup a chroot for. How do i fix this.
If known, describe the steps to reproduce the issue:
See above.
not clear what you doing it appears to be cut and paste unless you changes the scripts Installing kali-rolling-amd64 chroot to /usr/local/chroots/kali-rolling this is not happening
it not installed in /usr/local/bin/ the crouton installs these files on a successful target install
Please paste the output of the following command here: sudo edit-chroot -all
Output of above command
sudo: edit-chroot: command not found
So I've been trying for hours to get kali-rolling working after power washed etc. This error only happens for me when in Beta or Dev channel. When ChromeOS is in Stable it installs fine.
However I still cannot get X to start because of #4717 . I got it once to randomly start with xiwi, but never again even without changing anything.
Ok, so it looks like startxfce4 -X xiwi works consistently on Stable, but if you ever try start without Xiwi it doesn't work and breaks Xiwi boots as well until you fully restart the Chromebook (sign out not sufficient).
This issue is caused by ChromeOS 106 now mounting tmpfs directories with options "nosymfollow". You can fix this in the crouton script by adding "symfollow" to the CACHEDIR mount:
Ensure the cache directory is marked as exec. For reasoning, see:
https://chromium.googlesource.com/chromiumos/docs/+/master/security/noexec_shell_scripts.md
if ! mountpoint -q "$CACHEDIR"; then
if ! mount --bind "$CACHEDIR" "$CACHEDIR"
|| ! mount -o remount,exec,symfollow "$CACHEDIR"; then
echo "Unable to change permissions of the cache directory." >&2
fi
fi
This bug also propagates into the mounted chroot causing 'Too many symlinks' errors when installing packages with apt. You can add a similar command in /etc/rc.local of the chroot to fixup the /tmp directory to allow symlinks.
Sounds like crouton needs to be updated. Could you please propose a patch?
When was the symfollow option introduced? We might need to brute-force and try both with symfollow and without it so that EOL devices don't have issues.
It seems that the change was just introduced 2 weeks ago: upstart: Apply nosymfollow to /tmp
Here is my thought on this:
if (grep "^tmpfs /tmp tmpfs" | grep -q "nosymfollow") < /proc/mounts; then
mount -o remount,symfollow /tmp
fi
Could be simplified, but that seems right. Do any of the crouton mounts suffer the same issue, or is it just /tmp?
if grep -q '^tmpfs /tmp .*nosymfollow' /proc/mounts; then
mount -o remount,symfollow /tmp
fi
Try installing using CROUTON_BRANCH=slowpoke_fixes crouton and let me know if things work
I can confirm a few random things.
- remount cmd on /tmp (in chroot) allowed me to apt-get update/upgrade/install there (worked until reboot)
- remount /tmp/crouton-installer-cache (in crosh) allowed me to crouton -u my install (no missing script errors anymore)
Both were without the CROUTON_BRANCH env- is there a way to test that? Perhaps reboot, confirm update is broken then use that env to confirm fix?
Thanks!
just got the lasted chromeos update on my machine now have linux for chomeos sudo mount -o remount,symfollow,exec /tmp sudo mount -o remount,symfollow,exec /media/removable/sd*
seem to be working for me. lenovo mediatek chromebook my fork jammy installs
when you update the chroot it shell wants the password for the chroot
@domohawk yep, that's right. If you run the remounts yourself, then the old crouton will still work. If you reboot and try crouton without running the remount commands, only the slowpoke_fixes crouton version will work (hopefully).
@dnschneid I can confirm that CROUTON_BRANCH appears to fix apt-get update and install inside chroot, but crouton -u still does not work.
CROUTON_BRANCH=slowpoke_fixes sudo crouton -u -n kali Password: Downloading latest crouton installer... ################################################################################################################################### 100.0% /usr/local/chroots/kali already exists; updating it... Enter encryption passphrase for kali: /bin/sh: 0: Can't open /tmp/crouton-installer-cache/crouton.UMC/installer/debian/getrelease.sh /bin/sh: 0: Can't open /tmp/crouton-installer-cache/crouton.UMC/installer/kali/getrelease.sh Unable to determine the release in /usr/local/chroots/kali. Please specify it with -r.
mount -o remount,exec,symfollow /tmp/crouton-installer-cache is still required to get that working.
sudo needs to go before the env change, since the sudo command sanitizes the environment before launching the command (I should have been more specific, my bad).
sudo CROUTON_BRANCH=slowpoke_fixes crouton -u -n kali
Egg on my face. I should've figured already knowing PATH issues with sudo.
Actually after making it back to civilization, I tried the correctly env'd command to use slowpoke-fixes and it still does not seem to fix the /tmp/crouton-installer-cache mount flags. apt-get install inside chroot still seems happy.
chronos@localhost / $ mount | grep crouton chronos@localhost / $ sudo CROUTON_BRANCH=slowpoke_fixes crouton -u -n kali Password: Downloading latest crouton-slowpoke_fixes installer... ################################################################################################################################### 100.0% /usr/local/chroots/kali already exists; updating it... Enter encryption passphrase for kali: /bin/sh: 0: Can't open /tmp/crouton-installer-cache/crouton-slowpoke_fixes.PED/installer/debian/getrelease.sh /bin/sh: 0: Can't open /tmp/crouton-installer-cache/crouton-slowpoke_fixes.PED/installer/kali/getrelease.sh Unable to determine the release in /usr/local/chroots/kali. Please specify it with -r. chronos@localhost / $ mount | grep crouton tmpfs on /tmp/crouton-installer-cache type tmpfs (rw,nosuid,nodev,relatime,nosymfollow,seclabel) chronos@localhost / $ sudo mount -o remount,exec,symfollow /tmp/crouton-installer-cache chronos@localhost / $ sudo CROUTON_BRANCH=slowpoke_fixes crouton -u -n kali ... (updates fine)
Ohh okay, that output helps a lot. It's failing at getrelease.sh, which is run well before the code for remounting symfollow. I'll have to look at the various codepaths and come up with a reasonable fix.
edit: it's not actually that. The indirect wrapper isn't remounting symfollow. I may need to make the main script detect the situation as well. Alternatively: don't use symlinks in the installer?
Alright, hopefully the latest version of slowpoke_fixes works. Please give it a shot when you get the chance.
This update works for me
chronos@localhost / $ sudo CROUTON_BRANCH=slowpoke_fixes crouton -u -n kali
(cool update stuff happens)
chronos@localhost / $ mount | grep crouton
tmpfs on /tmp/crouton-installer-cache type tmpfs (rw,nosuid,nodev,relatime,nosymfollow,seclabel)
Looking at the mount output I actually have no idea why it works since it's still nosym, Thats all pre-chroot. In chroot as i'm typing it seems all good:
localhost {~} 306 $ mount | grep crout
/mnt/stateful_partition/crouton/chroots/kali on / type ecryptfs (rw,relatime,ecryptfs_fnek_sig=1118a4162a5bcb42,ecryptfs_sig=7f13c917a9761cd3,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs)
Awesome, thanks for confirming. It works because I got rid of the symlinks inside the installer, so it's fine even with nosymfollow. I didn't see a good way of changing the mount settings without either some weird heuristics in the main installer (which does not play with the installer mount) or modifying the indirect downloader script (what you get from the fd3zc url), which some people may have permanently downloaded and thus not get the fix.
Anyway, I'll merge this in and then things will be less terribly broken.
Slowpoke_fixes doesn't work for me...
sudo CROUTON_BRANCH=slowpoke_fixes crouton -t xfce -e -r bookworm
Gives me:
Downloading latest crouton-slowpoke_fixes installer...
-=O=- # # # #
/tmp/crouton-installer-cache/crouton-slowpoke_fixes: 8: /tmp/crouton-installer-cache/crouton-slowpoke_fixes: Syntax error: newline unexpected
Am I doing it wrong?
slowpoke_fixes branch is gone; the changes have been merged into the main crouton installer. Just use crouton like normal and if that doesn't fix things for you, please open a new bug.
It's not a new bug (I think) as I was linked here from Debootstrap Error #4824, the same command and error output I'm dealing with. However, the solutions there or here do not fix my problem. Should I open a new bug for that or no?
Yeah, go ahead and post a new bug, and include details, console output, etc. Worst case it gets closed as duplicate somehow, but if you're still seeing old bugs with new crouton then something isn't fixed.