Hello,
since a recent update (I'm on 20211111 right now), if I try to start a
flatpak, and tukit is "doing something", I get the following:
bwrap: Can't bind mount /oldroot/tmp on /newroot/tmp: Unable to mount source on destination: Operation not permitted
error: Failed to sync with dbus proxy
And the app does not start.
After some investigations, this seems to me to be related to some
issues with /tmp (with the dbus line being a red-herring).
This is easily reproducible by doing the following:
$ sudo tukit --continue execute /bin/bash
And then, in another terminal:
$ flatpak run org.mozilla.firefox
If I do (with the tukit session still open):
$ mount |grep tmp
devtmpfs on /dev type devtmpfs (rw,nosuid,size=3035576k,nr_inodes=758894,mode=755,inode64)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,size=3047112k,nr_inodes=761778,inode64)
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=1218848k,nr_inodes=819200,mode=755,inode64)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,size=3047112k,nr_inodes=409600,inode64)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=609400k,nr_inodes=152350,mode=700,uid=1000,gid=100,inode64)
/dev/vda2 on /tmp/transactional-update-tNCyHK type btrfs (rw,relatime,space_cache,subvolid=326,subvol=/@/.snapshots/10/snapshot)
devtmpfs on /tmp/transactional-update-tNCyHK/dev type devtmpfs (rw,nosuid,size=3035576k,nr_inodes=758894,mode=755,inode64)
tmpfs on /tmp/transactional-update-tNCyHK/dev/shm type tmpfs (rw,nosuid,nodev,size=3047112k,nr_inodes=761778,inode64)
devpts on /tmp/transactional-update-tNCyHK/dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
mqueue on /tmp/transactional-update-tNCyHK/dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
hugetlbfs on /tmp/transactional-update-tNCyHK/dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
/dev/vda2 on /tmp/transactional-update-tNCyHK/var/log type btrfs (rw,relatime,space_cache,subvolid=258,subvol=/@/var)
/dev/vda2 on /tmp/transactional-update-tNCyHK/opt type btrfs (rw,relatime,space_cache,subvolid=262,subvol=/@/opt)
/dev/vda2 on /tmp/transactional-update-tNCyHK/var/lib/zypp type btrfs (rw,relatime,space_cache,subvolid=258,subvol=/@/var)
/dev/vda2 on /tmp/transactional-update-tNCyHK/var/lib/ca-certificates type btrfs (rw,relatime,space_cache,subvolid=258,subvol=/@/var)
/dev/vda2 on /tmp/transactional-update-tNCyHK/var/lib/alternatives type btrfs (rw,relatime,space_cache,subvolid=258,subvol=/@/var)
/dev/vda2 on /tmp/transactional-update-tNCyHK/var/lib/selinux type btrfs (rw,relatime,space_cache,subvolid=258,subvol=/@/var)
overlay on /tmp/transactional-update-tNCyHK/etc type overlay (rw,relatime,lowerdir=/etc,upperdir=/var/lib/overlay/10/etc,workdir=/var/lib/overlay/10/work-etc,x-systemd.requires-mounts-for=/var)
/dev/vda2 on /tmp/transactional-update-tNCyHK/var/cache type btrfs (rw,relatime,space_cache,subvolid=258,subvol=/@/var)
tmpfs on /tmp/transactional-update-tNCyHK/tmp type tmpfs (rw,relatime,inode64)
tmpfs on /tmp/transactional-update-tNCyHK/run type tmpfs (rw,relatime,inode64)
tmpfs on /tmp/transactional-update-tNCyHK/var/tmp type tmpfs (rw,relatime,inode64)
/dev/vda2 on /tmp/transactional-update-tNCyHK/boot/grub2/x86_64-efi type btrfs (rw,relatime,space_cache,subvolid=265,subvol=/@/boot/grub2/x86_64-efi)
/dev/vda2 on /tmp/transactional-update-tNCyHK/boot/grub2/i386-pc type btrfs (rw,relatime,space_cache,subvolid=266,subvol=/@/boot/grub2/i386-pc)
proc on /tmp/transactional-update-tNCyHK/proc type proc (rw,nosuid,nodev,noexec,relatime)
systemd-1 on /tmp/transactional-update-tNCyHK/proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=30,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=14699)
sysfs on /tmp/transactional-update-tNCyHK/sys type sysfs (rw,nosuid,nodev,noexec,relatime)
securityfs on /tmp/transactional-update-tNCyHK/sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
cgroup2 on /tmp/transactional-update-tNCyHK/sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
pstore on /tmp/transactional-update-tNCyHK/sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
none on /tmp/transactional-update-tNCyHK/sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
debugfs on /tmp/transactional-update-tNCyHK/sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
tracefs on /tmp/transactional-update-tNCyHK/sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
configfs on /tmp/transactional-update-tNCyHK/sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
fusectl on /tmp/transactional-update-tNCyHK/sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
/dev/vda2 on /tmp/transactional-update-tNCyHK/root type btrfs (rw,relatime,space_cache,subvolid=261,subvol=/@/root)
/dev/vda2 on /tmp/transactional-update-tNCyHK/boot/writable type btrfs (rw,relatime,space_cache,subvolid=264,subvol=/@/boot/writable)
/dev/vda2 on /tmp/transactional-update-tNCyHK/.snapshots type btrfs (rw,relatime,space_cache,subvolid=267,subvol=/@/.snapshots)
OTOH, if I close the tukit session:
$ mount |grep tmp
devtmpfs on /dev type devtmpfs (rw,nosuid,size=3035576k,nr_inodes=758894,mode=755,inode64)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,size=3047112k,nr_inodes=761778,inode64)
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=1218848k,nr_inodes=819200,mode=755,inode64)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,size=3047112k,nr_inodes=409600,inode64)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=609400k,nr_inodes=152350,mode=700,uid=1000,gid=100,inode64)
I.e., a lot fewer stuff. :-P
Not that this happens not only when a transactional-update or tukit
shell is open, but even if some other components, like PackageKit using
libtukit, even just to refresh the repositories... Which in fact
happens at boot, and that in turns cause that flatpaks don't start for
a while. :-O
I'm up for more/different tests, if that could help.
Thanks and Regards
--
Dario Faggioli, Ph.D
http://about.me/dario.faggioli
Virtualization Software Engineer
SUSE Labs, SUSE https://www.suse.com/
-------------------------------------------------------------------
<