Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dangerzone not compatible with colima? #865

Open
LasseKrache opened this issue Jul 11, 2024 · 24 comments
Open

Dangerzone not compatible with colima? #865

LasseKrache opened this issue Jul 11, 2024 · 24 comments

Comments

@LasseKrache
Copy link

Hello,

As I am not allowed to use docker desktop on my MacBook (I would need a license), I normally use colima (https://github.com/abiosoft/colima), but dangerzone doesn't work with it. After "convert to safe document" I only get the message "unspecified error". Thought that version 0.7 maybe change this, but I get the same error.

Any suggestions (beside installing docker desktop)?

Thank you very much,
Lasse

@almet
Copy link
Contributor

almet commented Jul 11, 2024

Hi Lasse, thanks for opening this issue.

Colima is unfortunately currently not supported and we do not test Dangerzone with it at the moment.

We are aware of the licensing problems tied with the use of Docker Desktop tough, and have a specific issue for discussing its replacement #118, and colima is one of the options!

That being said, I reproduced locally your error, in order to better understand what is going on. On an Apple silicon M1 machine with the following commands, I reproduced the issue.

Let me detail the steps here, because getting the actual error is currently not straightforward.

Versions

Just putting here the colima version in case it is not the same.

$ colima version
colima version 0.6.9
git commit: c3a31ed05f5fab8b2cdbae835198e8fb1717fd0f

runtime: docker
arch: aarch64
client: v26.1.3
server: v26.1.1

Especially important to check that the architecture is aarch64, since colima can also run with rosetta enabled (which we don't want in our case).

Reproducing the issue

Here is how I start colima

$ colima start --cpu 4 --memory 8 --arch arm64

Starting Dangerzone 0.7.0 and doing a conversion resulted in an error, so I ran it via the cli:

/Applications/Dangerzone.app/Contents/MacOS/dangerzone-cli ~/Downloads/picture.jpg

, which outputs an unspecified error and the docker command used:

/opt/homebrew/bin/docker run --security-opt=no-new-privileges:true --cap-drop all --cap-add SYS_CHROOT --network=none -u dangerzone --rm -i --name dangerzone-doc-to-pixels-NjuD3m dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels

Running this manually got me the actual error:

Error executing inside namespace: re-executing self: fork/exec /proc/self/exe: operation not permitted

The issue

This seems related to the use of gVisor (introduced in the latest release), and the change in seccomp policies that went with it.

This has bitten us before in the past, see #846 for a similar case, and the way we detect if we have to specify a seccomp file ourselves is by looking at the docker version number.

Specifying the path to the seccomp policy, like we do for older versions of Docker Desktop, by adding this to the docker run invocation:

--security-opt seccomp=/Applications/Dangerzone.app//Contents/Resources/share/seccomp.gvisor.json

Which unfortunately brings us another error message:

running container: creating container: cannot create sandbox: cannot read client sync file: waiting for sandbox to start: EOF

I'm not sure why the gVisor container doesn't run in this setup.

@almet
Copy link
Contributor

almet commented Jul 11, 2024

Adding the RUNSC_DEBUG=1 environment variable to the docker run invocation with -e RUNSC_DEBUG=1 got me some more logs:

Details

$ /opt/homebrew/bin/docker run -e RUNSC_DEBUG=1 --security-opt=no-new-privileges:true --security-opt seccomp=/Users/alexis/Desktop/seccomp.gvisor.json --cap-drop all --cap-add SYS_CHROOT --network=none -u dangerzone --rm -i --name dangerzone-doc-to-pixels-NjuD3m dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels
Invoked with command: /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels
Command inside gVisor sandbox: ['/usr/bin/python3', '-m', 'dangerzone.conversion.doc_to_pixels']
OCI config:
{
  "hostname": "dangerzone",
  "linux": {
    "namespaces": [
      {
        "type": "pid"
      },
      {
        "type": "network"
      },
      {
        "type": "ipc"
      },
      {
        "type": "uts"
      },
      {
        "type": "mount"
      }
    ]
  },
  "mounts": [
    {
      "destination": "/proc",
      "source": "proc",
      "type": "proc"
    },
    {
      "destination": "/dev",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ],
      "source": "tmpfs",
      "type": "tmpfs"
    },
    {
      "destination": "/sys",
      "options": [
        "nosuid",
        "noexec",
        "nodev",
        "ro"
      ],
      "source": "tmpfs",
      "type": "tmpfs"
    },
    {
      "destination": "/tmp",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ],
      "source": "tmpfs",
      "type": "tmpfs"
    },
    {
      "destination": "/home/dangerzone",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ],
      "source": "tmpfs",
      "type": "tmpfs"
    },
    {
      "destination": "/usr/lib/libreoffice/share/extensions/",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ],
      "source": "tmpfs",
      "type": "tmpfs"
    }
  ],
  "ociVersion": "1.0.0",
  "process": {
    "args": [
      "/usr/bin/python3",
      "-m",
      "dangerzone.conversion.doc_to_pixels"
    ],
    "capabilities": {
      "bounding": [],
      "effective": [],
      "inheritable": [],
      "permitted": []
    },
    "cwd": "/",
    "env": [
      "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
      "PYTHONPATH=/opt/dangerzone",
      "TERM=xterm"
    ],
    "rlimits": [
      {
        "hard": 4096,
        "soft": 4096,
        "type": "RLIMIT_NOFILE"
      }
    ],
    "user": {
      "gid": 1000,
      "uid": 1000
    }
  },
  "root": {
    "path": "rootfs",
    "readonly": true
  }
}
Running gVisor with command line: /usr/bin/runsc --rootless=true --network=none --root=/home/dangerzone/.containers --debug=true --alsologtostderr=true run --bundle=/home/dangerzone/dangerzone-image dangerzone
I0711 12:29:49.279379       7 main.go:192] **************** gVisor ****************
I0711 12:29:49.279421       7 main.go:193] Version release-20240624.0, go1.22.0 X:nocoverageredesign, arm64, 4 CPUs, linux, PID 7, PPID 1, UID 1000, GID 1000
D0711 12:29:49.279435       7 main.go:194] Page size: 0x1000 (4096 bytes)
I0711 12:29:49.279445       7 main.go:195] Args: [/usr/bin/runsc --rootless=true --network=none --root=/home/dangerzone/.containers --debug=true --alsologtostderr=true run --bundle=/home/dangerzone/dangerzone-image dangerzone]
I0711 12:29:49.279461       7 config.go:410] Platform: systrap
I0711 12:29:49.279476       7 config.go:411] RootDir: /home/dangerzone/.containers
I0711 12:29:49.279481       7 config.go:412] FileAccess: exclusive / Directfs: true / Overlay: root:self
I0711 12:29:49.279497       7 config.go:413] Network: none
I0711 12:29:49.279507       7 config.go:415] Debug: true. Strace: false, max size: 1024, syscalls:
D0711 12:29:49.279515       7 config.go:433] Config.RootDir (--root): /home/dangerzone/.containers
D0711 12:29:49.279530       7 config.go:433] Config.Traceback (--traceback): system
D0711 12:29:49.279537       7 config.go:433] Config.Debug (--debug): true
D0711 12:29:49.279543       7 config.go:433] Config.LogFilename (--log): (empty)
D0711 12:29:49.279551       7 config.go:433] Config.LogFormat (--log-format): text
D0711 12:29:49.279555       7 config.go:433] Config.DebugLog (--debug-log): (empty)
D0711 12:29:49.279559       7 config.go:433] Config.DebugToUserLog (--debug-to-user-log): false
D0711 12:29:49.279567       7 config.go:433] Config.DebugCommand (--debug-command): (empty)
D0711 12:29:49.279570       7 config.go:433] Config.PanicLog (--panic-log): (empty)
D0711 12:29:49.279574       7 config.go:433] Config.CoverageReport (--coverage-report): (empty)
D0711 12:29:49.279587       7 config.go:433] Config.DebugLogFormat (--debug-log-format): text
D0711 12:29:49.279591       7 config.go:433] Config.FileAccess (--file-access): exclusive
D0711 12:29:49.279595       7 config.go:433] Config.FileAccessMounts (--file-access-mounts): shared
D0711 12:29:49.279600       7 config.go:433] Config.Overlay (--overlay): false
D0711 12:29:49.279604       7 config.go:433] Config.Overlay2 (--overlay2): root:self
D0711 12:29:49.279609       7 config.go:433] Config.FSGoferHostUDS (--fsgofer-host-uds): false
D0711 12:29:49.279612       7 config.go:433] Config.HostUDS (--host-uds): none
D0711 12:29:49.279620       7 config.go:433] Config.HostFifo (--host-fifo): none
D0711 12:29:49.279626       7 config.go:433] Config.Network (--network): none
D0711 12:29:49.279630       7 config.go:433] Config.EnableRaw (--net-raw): false
D0711 12:29:49.279634       7 config.go:433] Config.AllowPacketEndpointWrite (--TESTONLY-allow-packet-endpoint-write): false
D0711 12:29:49.279639       7 config.go:433] Config.HostGSO (--gso): true
D0711 12:29:49.279643       7 config.go:433] Config.GVisorGSO (--software-gso): true
D0711 12:29:49.279651       7 config.go:433] Config.GVisorGRO (--gvisor-gro): false
D0711 12:29:49.279655       7 config.go:433] Config.TXChecksumOffload (--tx-checksum-offload): false
D0711 12:29:49.279659       7 config.go:433] Config.RXChecksumOffload (--rx-checksum-offload): true
D0711 12:29:49.279663       7 config.go:433] Config.QDisc (--qdisc): fifo
D0711 12:29:49.279672       7 config.go:433] Config.LogPackets (--log-packets): false
D0711 12:29:49.279679       7 config.go:433] Config.PCAP (--pcap-log): (empty)
D0711 12:29:49.279690       7 config.go:433] Config.Platform (--platform): systrap
D0711 12:29:49.279694       7 config.go:433] Config.PlatformDevicePath (--platform_device_path): (empty)
D0711 12:29:49.279697       7 config.go:433] Config.MetricServer (--metric-server): (empty)
D0711 12:29:49.279701       7 config.go:433] Config.ProfilingMetrics (--profiling-metrics): (empty)
D0711 12:29:49.279712       7 config.go:433] Config.ProfilingMetricsLog (--profiling-metrics-log): (empty)
D0711 12:29:49.279718       7 config.go:433] Config.ProfilingMetricsRate (--profiling-metrics-rate-us): 1000
D0711 12:29:49.279722       7 config.go:433] Config.Strace (--strace): false
D0711 12:29:49.279725       7 config.go:433] Config.StraceSyscalls (--strace-syscalls): (empty)
D0711 12:29:49.279729       7 config.go:433] Config.StraceLogSize (--strace-log-size): 1024
D0711 12:29:49.279737       7 config.go:433] Config.StraceEvent (--strace-event): false
D0711 12:29:49.279747       7 config.go:435] Config.DisableSeccomp: false
D0711 12:29:49.279756       7 config.go:433] Config.EnableCoreTags (--enable-core-tags): false
D0711 12:29:49.279764       7 config.go:433] Config.WatchdogAction (--watchdog-action): logWarning
D0711 12:29:49.279772       7 config.go:433] Config.PanicSignal (--panic-signal): -1
D0711 12:29:49.279782       7 config.go:433] Config.ProfileEnable (--profile): false
D0711 12:29:49.279786       7 config.go:433] Config.ProfileBlock (--profile-block): (empty)
D0711 12:29:49.279789       7 config.go:433] Config.ProfileCPU (--profile-cpu): (empty)
D0711 12:29:49.279802       7 config.go:433] Config.ProfileHeap (--profile-heap): (empty)
D0711 12:29:49.279806       7 config.go:433] Config.ProfileMutex (--profile-mutex): (empty)
D0711 12:29:49.279809       7 config.go:433] Config.TraceFile (--trace): (empty)
D0711 12:29:49.279817       7 config.go:433] Config.NumNetworkChannels (--num-network-channels): 1
D0711 12:29:49.279821       7 config.go:433] Config.NetworkProcessorsPerChannel (--network-processors-per-channel): 0
D0711 12:29:49.279876       7 config.go:433] Config.Rootless (--rootless): true
D0711 12:29:49.279884       7 config.go:433] Config.AlsoLogToStderr (--alsologtostderr): true
D0711 12:29:49.279889       7 config.go:433] Config.ReferenceLeak (--ref-leak-mode): disabled
D0711 12:29:49.279894       7 config.go:433] Config.CPUNumFromQuota (--cpu-num-from-quota): false
D0711 12:29:49.279898       7 config.go:433] Config.AllowFlagOverride (--allow-flag-override): false
D0711 12:29:49.279918       7 config.go:433] Config.OCISeccomp (--oci-seccomp): false
D0711 12:29:49.279936       7 config.go:433] Config.IgnoreCgroups (--ignore-cgroups): false
D0711 12:29:49.279940       7 config.go:433] Config.SystemdCgroup (--systemd-cgroup): false
D0711 12:29:49.279944       7 config.go:433] Config.PodInitConfig (--pod-init-config): (empty)
D0711 12:29:49.279948       7 config.go:433] Config.BufferPooling (--buffer-pooling): true
D0711 12:29:49.279951       7 config.go:433] Config.XDP (--EXPERIMENTAL-xdp): {0 }
D0711 12:29:49.279961       7 config.go:433] Config.AFXDPUseNeedWakeup (--EXPERIMENTAL-xdp-need-wakeup): true
D0711 12:29:49.279965       7 config.go:433] Config.FDLimit (--fdlimit): -1
D0711 12:29:49.280061       7 config.go:433] Config.DCache (--dcache): -1
D0711 12:29:49.280065       7 config.go:433] Config.IOUring (--iouring): false
D0711 12:29:49.280085       7 config.go:433] Config.DirectFS (--directfs): true
D0711 12:29:49.280100       7 config.go:433] Config.NVProxy (--nvproxy): false
D0711 12:29:49.280104       7 config.go:433] Config.NVProxyDocker (--nvproxy-docker): false
D0711 12:29:49.280108       7 config.go:433] Config.NVProxyDriverVersion (--nvproxy-driver-version): (empty)
D0711 12:29:49.280112       7 config.go:433] Config.TPUProxy (--tpuproxy): false
D0711 12:29:49.280115       7 config.go:433] Config.TestOnlyAllowRunAsCurrentUserWithoutChroot (--TESTONLY-unsafe-nonroot): false
D0711 12:29:49.280119       7 config.go:433] Config.TestOnlyTestNameEnv (--TESTONLY-test-name-env): (empty)
D0711 12:29:49.280123       7 config.go:433] Config.TestOnlyAFSSyscallPanic (--TESTONLY-afs-syscall-panic): false
D0711 12:29:49.280136       7 config.go:435] Config.explicitlySet: <map[string]struct {} Value> (unexported)
D0711 12:29:49.280145       7 config.go:433] Config.ReproduceNAT (--reproduce-nat): false
D0711 12:29:49.280161       7 config.go:433] Config.ReproduceNftables (--reproduce-nftables): false
D0711 12:29:49.280166       7 config.go:433] Config.NetDisconnectOk (--net-disconnect-ok): false
D0711 12:29:49.280170       7 config.go:433] Config.TestOnlyAutosaveImagePath (--TESTONLY-autosave-image-path): (empty)
D0711 12:29:49.280174       7 config.go:433] Config.TestOnlyAutosaveResume (--TESTONLY-autosave-resume): false
I0711 12:29:49.280178       7 main.go:197] **************** gVisor ****************
I0711 12:29:49.280258       7 namespace.go:251] *** Re-running as root in new user namespace ***
I0711 12:29:49.291997      12 main.go:192] **************** gVisor ****************
I0711 12:29:49.292030      12 main.go:193] Version release-20240624.0, go1.22.0 X:nocoverageredesign, arm64, 4 CPUs, linux, PID 12, PPID 7, UID 0, GID 0
D0711 12:29:49.292041      12 main.go:194] Page size: 0x1000 (4096 bytes)
I0711 12:29:49.292049      12 main.go:195] Args: [/proc/self/exe --rootless=true --network=none --root=/home/dangerzone/.containers --debug=true --alsologtostderr=true run --bundle=/home/dangerzone/dangerzone-image dangerzone]
I0711 12:29:49.292062      12 config.go:410] Platform: systrap
I0711 12:29:49.292075      12 config.go:411] RootDir: /home/dangerzone/.containers
I0711 12:29:49.292080      12 config.go:412] FileAccess: exclusive / Directfs: true / Overlay: root:self
I0711 12:29:49.292090      12 config.go:413] Network: none
I0711 12:29:49.292097      12 config.go:415] Debug: true. Strace: false, max size: 1024, syscalls:
D0711 12:29:49.292103      12 config.go:433] Config.RootDir (--root): /home/dangerzone/.containers
D0711 12:29:49.292140      12 config.go:433] Config.Traceback (--traceback): system
D0711 12:29:49.292151      12 config.go:433] Config.Debug (--debug): true
D0711 12:29:49.292155      12 config.go:433] Config.LogFilename (--log): (empty)
D0711 12:29:49.292160      12 config.go:433] Config.LogFormat (--log-format): text
D0711 12:29:49.292163      12 config.go:433] Config.DebugLog (--debug-log): (empty)
D0711 12:29:49.292167      12 config.go:433] Config.DebugToUserLog (--debug-to-user-log): false
D0711 12:29:49.292171      12 config.go:433] Config.DebugCommand (--debug-command): (empty)
D0711 12:29:49.292174      12 config.go:433] Config.PanicLog (--panic-log): (empty)
D0711 12:29:49.292178      12 config.go:433] Config.CoverageReport (--coverage-report): (empty)
D0711 12:29:49.292190      12 config.go:433] Config.DebugLogFormat (--debug-log-format): text
D0711 12:29:49.292211      12 config.go:433] Config.FileAccess (--file-access): exclusive
D0711 12:29:49.292219      12 config.go:433] Config.FileAccessMounts (--file-access-mounts): shared
D0711 12:29:49.292223      12 config.go:433] Config.Overlay (--overlay): false
D0711 12:29:49.292227      12 config.go:433] Config.Overlay2 (--overlay2): root:self
D0711 12:29:49.292231      12 config.go:433] Config.FSGoferHostUDS (--fsgofer-host-uds): false
D0711 12:29:49.292235      12 config.go:433] Config.HostUDS (--host-uds): none
D0711 12:29:49.292243      12 config.go:433] Config.HostFifo (--host-fifo): none
D0711 12:29:49.292247      12 config.go:433] Config.Network (--network): none
D0711 12:29:49.292252      12 config.go:433] Config.EnableRaw (--net-raw): false
D0711 12:29:49.292255      12 config.go:433] Config.AllowPacketEndpointWrite (--TESTONLY-allow-packet-endpoint-write): false
D0711 12:29:49.292259      12 config.go:433] Config.HostGSO (--gso): true
D0711 12:29:49.292263      12 config.go:433] Config.GVisorGSO (--software-gso): true
D0711 12:29:49.292266      12 config.go:433] Config.GVisorGRO (--gvisor-gro): false
D0711 12:29:49.292270      12 config.go:433] Config.TXChecksumOffload (--tx-checksum-offload): false
D0711 12:29:49.292274      12 config.go:433] Config.RXChecksumOffload (--rx-checksum-offload): true
D0711 12:29:49.292277      12 config.go:433] Config.QDisc (--qdisc): fifo
D0711 12:29:49.292282      12 config.go:433] Config.LogPackets (--log-packets): false
D0711 12:29:49.292289      12 config.go:433] Config.PCAP (--pcap-log): (empty)
D0711 12:29:49.292292      12 config.go:433] Config.Platform (--platform): systrap
D0711 12:29:49.292296      12 config.go:433] Config.PlatformDevicePath (--platform_device_path): (empty)
D0711 12:29:49.292299      12 config.go:433] Config.MetricServer (--metric-server): (empty)
D0711 12:29:49.292303      12 config.go:433] Config.ProfilingMetrics (--profiling-metrics): (empty)
D0711 12:29:49.292307      12 config.go:433] Config.ProfilingMetricsLog (--profiling-metrics-log): (empty)
D0711 12:29:49.292314      12 config.go:433] Config.ProfilingMetricsRate (--profiling-metrics-rate-us): 1000
D0711 12:29:49.292320      12 config.go:433] Config.Strace (--strace): false
D0711 12:29:49.292323      12 config.go:433] Config.StraceSyscalls (--strace-syscalls): (empty)
D0711 12:29:49.292327      12 config.go:433] Config.StraceLogSize (--strace-log-size): 1024
D0711 12:29:49.292331      12 config.go:433] Config.StraceEvent (--strace-event): false
D0711 12:29:49.292334      12 config.go:435] Config.DisableSeccomp: false
D0711 12:29:49.292341      12 config.go:433] Config.EnableCoreTags (--enable-core-tags): false
D0711 12:29:49.292346      12 config.go:433] Config.WatchdogAction (--watchdog-action): logWarning
D0711 12:29:49.292351      12 config.go:433] Config.PanicSignal (--panic-signal): -1
D0711 12:29:49.292355      12 config.go:433] Config.ProfileEnable (--profile): false
D0711 12:29:49.292359      12 config.go:433] Config.ProfileBlock (--profile-block): (empty)
D0711 12:29:49.292362      12 config.go:433] Config.ProfileCPU (--profile-cpu): (empty)
D0711 12:29:49.292473      12 config.go:433] Config.ProfileHeap (--profile-heap): (empty)
D0711 12:29:49.292487      12 config.go:433] Config.ProfileMutex (--profile-mutex): (empty)
D0711 12:29:49.292491      12 config.go:433] Config.TraceFile (--trace): (empty)
D0711 12:29:49.292495      12 config.go:433] Config.NumNetworkChannels (--num-network-channels): 1
D0711 12:29:49.292499      12 config.go:433] Config.NetworkProcessorsPerChannel (--network-processors-per-channel): 0
D0711 12:29:49.292503      12 config.go:433] Config.Rootless (--rootless): true
D0711 12:29:49.292506      12 config.go:433] Config.AlsoLogToStderr (--alsologtostderr): true
D0711 12:29:49.292512      12 config.go:433] Config.ReferenceLeak (--ref-leak-mode): disabled
D0711 12:29:49.292518      12 config.go:433] Config.CPUNumFromQuota (--cpu-num-from-quota): false
D0711 12:29:49.292521      12 config.go:433] Config.AllowFlagOverride (--allow-flag-override): false
D0711 12:29:49.292571      12 config.go:433] Config.OCISeccomp (--oci-seccomp): false
D0711 12:29:49.292589      12 config.go:433] Config.IgnoreCgroups (--ignore-cgroups): false
D0711 12:29:49.292613      12 config.go:433] Config.SystemdCgroup (--systemd-cgroup): false
D0711 12:29:49.292625      12 config.go:433] Config.PodInitConfig (--pod-init-config): (empty)
D0711 12:29:49.292637      12 config.go:433] Config.BufferPooling (--buffer-pooling): true
D0711 12:29:49.292715      12 config.go:433] Config.XDP (--EXPERIMENTAL-xdp): {0 }
D0711 12:29:49.292739      12 config.go:433] Config.AFXDPUseNeedWakeup (--EXPERIMENTAL-xdp-need-wakeup): true
D0711 12:29:49.292754      12 config.go:433] Config.FDLimit (--fdlimit): -1
D0711 12:29:49.292772      12 config.go:433] Config.DCache (--dcache): -1
D0711 12:29:49.292806      12 config.go:433] Config.IOUring (--iouring): false
D0711 12:29:49.292819      12 config.go:433] Config.DirectFS (--directfs): true
D0711 12:29:49.292832      12 config.go:433] Config.NVProxy (--nvproxy): false
D0711 12:29:49.292937      12 config.go:433] Config.NVProxyDocker (--nvproxy-docker): false
D0711 12:29:49.293018      12 config.go:433] Config.NVProxyDriverVersion (--nvproxy-driver-version): (empty)
D0711 12:29:49.293045      12 config.go:433] Config.TPUProxy (--tpuproxy): false
D0711 12:29:49.293057      12 config.go:433] Config.TestOnlyAllowRunAsCurrentUserWithoutChroot (--TESTONLY-unsafe-nonroot): false
D0711 12:29:49.293068      12 config.go:433] Config.TestOnlyTestNameEnv (--TESTONLY-test-name-env): (empty)
D0711 12:29:49.293081      12 config.go:433] Config.TestOnlyAFSSyscallPanic (--TESTONLY-afs-syscall-panic): false
D0711 12:29:49.293108      12 config.go:435] Config.explicitlySet: <map[string]struct {} Value> (unexported)
D0711 12:29:49.293160      12 config.go:433] Config.ReproduceNAT (--reproduce-nat): false
D0711 12:29:49.293216      12 config.go:433] Config.ReproduceNftables (--reproduce-nftables): false
D0711 12:29:49.293255      12 config.go:433] Config.NetDisconnectOk (--net-disconnect-ok): false
D0711 12:29:49.293268      12 config.go:433] Config.TestOnlyAutosaveImagePath (--TESTONLY-autosave-image-path): (empty)
D0711 12:29:49.293296      12 config.go:433] Config.TestOnlyAutosaveResume (--TESTONLY-autosave-resume): false
I0711 12:29:49.293337      12 main.go:197] **************** gVisor ****************
W0711 12:29:49.294105      12 specutils.go:129] noNewPrivileges ignored. PR_SET_NO_NEW_PRIVS is assumed to always be set.
D0711 12:29:49.294271      12 specutils.go:91] Spec:
{
  "ociVersion": "1.0.0",
  "process": {
    "user": {
      "uid": 1000,
      "gid": 1000
    },
    "args": [
      "/usr/bin/python3",
      "-m",
      "dangerzone.conversion.doc_to_pixels"
    ],
    "env": [
      "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
      "PYTHONPATH=/opt/dangerzone",
      "TERM=xterm"
    ],
    "cwd": "/",
    "rlimits": [
      {
        "type": "RLIMIT_NOFILE",
        "hard": 4096,
        "soft": 4096
      }
    ]
  },
  "root": {
    "path": "/home/dangerzone/dangerzone-image/rootfs",
    "readonly": true
  },
  "hostname": "dangerzone",
  "mounts": [
    {
      "destination": "/proc",
      "type": "proc",
      "source": "/home/dangerzone/dangerzone-image/proc"
    },
    {
      "destination": "/dev",
      "type": "tmpfs",
      "source": "/home/dangerzone/dangerzone-image/tmpfs",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ]
    },
    {
      "destination": "/sys",
      "type": "tmpfs",
      "source": "/home/dangerzone/dangerzone-image/tmpfs",
      "options": [
        "nosuid",
        "noexec",
        "nodev",
        "ro"
      ]
    },
    {
      "destination": "/tmp",
      "type": "tmpfs",
      "source": "/home/dangerzone/dangerzone-image/tmpfs",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ]
    },
    {
      "destination": "/home/dangerzone",
      "type": "tmpfs",
      "source": "/home/dangerzone/dangerzone-image/tmpfs",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ]
    },
    {
      "destination": "/usr/lib/libreoffice/share/extensions/",
      "type": "tmpfs",
      "source": "/home/dangerzone/dangerzone-image/tmpfs",
      "options": [
        "nosuid",
        "noexec",
        "nodev"
      ]
    }
  ],
  "linux": {
    "namespaces": [
      {
        "type": "pid"
      },
      {
        "type": "network"
      },
      {
        "type": "ipc"
      },
      {
        "type": "uts"
      },
      {
        "type": "mount"
      }
    ]
  }
}
D0711 12:29:49.294534      12 container.go:542] Run container, cid: dangerzone, rootDir: "/home/dangerzone/.containers"
D0711 12:29:49.294582      12 container.go:198] Create container, cid: dangerzone, rootDir: "/home/dangerzone/.containers"
D0711 12:29:49.294688      12 container.go:1771] Configuring container with a new userns with identity user mappings into current userns
D0711 12:29:49.294763      12 container.go:1827] UID Mappings:
D0711 12:29:49.294807      12 container.go:1829] 	Container ID: 0, Host ID: 0, Range Length: 1
D0711 12:29:49.294847      12 container.go:1827] GID Mappings:
D0711 12:29:49.294862      12 container.go:1829] 	Container ID: 0, Host ID: 0, Range Length: 1
D0711 12:29:49.295067      12 container.go:260] Creating new sandbox for container, cid: dangerzone
D0711 12:29:49.295143      12 cgroup.go:428] New cgroup for pid: self, *cgroup.cgroupV2: &{Mountpoint:/sys/fs/cgroup Path:/dangerzone Controllers:[cpuset cpu io memory hugetlb pids rdma misc] Own:[]}
D0711 12:29:49.295215      12 cgroup_v2.go:132] Installing cgroup path "/sys/fs/cgroup/dangerzone"
D0711 12:29:49.295276      12 cgroup_v2.go:177] Deleting cgroup "/sys/fs/cgroup/dangerzone"
W0711 12:29:49.295314      12 container.go:1741] Skipping cgroup configuration in rootless mode: open /sys/fs/cgroup/cgroup.subtree_control: read-only file system
I0711 12:29:49.295528      12 namespace.go:202] Mapping host uid 0 to container uid 0 (size=1)
I0711 12:29:49.295556      12 namespace.go:210] Mapping host gid 0 to container gid 0 (size=1)
D0711 12:29:49.295576      12 donation.go:31] Donating FD 3: "/home/dangerzone/dangerzone-image/config.json"
D0711 12:29:49.297315      12 donation.go:31] Donating FD 4: "|1"
D0711 12:29:49.297340      12 donation.go:31] Donating FD 5: "gofer IO FD"
D0711 12:29:49.297353      12 container.go:1339] Starting gofer: /proc/self/exe [runsc-gofer --rootless=true --alsologtostderr=true --root=/home/dangerzone/.containers --debug=true --network=none gofer --bundle /home/dangerzone/dangerzone-image --gofer-mount-confs=lisafs:none --spec-fd=3 --mounts-fd=4 --io-fds=5]
I0711 12:29:49.298407      12 container.go:1343] Gofer started, PID: 23
I0711 12:29:49.298519      12 sandbox.go:745] Failed to set RLIMIT_MEMLOCK: operation not permitted
D0711 12:29:49.298700      12 sandbox.go:87] Attempting to create socket file "/home/dangerzone/.containers/runsc-dangerzone.sock"
D0711 12:29:49.298779      12 sandbox.go:90] Using socket file "/home/dangerzone/.containers/runsc-dangerzone.sock"
I0711 12:29:49.298798      12 sandbox.go:845] Control socket path: "/home/dangerzone/.containers/runsc-dangerzone.sock"
I0711 12:29:49.298849      12 sandbox.go:892] Sandbox will be started in new mount, IPC and UTS namespaces
I0711 12:29:49.298869      12 sandbox.go:902] Sandbox will be started in the current PID namespace
I0711 12:29:49.298887      12 sandbox.go:926] Sandbox will be started in new network namespace
I0711 12:29:49.298937      12 sandbox.go:943] Sandbox will be started in container's user namespace: {Type:user Path:}
I0711 12:29:49.298972      12 namespace.go:202] Mapping host uid 0 to container uid 0 (size=1)
I0711 12:29:49.298986      12 namespace.go:210] Mapping host gid 0 to container gid 0 (size=1)
I0711 12:29:49.299055      12 sandbox.go:973] Sandbox will be started in minimal chroot
D0711 12:29:49.299196      12 donation.go:31] Donating FD 3: "sandbox IO FD"
D0711 12:29:49.299218      12 donation.go:31] Donating FD 4: "|0"
D0711 12:29:49.299229      12 donation.go:31] Donating FD 5: "|1"
D0711 12:29:49.299240      12 donation.go:31] Donating FD 6: "control_server_socket"
D0711 12:29:49.299260      12 donation.go:31] Donating FD 7: "/home/dangerzone/dangerzone-image/config.json"
D0711 12:29:49.299272      12 donation.go:31] Donating FD 8: "/dev/stdin"
D0711 12:29:49.299283      12 donation.go:31] Donating FD 9: "/dev/stdout"
D0711 12:29:49.299323      12 donation.go:31] Donating FD 10: "/dev/stderr"
D0711 12:29:49.299334      12 sandbox.go:1167] Starting sandbox: /proc/self/exe [runsc-sandbox --debug=true --network=none --rootless=true --alsologtostderr=true --root=/home/dangerzone/.containers boot --bundle=/home/dangerzone/dangerzone-image --gofer-mount-confs=lisafs:none --apply-caps=true --setup-root --total-host-memory 8308547584 --total-memory 8308547584 --attached --io-fds=3 --dev-io-fd=-1 --mounts-fd=4 --start-sync-fd=5 --controller-fd=6 --spec-fd=7 --stdio-fds=8 --stdio-fds=9 --stdio-fds=10 dangerzone]
D0711 12:29:49.299366      12 sandbox.go:1168] SysProcAttr: &{Chroot: Credential:0x4000374120 Ptrace:false Setsid:true Setpgid:false Setctty:false Noctty:false Ctty:0 Foreground:false Pgid:0 Pdeathsig:killed Cloneflags:0 Unshareflags:0 UidMappings:[{ContainerID:0 HostID:0 Size:1}] GidMappings:[{ContainerID:0 HostID:0 Size:1}] GidMappingsEnableSetgroups:false AmbientCaps:[] UseCgroupFD:false CgroupFD:0 PidFD:<nil>}
I0711 12:29:49.300290      12 sandbox.go:1196] Sandbox started, PID: 28
I0711 12:29:49.308992      28 main.go:192] **************** gVisor ****************
I0711 12:29:49.309018      28 main.go:193] Version release-20240624.0, go1.22.0 X:nocoverageredesign, arm64, 4 CPUs, linux, PID 28, PPID 12, UID 0, GID 0
D0711 12:29:49.309027      28 main.go:194] Page size: 0x1000 (4096 bytes)
I0711 12:29:49.309035      28 main.go:195] Args: [runsc-sandbox --debug=true --network=none --rootless=true --alsologtostderr=true --root=/home/dangerzone/.containers boot --bundle=/home/dangerzone/dangerzone-image --gofer-mount-confs=lisafs:none --apply-caps=true --setup-root --total-host-memory 8308547584 --total-memory 8308547584 --attached --io-fds=3 --dev-io-fd=-1 --mounts-fd=4 --start-sync-fd=5 --controller-fd=6 --spec-fd=7 --stdio-fds=8 --stdio-fds=9 --stdio-fds=10 dangerzone]
I0711 12:29:49.309057      28 config.go:410] Platform: systrap
I0711 12:29:49.309075      28 config.go:411] RootDir: /home/dangerzone/.containers
I0711 12:29:49.309080      28 config.go:412] FileAccess: exclusive / Directfs: true / Overlay: root:self
I0711 12:29:49.309087      28 config.go:413] Network: none
I0711 12:29:49.309094      28 config.go:415] Debug: true. Strace: false, max size: 1024, syscalls:
D0711 12:29:49.309100      28 config.go:433] Config.RootDir (--root): /home/dangerzone/.containers
D0711 12:29:49.309109      28 config.go:433] Config.Traceback (--traceback): system
D0711 12:29:49.309115      28 config.go:433] Config.Debug (--debug): true
D0711 12:29:49.309119      28 config.go:433] Config.LogFilename (--log): (empty)
D0711 12:29:49.309123      28 config.go:433] Config.LogFormat (--log-format): text
D0711 12:29:49.309127      28 config.go:433] Config.DebugLog (--debug-log): (empty)
D0711 12:29:49.309130      28 config.go:433] Config.DebugToUserLog (--debug-to-user-log): false
D0711 12:29:49.309134      28 config.go:433] Config.DebugCommand (--debug-command): (empty)
D0711 12:29:49.309137      28 config.go:433] Config.PanicLog (--panic-log): (empty)
D0711 12:29:49.309141      28 config.go:433] Config.CoverageReport (--coverage-report): (empty)
D0711 12:29:49.309149      28 config.go:433] Config.DebugLogFormat (--debug-log-format): text
D0711 12:29:49.309154      28 config.go:433] Config.FileAccess (--file-access): exclusive
D0711 12:29:49.309159      28 config.go:433] Config.FileAccessMounts (--file-access-mounts): shared
D0711 12:29:49.309163      28 config.go:433] Config.Overlay (--overlay): false
D0711 12:29:49.309167      28 config.go:433] Config.Overlay2 (--overlay2): root:self
D0711 12:29:49.309171      28 config.go:433] Config.FSGoferHostUDS (--fsgofer-host-uds): false
D0711 12:29:49.309176      28 config.go:433] Config.HostUDS (--host-uds): none
D0711 12:29:49.309182      28 config.go:433] Config.HostFifo (--host-fifo): none
D0711 12:29:49.309187      28 config.go:433] Config.Network (--network): none
D0711 12:29:49.309191      28 config.go:433] Config.EnableRaw (--net-raw): false
D0711 12:29:49.309195      28 config.go:433] Config.AllowPacketEndpointWrite (--TESTONLY-allow-packet-endpoint-write): false
D0711 12:29:49.309198      28 config.go:433] Config.HostGSO (--gso): true
D0711 12:29:49.309202      28 config.go:433] Config.GVisorGSO (--software-gso): true
D0711 12:29:49.309206      28 config.go:433] Config.GVisorGRO (--gvisor-gro): false
D0711 12:29:49.309209      28 config.go:433] Config.TXChecksumOffload (--tx-checksum-offload): false
D0711 12:29:49.309213      28 config.go:433] Config.RXChecksumOffload (--rx-checksum-offload): true
D0711 12:29:49.309216      28 config.go:433] Config.QDisc (--qdisc): fifo
D0711 12:29:49.309221      28 config.go:433] Config.LogPackets (--log-packets): false
D0711 12:29:49.309227      28 config.go:433] Config.PCAP (--pcap-log): (empty)
D0711 12:29:49.309231      28 config.go:433] Config.Platform (--platform): systrap
D0711 12:29:49.309234      28 config.go:433] Config.PlatformDevicePath (--platform_device_path): (empty)
D0711 12:29:49.309238      28 config.go:433] Config.MetricServer (--metric-server): (empty)
D0711 12:29:49.309241      28 config.go:433] Config.ProfilingMetrics (--profiling-metrics): (empty)
D0711 12:29:49.309245      28 config.go:433] Config.ProfilingMetricsLog (--profiling-metrics-log): (empty)
D0711 12:29:49.309249      28 config.go:433] Config.ProfilingMetricsRate (--profiling-metrics-rate-us): 1000
D0711 12:29:49.309271      28 config.go:433] Config.Strace (--strace): false
D0711 12:29:49.309281      28 config.go:433] Config.StraceSyscalls (--strace-syscalls): (empty)
D0711 12:29:49.309285      28 config.go:433] Config.StraceLogSize (--strace-log-size): 1024
D0711 12:29:49.309289      28 config.go:433] Config.StraceEvent (--strace-event): false
D0711 12:29:49.309293      28 config.go:435] Config.DisableSeccomp: false
D0711 12:29:49.309299      28 config.go:433] Config.EnableCoreTags (--enable-core-tags): false
D0711 12:29:49.309306      28 config.go:433] Config.WatchdogAction (--watchdog-action): logWarning
D0711 12:29:49.309311      28 config.go:433] Config.PanicSignal (--panic-signal): -1
D0711 12:29:49.309314      28 config.go:433] Config.ProfileEnable (--profile): false
D0711 12:29:49.309318      28 config.go:433] Config.ProfileBlock (--profile-block): (empty)
D0711 12:29:49.309322      28 config.go:433] Config.ProfileCPU (--profile-cpu): (empty)
D0711 12:29:49.309328      28 config.go:433] Config.ProfileHeap (--profile-heap): (empty)
D0711 12:29:49.309332      28 config.go:433] Config.ProfileMutex (--profile-mutex): (empty)
D0711 12:29:49.309336      28 config.go:433] Config.TraceFile (--trace): (empty)
D0711 12:29:49.309339      28 config.go:433] Config.NumNetworkChannels (--num-network-channels): 1
D0711 12:29:49.309346      28 config.go:433] Config.NetworkProcessorsPerChannel (--network-processors-per-channel): 0
D0711 12:29:49.309350      28 config.go:433] Config.Rootless (--rootless): true
D0711 12:29:49.309354      28 config.go:433] Config.AlsoLogToStderr (--alsologtostderr): true
D0711 12:29:49.309358      28 config.go:433] Config.ReferenceLeak (--ref-leak-mode): disabled
D0711 12:29:49.309362      28 config.go:433] Config.CPUNumFromQuota (--cpu-num-from-quota): false
D0711 12:29:49.309370      28 config.go:433] Config.AllowFlagOverride (--allow-flag-override): false
D0711 12:29:49.309373      28 config.go:433] Config.OCISeccomp (--oci-seccomp): false
D0711 12:29:49.309377      28 config.go:433] Config.IgnoreCgroups (--ignore-cgroups): false
D0711 12:29:49.309380      28 config.go:433] Config.SystemdCgroup (--systemd-cgroup): false
D0711 12:29:49.309384      28 config.go:433] Config.PodInitConfig (--pod-init-config): (empty)
D0711 12:29:49.309388      28 config.go:433] Config.BufferPooling (--buffer-pooling): true
D0711 12:29:49.309392      28 config.go:433] Config.XDP (--EXPERIMENTAL-xdp): {0 }
D0711 12:29:49.309401      28 config.go:433] Config.AFXDPUseNeedWakeup (--EXPERIMENTAL-xdp-need-wakeup): true
D0711 12:29:49.309405      28 config.go:433] Config.FDLimit (--fdlimit): -1
D0711 12:29:49.309425      28 config.go:433] Config.DCache (--dcache): -1
D0711 12:29:49.309443      28 config.go:433] Config.IOUring (--iouring): false
D0711 12:29:49.309454      28 config.go:433] Config.DirectFS (--directfs): true
D0711 12:29:49.309464      28 config.go:433] Config.NVProxy (--nvproxy): false
D0711 12:29:49.309478      28 config.go:433] Config.NVProxyDocker (--nvproxy-docker): false
D0711 12:29:49.309492      28 config.go:433] Config.NVProxyDriverVersion (--nvproxy-driver-version): (empty)
D0711 12:29:49.309502      28 config.go:433] Config.TPUProxy (--tpuproxy): false
D0711 12:29:49.309519      28 config.go:433] Config.TestOnlyAllowRunAsCurrentUserWithoutChroot (--TESTONLY-unsafe-nonroot): false
D0711 12:29:49.309530      28 config.go:433] Config.TestOnlyTestNameEnv (--TESTONLY-test-name-env): (empty)
D0711 12:29:49.309541      28 config.go:433] Config.TestOnlyAFSSyscallPanic (--TESTONLY-afs-syscall-panic): false
D0711 12:29:49.309555      28 config.go:435] Config.explicitlySet: <map[string]struct {} Value> (unexported)
D0711 12:29:49.309573      28 config.go:433] Config.ReproduceNAT (--reproduce-nat): false
D0711 12:29:49.309585      28 config.go:433] Config.ReproduceNftables (--reproduce-nftables): false
D0711 12:29:49.309595      28 config.go:433] Config.NetDisconnectOk (--net-disconnect-ok): false
D0711 12:29:49.309606      28 config.go:433] Config.TestOnlyAutosaveImagePath (--TESTONLY-autosave-image-path): (empty)
D0711 12:29:49.309616      28 config.go:433] Config.TestOnlyAutosaveResume (--TESTONLY-autosave-resume): false
I0711 12:29:49.309628      28 main.go:197] **************** gVisor ****************
I0711 12:29:49.309756      28 boot.go:258] Setting product_name: "Apple Virtualization Generic Platform"
W0711 12:29:49.310324      28 specutils.go:129] noNewPrivileges ignored. PR_SET_NO_NEW_PRIVS is assumed to always be set.
I0711 12:29:49.310360      28 chroot.go:91] Setting up sandbox chroot in "/tmp"
W0711 12:29:49.310395      28 util.go:64] FATAL ERROR: error setting up chroot: error converting mounts: permission denied
error setting up chroot: error converting mounts: permission denied
D0711 12:29:49.311084      12 sandbox.go:1278] Destroying sandbox "dangerzone"
D0711 12:29:49.311139      12 sandbox.go:1287] Killing sandbox "dangerzone"
D0711 12:29:49.311184      12 container.go:776] Destroy container, cid: dangerzone
D0711 12:29:49.311531      12 container.go:1087] Killing gofer for container, cid: dangerzone, PID: 23
W0711 12:29:49.311585      12 util.go:64] FATAL ERROR: running container: creating container: cannot create sandbox: cannot read client sync file: waiting for sandbox to start: EOF
running container: creating container: cannot create sandbox: cannot read client sync file: waiting for sandbox to start: EOF
W0711 12:29:49.311644      12 main.go:227] Failure to execute command, err: 1
gVisor quit with exit code: 128

The interesting part being at the very end:

W0711 12:29:49.310324      28 specutils.go:129] noNewPrivileges ignored. PR_SET_NO_NEW_PRIVS is assumed to always be set.
I0711 12:29:49.310360      28 chroot.go:91] Setting up sandbox chroot in "/tmp"
W0711 12:29:49.310395      28 util.go:64] FATAL ERROR: error setting up chroot: error converting mounts: permission denied
error setting up chroot: error converting mounts: permission denied

@LasseKrache
Copy link
Author

LasseKrache commented Jul 11, 2024

Dear Almet,

Thank you very much for your response! So at least I know, that this is not a "local problem" on my Mac. ;-)

I tried to reproduce the steps you mentioned, but it looks different on my machine:

lasse@mac:/Users/lasse  ▶ /Applications/Dangerzone.app/Contents/MacOS/dangerzone-cli ~/Downloads/bloomsbury.pdf
╭──────────────────────────╮
│           ▄██▄           │
│          ██████          │
│         ███▀▀▀██         │
│        ███   ████        │
│       ███   ██████       │
│      ███   ▀▀▀▀████      │
│     ███████  ▄██████     │
│    ███████ ▄█████████    │
│   ████████████████████   │
│    ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀    │
│                          │
│    Dangerzone v0.7.0     │
│ https://dangerzone.rocks │
╰──────────────────────────╯
Assigning ID 'srb-PA' to doc '/Users/lasse/Downloads/bloomsbury.pdf'

Converting document to safe PDF
> /opt/homebrew/bin/docker run --security-opt=no-new-privileges:true --security-opt seccomp=/Applications/Dangerzone.app/Contents/Resources/share/seccomp.gvisor.json --cap-drop all --cap-add SYS_CHROOT --network=none -u dangerzone --rm -i --name dangerzone-doc-to-pixels-srb-PA dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels
ERROR [doc srb-PA] 0% Unspecified error

Failed to convert document(s)
/Users/lasse/Downloads/bloomsbury.pdf                                                                                                                             /0,5s


lasse@mac:/Users/lasse  ▶ /opt/homebrew/bin/docker run --security-opt=no-new-privileges:true --security-opt seccomp=/Applications/Dangerzone.app/Contents/Resources/share/seccomp.gvisor.json --cap-drop all --cap-add SYS_CHROOT --network=none -u dangerzone --rm -i --name dangerzone-doc-to-pixels-srb-PA dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels
running container: creating container: cannot create sandbox: cannot read client sync file: waiting for sandbox to start: EOF                                  /0,2s

lasse@mac:/Users/lasse  ▶ colima version
colima version 0.6.9
git commit: c3a31ed05f5fab8b2cdbae835198e8fb1717fd0f

runtime: docker
arch: aarch64
client: v27.0.3
server: v24.0.9                                                                                                                                                /0,1s


@sudwhiwdh
Copy link
Contributor

When converting any documents with Dangerzone 0.7.0 under Fedora 40, I always get the same error message “Unspecified error”. There is probably no connection, even if the error message is the same, right?

@apyrgio
Copy link
Contributor

apyrgio commented Jul 19, 2024

Hi @sudwhiwdh. Uhm, this is actually not expected, so could you perhaps start a new issue and share some logs there? Unlike Colima, Podman in Fedora 40 is a supported configuration, and I'd like to learn more.

@apyrgio
Copy link
Contributor

apyrgio commented Jul 19, 2024

@LasseKrache can you also run the following command:

/opt/homebrew/bin/docker run -e RUNSC_DEBUG=1 --security-opt seccomp=/Applications/Dangerzone.app/Contents/Resources/share/seccomp.gvisor.json --security-opt=no-new-privileges:true --security-opt seccomp=/Applications/Dangerzone.app/Contents/Resources/share/seccomp.gvisor.json --cap-drop all --cap-add SYS_CHROOT --network=none -u dangerzone --rm -i --name dangerzone-doc-to-pixels-srb-PA dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.doc_to_pixels

(I've added these arguments: -e RUNSC_DEBUG=1 --security-opt seccomp=/Applications/Dangerzone.app/Contents/Resources/share/seccomp.gvisor.json)

@sq-gh
Copy link

sq-gh commented Aug 29, 2024

@apyrgio i'm also interested in a docker desktop alternative so i installed colima, here is what i get on an M2 macbook:
output.txt

colima version 0.7.5
git commit: 1588c066b9ab9dae8205ef265929c7eb43dca473

runtime: docker
arch: aarch64
client: v27.2.0
server: v27.1.1

@EtiennePerot
Copy link
Contributor

The relevant log section is:

I0829 17:14:14.304020      26 chroot.go:91] Setting up sandbox chroot in "/tmp"
W0829 17:14:14.304036      26 util.go:64] FATAL ERROR: error setting up chroot: error converting mounts: permission denied

This is part of gVisor's setup process. I'm not super familiar with Colima but it looks like it uses a VM much like Docker Desktop does, so this likely stems from a difference in permissions between the VM image that Colima uses vs the one Docker Desktop uses. I don't have an M2 Macbook, but could probably look into reproducing this by running the Colima VM image on a Linux host.

@almet
Copy link
Contributor

almet commented Sep 2, 2024

this likely stems from a difference in permissions between the VM image that Colima uses vs the one Docker Desktop uses.

This seems related to abiosoft/colima#267, which points to the fact that only $HOME and /tmp/colima are available to the container. It's possible to change the mounts though to make /tmp available (or detect we're using colima and act accordingly).

@almet
Copy link
Contributor

almet commented Sep 2, 2024

@LasseKrache

You can try running colima with colima start --mount "/tmp:w"

Also, here is how to change the mounts to make this permanent. Can you give it a try and report if it works on your end?

colima stop
limactl edit colima

Check the mounts section, and adjust it (maybe create a new mount).

@LasseKrache
Copy link
Author

LasseKrache commented Sep 2, 2024

@almet

Thank you again for your response - really appreciate it! :-)

colima start --mount "/tmp:w" did not work, error was

errors inspecting instance: [field mounts[1].location must not be a system path such as /etc or /usr]

so I changed it to colima start --mount "/Users/lasse/tmp:w"
but Dangerzone did not recognize the instance: "Dangerzone Requires Docker Desktop"

Beside that, I noticed that limactl cannot find the colima instance:

▶ limactl list
WARN[0000] No instance found. Run `limactl create` to create an instance.

so I cannot change the mount entries ...

I guess, that there is a "bigger" problem ... and that I really need to learn more about all these topics.

@almet
Copy link
Contributor

almet commented Sep 2, 2024

Thanks for the follow-up. This "Dangerzone requires Docker Desktop" error is probably due to the fact we're looking for the wrong binaries (because we detect the OS and use different binaries for the container technology based on the result).

Because we want at some point to provide alternatives for docker desktop (see #118), I'll have a look later on to see if I can get it running on a Mac Silicon machine (Unfortunately, I don't have it with me right now).

@EtiennePerot
Copy link
Contributor

EtiennePerot commented Sep 2, 2024

gVisor picks its temporary directory using os.TempDir(), which can be overridden by setting the TMPDIR environment variable. So one way to not have to expose some host directory as the VM's /tmp may be to change the TMPDIR env variable to some other world-writable directory.

To see if this works, try to edit this section of the code:

security_args += ["--cap-drop", "all"]
security_args += ["--cap-add", "SYS_CHROOT"]
security_args += ["--security-opt", "label=type:container_engine_t"]
security_args += ["--network=none"]
security_args += ["-u", "dangerzone"]

Add a line somewhere in there to set the TMPDIR environment variable:

        security_args += ["--env", "TMPDIR=/some/directory"]

(Yes, this doesn't really belong in the get_runtime_security_args function, but this will allow verifying whether this environment-variable-based solution can work around this problem.)

Using this, can you try setting TMPDIR=/tmp/colima, and also separately try setting TMPDIR=/dev/shm?

If it works with /tmp/colima we know that we've correctly diagnosed the issue. If it works with /dev/shm we can probably unconditionally set this as the temporary directory for all runtimes in order to avoid introducing a container-runtime-dependent behavior.

@apyrgio
Copy link
Contributor

apyrgio commented Sep 9, 2024

Hm, there's something I don't follow here. For the first stage of the conversion, we don't want something from the host within the container. As long as gVisor can write to /tmp/ (which is a very typical requirement), then the error does not look mount-related. It looks to me like a seccomp issue, like the one we have encountered here #908. Also, the fact that these two issues where created after 0.7.0 is really suspicious.

Note though that I do think that the second part of the conversion may fail, due to the /tmp/colima requirement. Probably that's the error that the user was experiencing in the pre-0.7.0 Dangerzone versions. We have to experiment with Colima first to be sure.

@apyrgio apyrgio added this to the 0.8.0 milestone Sep 9, 2024
@almet
Copy link
Contributor

almet commented Sep 19, 2024

Setting the TMPDIR env variable (in different ways) doesn't seem to change the produced error message, and doesn't seem to affect the directory that's used by gVisor's chroot.go / os.TempDir. For instance, hoping inside the container and trying to run fails the same way, even with --security-opt seccomp=unconfined:

docker run --rm -it --security-opt seccomp=unconfined --entrypoint ash dangerzone.rocks/dangerzone:latest
TMPDIR=/tmp/colima RUNSC_DEBUG=1 ./entrypoint.py

In these cases, having setting the permissions to a+rwx on /tmp didn't changed anything.

That being said, the /tmp directory was writable, and as such I'm not sure permissions are the reason why runsc is failing.

The complete error message is as follows:

I0919 11:38:50.997198      27 chroot.go:91] Setting up sandbox chroot in "/tmp"
W0919 11:38:50.997256      27 util.go:64] FATAL ERROR: error setting up chroot: error converting mounts: permission denied
error setting up chroot: error converting mounts: permission denied

The actual error from gVisor, is triggered by these lines, which is probably where it throws the "permission denied" error we see, when trying to "safe mount" on /.

Note: I've also tried to change the VM type used by colima (from vz to qemu), and changed the mountType to 9p, but it doesn't make any difference.

@harrislapiroff harrislapiroff modified the milestones: 0.8.0, Bookmarks Sep 19, 2024
@EtiennePerot
Copy link
Contributor

Another possibility here might be AppArmor. At least on Docker, I believe the default profile prevents mount. I'm guessing we don't see this with Docker Desktop because the VM it uses may not have AppArmor enabled perhaps?

Can you try to add --security-opt=apparmor=unconfined?

@apyrgio
Copy link
Contributor

apyrgio commented Sep 23, 2024

Hm, interesting idea. I see that Colima has switched to an Ubuntu VM image on version 0.6.0: https://github.com/abiosoft/colima/blob/main/docs/FAQ.md#version-v060-and-newer. So, it may have AppArmor support.

Alexis will be most likely unavailable this week, but hopefully he can give it a look once he's back.

@almet
Copy link
Contributor

almet commented Oct 5, 2024

We were releasing a hotfix release last week, and haven't got the time to have a look at this until now.

Looking at the output of docker info when running colima, it seems that apparmor is enabled:

$ docker info
...snip...
Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.8.0-31-generic
 Operating System: Ubuntu 24.04 LTS
 OSType: linux
 Architecture: aarch64
 CPUs: 4
 Total Memory: 7.735GiB
 Name: colima

To disable apparmor in the colima VM, here is what I did:

$ colima ssh sudo systemctl disable apparmor
$ colima ssh sudo aa-teardown
$ colima ssh sudo aa-status
apparmor module is loaded.
88 profiles are loaded.
0 profiles are in enforce mode.
0 profiles are in complain mode.
0 profiles are in prompt mode.
0 profiles are in kill mode.
88 profiles are in unconfined mode.

And then, running our entrypoint in debug mode as follows. Unfortunately it still gives me the same output, it seems that fork is not authorized, not sure why:

/opt/homebrew/bin/docker run --security-opt seccomp=unconfined --security-opt label=type:container_engine_t --security-opt apparmor=unconfined --network=none -u dangerzone -e RUNSC_DEBUG=1 --rm -i dangerzone.rocks/dangerzone

Running gVisor with command line: /usr/bin/runsc --rootless=true --network=none --root=/home/dangerzone/.containers --debug=true --alsologtostderr=true run --bundle=/home/dangerzone/dangerzone-image dangerzone
I1005 21:45:09.935060       7 main.go:196] **************** gVisor ****************
I1005 21:45:09.935131       7 main.go:197] Version release-20240826.0, go1.22.0 X:nocoverageredesign, arm64, 4 CPUs, linux, PID 7, PPID 1, UID 1000, GID 1000
D1005 21:45:09.935151       7 main.go:198] Page size: 0x1000 (4096 bytes)
I1005 21:45:09.935159       7 main.go:199] Args: [/usr/bin/runsc --rootless=true --network=none --root=/home/dangerzone/.containers --debug=true --alsologtostderr=true run --bundle=/home/dangerzone/dangerzone-image dangerzone]
I1005 21:45:09.935173       7 config.go:413] Platform: systrap
I1005 21:45:09.935229       7 config.go:414] RootDir: /home/dangerzone/.containers
I1005 21:45:09.935235       7 config.go:415] FileAccess: exclusive / Directfs: true / Overlay: root:self
I1005 21:45:09.935247       7 config.go:416] Network: none
I1005 21:45:09.935254       7 config.go:418] Debug: true. Strace: false, max size: 1024, syscalls:
D1005 21:45:09.935261       7 config.go:436] Config.RootDir (--root): /home/dangerzone/.containers
D1005 21:45:09.935269       7 config.go:436] Config.Traceback (--traceback): system
D1005 21:45:09.935275       7 config.go:436] Config.Debug (--debug): true
D1005 21:45:09.935280       7 config.go:436] Config.LogFilename (--log): (empty)
D1005 21:45:09.935285       7 config.go:436] Config.LogFormat (--log-format): text
D1005 21:45:09.935289       7 config.go:436] Config.DebugLog (--debug-log): (empty)
D1005 21:45:09.935292       7 config.go:436] Config.DebugToUserLog (--debug-to-user-log): false
D1005 21:45:09.935296       7 config.go:436] Config.DebugCommand (--debug-command): (empty)
D1005 21:45:09.935300       7 config.go:436] Config.PanicLog (--panic-log): (empty)
D1005 21:45:09.935303       7 config.go:436] Config.CoverageReport (--coverage-report): (empty)
D1005 21:45:09.935317       7 config.go:436] Config.DebugLogFormat (--debug-log-format): text
D1005 21:45:09.935321       7 config.go:436] Config.FileAccess (--file-access): exclusive
D1005 21:45:09.935326       7 config.go:436] Config.FileAccessMounts (--file-access-mounts): shared
D1005 21:45:09.935330       7 config.go:436] Config.Overlay (--overlay): false
D1005 21:45:09.935337       7 config.go:436] Config.Overlay2 (--overlay2): root:self
D1005 21:45:09.935345       7 config.go:436] Config.FSGoferHostUDS (--fsgofer-host-uds): false
D1005 21:45:09.935349       7 config.go:436] Config.HostUDS (--host-uds): none
D1005 21:45:09.935696       7 config.go:436] Config.HostFifo (--host-fifo): none
D1005 21:45:09.935706       7 config.go:436] Config.Network (--network): none
D1005 21:45:09.935711       7 config.go:436] Config.EnableRaw (--net-raw): false
D1005 21:45:09.935715       7 config.go:436] Config.AllowPacketEndpointWrite (--TESTONLY-allow-packet-endpoint-write): false
D1005 21:45:09.935724       7 config.go:436] Config.HostGSO (--gso): true
D1005 21:45:09.935733       7 config.go:436] Config.GVisorGSO (--software-gso): true
D1005 21:45:09.935737       7 config.go:436] Config.GVisorGRO (--gvisor-gro): false
D1005 21:45:09.935741       7 config.go:436] Config.TXChecksumOffload (--tx-checksum-offload): false
D1005 21:45:09.935745       7 config.go:436] Config.RXChecksumOffload (--rx-checksum-offload): true
D1005 21:45:09.935748       7 config.go:436] Config.QDisc (--qdisc): fifo
D1005 21:45:09.935754       7 config.go:436] Config.LogPackets (--log-packets): false
D1005 21:45:09.935771       7 config.go:436] Config.PCAP (--pcap-log): (empty)
D1005 21:45:09.935774       7 config.go:436] Config.Platform (--platform): systrap
D1005 21:45:09.935778       7 config.go:436] Config.PlatformDevicePath (--platform_device_path): (empty)
D1005 21:45:09.935782       7 config.go:436] Config.MetricServer (--metric-server): (empty)
D1005 21:45:09.935785       7 config.go:436] Config.ProfilingMetrics (--profiling-metrics): (empty)
D1005 21:45:09.935789       7 config.go:436] Config.ProfilingMetricsLog (--profiling-metrics-log): (empty)
D1005 21:45:09.935794       7 config.go:436] Config.ProfilingMetricsRate (--profiling-metrics-rate-us): 1000
D1005 21:45:09.935797       7 config.go:436] Config.Strace (--strace): false
D1005 21:45:09.935801       7 config.go:436] Config.StraceSyscalls (--strace-syscalls): (empty)
D1005 21:45:09.935805       7 config.go:436] Config.StraceLogSize (--strace-log-size): 1024
D1005 21:45:09.935808       7 config.go:436] Config.StraceEvent (--strace-event): false
D1005 21:45:09.935812       7 config.go:438] Config.DisableSeccomp: false
D1005 21:45:09.935819       7 config.go:436] Config.EnableCoreTags (--enable-core-tags): false
D1005 21:45:09.935830       7 config.go:436] Config.WatchdogAction (--watchdog-action): logWarning
D1005 21:45:09.935839       7 config.go:436] Config.PanicSignal (--panic-signal): -1
D1005 21:45:09.935843       7 config.go:436] Config.ProfileEnable (--profile): false
D1005 21:45:09.935846       7 config.go:436] Config.ProfileBlock (--profile-block): (empty)
D1005 21:45:09.935850       7 config.go:436] Config.ProfileCPU (--profile-cpu): (empty)
D1005 21:45:09.935864       7 config.go:436] Config.ProfileHeap (--profile-heap): (empty)
D1005 21:45:09.935868       7 config.go:436] Config.ProfileMutex (--profile-mutex): (empty)
D1005 21:45:09.935871       7 config.go:436] Config.TraceFile (--trace): (empty)
D1005 21:45:09.935875       7 config.go:436] Config.NumNetworkChannels (--num-network-channels): 1
D1005 21:45:09.935879       7 config.go:436] Config.NetworkProcessorsPerChannel (--network-processors-per-channel): 0
D1005 21:45:09.935883       7 config.go:436] Config.Rootless (--rootless): true
D1005 21:45:09.935886       7 config.go:436] Config.AlsoLogToStderr (--alsologtostderr): true
D1005 21:45:09.935891       7 config.go:436] Config.ReferenceLeak (--ref-leak-mode): disabled
D1005 21:45:09.935896       7 config.go:436] Config.CPUNumFromQuota (--cpu-num-from-quota): false
D1005 21:45:09.935899       7 config.go:436] Config.AllowFlagOverride (--allow-flag-override): false
D1005 21:45:09.935903       7 config.go:436] Config.OCISeccomp (--oci-seccomp): false
D1005 21:45:09.935907       7 config.go:436] Config.IgnoreCgroups (--ignore-cgroups): false
D1005 21:45:09.935910       7 config.go:436] Config.SystemdCgroup (--systemd-cgroup): false
D1005 21:45:09.935916       7 config.go:436] Config.PodInitConfig (--pod-init-config): (empty)
D1005 21:45:09.935920       7 config.go:436] Config.BufferPooling (--buffer-pooling): true
D1005 21:45:09.935924       7 config.go:436] Config.XDP (--EXPERIMENTAL-xdp): {0 }
D1005 21:45:09.935931       7 config.go:436] Config.AFXDPUseNeedWakeup (--EXPERIMENTAL-xdp-need-wakeup): true
D1005 21:45:09.935935       7 config.go:436] Config.FDLimit (--fdlimit): -1
D1005 21:45:09.935948       7 config.go:436] Config.DCache (--dcache): -1
D1005 21:45:09.935952       7 config.go:436] Config.IOUring (--iouring): false
D1005 21:45:09.935959       7 config.go:436] Config.DirectFS (--directfs): true
D1005 21:45:09.935963       7 config.go:436] Config.AppHugePages (--app-huge-pages): true
D1005 21:45:09.935967       7 config.go:436] Config.NVProxy (--nvproxy): false
D1005 21:45:09.935970       7 config.go:436] Config.NVProxyDocker (--nvproxy-docker): false
D1005 21:45:09.935974       7 config.go:436] Config.NVProxyDriverVersion (--nvproxy-driver-version): (empty)
D1005 21:45:09.935978       7 config.go:436] Config.TPUProxy (--tpuproxy): false
D1005 21:45:09.935981       7 config.go:436] Config.TestOnlyAllowRunAsCurrentUserWithoutChroot (--TESTONLY-unsafe-nonroot): false
D1005 21:45:09.935985       7 config.go:436] Config.TestOnlyTestNameEnv (--TESTONLY-test-name-env): (empty)
D1005 21:45:09.935989       7 config.go:436] Config.TestOnlyAFSSyscallPanic (--TESTONLY-afs-syscall-panic): false
D1005 21:45:09.935993       7 config.go:438] Config.explicitlySet: <map[string]struct {} Value> (unexported)
D1005 21:45:09.935999       7 config.go:436] Config.ReproduceNAT (--reproduce-nat): false
D1005 21:45:09.936005       7 config.go:436] Config.ReproduceNftables (--reproduce-nftables): false
D1005 21:45:09.936009       7 config.go:436] Config.NetDisconnectOk (--net-disconnect-ok): false
D1005 21:45:09.936013       7 config.go:436] Config.TestOnlyAutosaveImagePath (--TESTONLY-autosave-image-path): (empty)
D1005 21:45:09.936017       7 config.go:436] Config.TestOnlyAutosaveResume (--TESTONLY-autosave-resume): false
I1005 21:45:09.936020       7 main.go:201] **************** gVisor ****************
I1005 21:45:09.936145       7 namespace.go:247] *** Re-running as root in new user namespace ***
W1005 21:45:09.936308       7 util.go:64] FATAL ERROR: Error executing inside namespace: re-executing self: fork/exec /proc/self/exe: permission denied
Error executing inside namespace: re-executing self: fork/exec /proc/self/exe: permission denied
W1005 21:45:09.936668       7 main.go:231] Failure to execute command, err: 1
gVisor quit with exit code: 128

@EtiennePerot
Copy link
Contributor

Thanks for looking. To be clear, I don't think AppArmor needs to be disabled system-wide, just the --security-opt=apparmor=unconfined flag should be enough.

In your logs it shows that runsc is being launched without the --directfs=false flag which was added in #898, so the dangerzone.rocks/dangerzone image on your machine may be out of date. I'd start there to see if that changes anything.

I've installed Colima on my Linux machine and was not able to reproduce this. docker run --security-opt seccomp=unconfined --security-opt label=type:container_engine_t --security-opt apparmor=unconfined --network=none -u dangerzone -e RUNSC_DEBUG=1 --rm -i dangerzone.rocks/dangerzone echo hi works, as does the one with the extra arguments that Dangerzone uses (adding --security-opt=no-new-privileges:true --cap-drop=all --cap-add=SYS_CHROOT). This is with colima 0.6.8 and lima 0.22.0.

There are other settings that could make the clone(2) system call fail here, such as /proc/sys/kernel/unprivileged_userns_clone or /proc/sys/kernel/unprivileged_userns_apparmor_policy being set to 0. I am adding code that automates checking these settings in gVisor (google/gvisor#10981) to make debugging this problem easier. But at least on the lima VM that is running on my Linux machine, these options appears to be 1 already, so I don't think they're the problem. I'm confused as to what else could possibly lead to this permission failure.

Can you try to read /proc/self/status outside of the gVisor sandbox but within the outer container? Something like docker run --security-opt seccomp=unconfined --security-opt label=type:container_engine_t --security-opt apparmor=unconfined --network=none -u dangerzone -e RUNSC_DEBUG=1 --rm -i --security-opt=no-new-privileges:true --cap-drop=all --cap-add=SYS_CHROOT --entrypoint='' dangerzone.rocks/dangerzone cat /proc/self/status (the use of --entrypoint='' means the command isn't wrapped with the entrypoint script). For me, this prints:

Name:   cat
Umask:  0022
State:  R (running)
Tgid:   1
Ngid:   0
Pid:    1
PPid:   0
TracerPid:      0
Uid:    1000    1000    1000    1000
Gid:    1000    1000    1000    1000
FDSize: 64
Groups: 1000 
NStgid: 1
NSpid:  1
NSpgid: 1
NSsid:  1
Kthread:        0
VmPeak:     1676 kB
VmSize:     1676 kB
VmLck:         0 kB
VmPin:         0 kB
VmHWM:       768 kB
VmRSS:       768 kB
RssAnon:               0 kB
RssFile:             768 kB
RssShmem:              0 kB
VmData:       88 kB
VmStk:       132 kB
VmExe:       616 kB
VmLib:       344 kB
VmPTE:        44 kB
VmSwap:        0 kB
HugetlbPages:          0 kB
CoreDumping:    0
THP_enabled:    1
untag_mask:     0xffffffffffffffff
Threads:        1
SigQ:   0/7757
SigPnd: 0000000000000000
ShdPnd: 0000000000000000
SigBlk: 0000000000000000
SigIgn: 0000000000000000
SigCgt: 0000000000000000
CapInh: 0000000000000000
CapPrm: 0000000000000000
CapEff: 0000000000000000
CapBnd: 0000000000040000
CapAmb: 0000000000000000
NoNewPrivs:     1
Seccomp:        0
Seccomp_filters:        0
Speculation_Store_Bypass:       vulnerable
SpeculationIndirectBranch:      always enabled
Cpus_allowed:   3
Cpus_allowed_list:      0-1
Mems_allowed:   00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000001
Mems_allowed_list:      0
voluntary_ctxt_switches:        14
nonvoluntary_ctxt_switches:     1

@almet
Copy link
Contributor

almet commented Oct 7, 2024

Thanks @EtiennePerot. Running with the latest container doesn't make a difference (I was using the container we shipped with 0.7.1, which didn't contain the --directfs=false from #898).

Here is the result of the command:

Name:	cat
Umask:	0022
State:	R (running)
Tgid:	1
Ngid:	0
Pid:	1
PPid:	0
TracerPid:	0
Uid:	1000	1000	1000	1000
Gid:	1000	1000	1000	1000
FDSize:	64
Groups:	1000
NStgid:	1
NSpid:	1
NSpgid:	1
NSsid:	1
Kthread:	0
VmPeak:	    1800 kB
VmSize:	    1768 kB
VmLck:	       0 kB
VmPin:	       0 kB
VmHWM:	     896 kB
VmRSS:	     896 kB
RssAnon:	       0 kB
RssFile:	     896 kB
RssShmem:	       0 kB
VmData:	      88 kB
VmStk:	     132 kB
VmExe:	     868 kB
VmLib:	     652 kB
VmPTE:	      48 kB
VmSwap:	       0 kB
HugetlbPages:	       0 kB
CoreDumping:	0
THP_enabled:	1
untag_mask:	0xffffffffffffff
Threads:	1
SigQ:	0/7649
SigPnd:	0000000000000000
ShdPnd:	0000000000000000
SigBlk:	0000000000000000
SigIgn:	0000000000000000
SigCgt:	0000000000000000
CapInh:	0000000000000000
CapPrm:	0000000000000000
CapEff:	0000000000000000
CapBnd:	0000000000040000
CapAmb:	0000000000000000
NoNewPrivs:	1
Seccomp:	0
Seccomp_filters:	0
Speculation_Store_Bypass:	vulnerable
SpeculationIndirectBranch:	unknown
Cpus_allowed:	3
Cpus_allowed_list:	0-1
Mems_allowed:	00000000,00000001
Mems_allowed_list:	0
voluntary_ctxt_switches:	15
nonvoluntary_ctxt_switches:	47

Additionally, cat /proc/sys/kernel/unprivileged_userns_apparmor_policy and cat /proc/sys/kernel/unprivileged_userns_clone return both 1, so we should be good here.

@almet
Copy link
Contributor

almet commented Oct 10, 2024

After some more tinkering with @apyrgio, we found that it's possible to make the container work with colima, by doing the following changes:

  1. Add --security-opt: apparmor=unconfined to the docker invocation by applying the following patch to dangerzone:
diff --git a/dangerzone/isolation_provider/container.py b/dangerzone/isolation_provider/container.py
index fe6626c..cbf6c52 100644
--- a/dangerzone/isolation_provider/container.py
+++ b/dangerzone/isolation_provider/container.py
@@ -142,6 +145,7 @@ class Container(IsolationProvider):
         security_args += ["--cap-drop", "all"]
         security_args += ["--cap-add", "SYS_CHROOT"]
         security_args += ["--security-opt", "label=type:container_engine_t"]
+        security_args += ["--security-opt", "apparmor=unconfined"]
 
         security_args += ["--network=none"]
         security_args += ["-u", "dangerzone"]

and also
2. Disable the kernel.apparmor_restrict_unprivileged_userns in the colima VM, with the following commands:

colima ssh sudo su
echo "kernel.apparmor_restrict_unprivileged_userns = 0" >/etc/sysctl.d/99-userns.conf
sysctl --system

With these two changes, the conversion from pixels to PDF phase will still fail with colima. This means that even when applying these fixes, dangerzone <= 0.7.1 will not be able to convert documents.

Fortunately, this situation is fixed by the on-host conversion work (see #625). This is expected to be merged in the following weeks, and be included with the 0.8.0 release.

Still, we are not super happy with the idea of adding --security-opt: apparmor=unconfined to all of our docker calls, because it would reduce the overall security. Maybe there is a way to disable this in colima/lima, without having to pass this flag?

If you would like this to happen, don't hesitate to experiment around with colima/lima settings, and report your findings here.

@EtiennePerot
Copy link
Contributor

Thanks for debugging this! I'm assuming that the problem was that the VM configuration lima uses for /proc/sys/kernel/unprivileged_userns_apparmor_policy changed after the one I tested with (0.22.0).

Still, we are not super happy with the idea of adding --security-opt: apparmor=unconfined to all of our docker calls, because it would reduce the overall security. Maybe there is a way to disable this in colima/lima, without having to pass this flag?

This restriction against mount is actually present by default in Docker; the only reason why it's not causing issues, as far as I can tell, is because most Linux distributions don't have AppArmor enforcement enabled. But if/when they do, that will start causing issues. So effectively, adding the --security-opt=apparmor=unconfined flag now makes distributions where AppArmor enforcement is enabled act like the distributions where AppArmor enforcement isn't yet enabled. Therefore, I would recommend doing that in the short term, to reduce the effective differences across container runtimes that Dangerzone runs on and thereby reducing support load.

Then, as a longer-term thing, I think it would be feasible to fork Docker's default AppArmor profile, allow mount and whatever else is needed to make Dangerzone work, and then explicitly specify that profile in the container runtime flags. It is a similar thing as the existing gVisor-specific seccomp profile. This would also be beneficial in that Dangerzone would avoid the risk that a container runtime's default AppArmor profile becomes more permissive over time, again similar to seccomp profiles.

@apyrgio
Copy link
Contributor

apyrgio commented Oct 16, 2024

the only reason why it's not causing issues, as far as I can tell, is because most Linux distributions don't have AppArmor enforcement enabled. But if/when they do, that will start causing issues.

This got me thinking; we know that Dangerzone works in Ubuntu, and we have also checked that the AppArmor module is loaded and enforced in Ubuntu distros. So, if this was the case, why haven't we encountered a problem yet?

Well, turns out that the AppArmor profile for Podman allows everything:

$ cat /etc/apparmor.d/podman 
# This profile allows everything and only exists to give the
# application a name instead of having the label "unconfined"

abi <abi/4.0>,
include <tunables/global>

profile podman /usr/bin/podman {
  userns,

  # Site-specific additions and overrides. See local/README for details.
  include if exists <local/podman>
}

It also shows up as unconfined in AppArmor status:

$ sudo aa-status
apparmor module is loaded.
185 profiles are loaded.
88 profiles are in enforce mode.
   [...]
6 profiles are in complain mode.
   [...]
0 profiles are in prompt mode.
0 profiles are in kill mode.
91 profiles are in unconfined mode.
   [...]
   pageedit
   podman  <------------------ here is the Podman profile
   polypane
   [...]
9 processes have profiles defined.
9 processes are in enforce mode.
   [...]
0 processes are in complain mode.
0 processes are in prompt mode.
0 processes are in kill mode.
0 processes are unconfined but have a profile defined.
0 processes are in mixed mode.

Note

Enforcing the unrestrictive Podman profile with sudo aa-enforce podman actually makes Podman fail, even for simple tasks (e.g., podman run hello-world). So, either this profile is not as unconfined as it states, or something else is going on here

Therefore, I would recommend doing that in the short term, to reduce the effective differences across container runtimes that Dangerzone runs on and thereby reducing support load.

Then, as a longer-term thing, I think it would be feasible to fork Docker's default AppArmor profile, allow mount and whatever else is needed to make Dangerzone work, and then explicitly specify that profile in the container runtime flags.

I think you're right Etienne. We have demonstrated that setting AppArmor to unconfined does not reduce the security defenses in any of our supported distros. Real quick summary for that:

  • In Windows/macOS, the AppArmor module is not loaded.
  • In Linux (in practice, Ubuntu), the default AppArmor profile for Podman is treated as unconfined.

I think we can move forward with your plan.

@almet
Copy link
Contributor

almet commented Oct 17, 2024

Thanks for debugging this! I'm assuming that the problem was that the VM configuration lima uses for /proc/sys/kernel/unprivileged_userns_apparmor_policy changed after the one I tested with (0.22.0).

I haven't found any changes on the lima repository making changes on these kernel settings, unfortunately. The closest I had was lima-vm/lima#1911 but it was included in 0.18.0.

colima switched from an Alpine-based image to a Ubuntu-based one in their latest versions. Could it be related to this maybe? 🤔

Enforcing the unrestrictive Podman profile with sudo aa-enforce podman actually makes Podman fail, even for simple tasks (e.g., podman run hello-world). So, either this profile is not as unconfined as it states, or something else is going on here

There is definitely something going on: I would also expect that enforcing a pass-trough profile to not change anything in the end. There is something we don't understand about App Armor and how it affects the containers.

I think you're right Etienne. We have demonstrated that setting AppArmor to unconfined does not reduce the security defenses in any of our supported distros. Real quick summary for that:

* In Windows/macOS, the AppArmor module is not loaded.

* In Linux (in practice, Ubuntu), the default AppArmor profile for Podman is treated as unconfined.

I think we can move forward with your plan.

It seem to be a good idea on the long run! If that's okay for you, I would prefer holding that off a little, until we have a better understanding of the interconnections between App Armor and container security. After all and as you mentioned, none of our supported platforms are currently affected right now.

I'm always a bit reluctant to disable security features, especially if there is something I miss 🫣🙃.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

7 participants