On Fri, 2021-03-19 at 05:45 +0000, Ken Moffat via blfs-book wrote:
> On Fri, Mar 19, 2021 at 12:04:56AM -0500, Douglas R. Reno via blfs-book wrote:
> > On Thu, Mar 18, 2021 at 11:33 PM ken--- via blfs-book <
> > blfs-book@lists.linuxfromscratch.org> wrote:
> >
> > > Author: ken
> > > Date: Thu Mar 18 21:32:57 2021
> > > New Revision: 24382
> > >
> > > Log:
> > > Update qtwebengine to 5.15.3 from git.
> > >
> > > This is a lot bigger and slower to build.
> > >
> > > Downgrade the 'Caution's in qtwebengien and falkon to 'Warning's.
> > > I am not yet suggesting we should deprecate those two packages,
> > > but users should start to ask themselves whether the want to use
> > > a package where the upstreams are happy to stick with python2
> > > and have no interest in running on current glibc.
> > >
> [...]
> > > + <sect2 role="kernel" id="qtwebengine-kernel">
> > > + <title>Kernel Configuration</title>
> > > +
> > > + <para>
> > > + Enable the following options in the kernel configuration and
> > > recompile the
> > > + kernel if necessary:
> > > + </para>
> > > +
> > > +<!-- Spaces are significant in <screen> sections -->
> > > +<screen><literal>General setup --->
> > > + -*- Namespaces support --->
> > > + [*] UTS namespace [CONFIG_UTS_NS]
> > > + [*] TIME namespace [CONFIG_TIME_NS]
> > > + [*] IPC namespace [CONFIG_IPC_NS]
> > > + [ ] User namespace #CONFIG_USER_NS is not set
> > > + [*] PID namespace [CONFIG_PID_NS]
> > > + [*] Network namespace
> > > [CONFIG_NET_NS]</literal></screen>
> > > +
> > > + <para>
> > > + These are now the default options. Do <emphasis>NOT</emphasis>
> > > enable
> > > + User namespace (CONFIG_USER_NS), it <emphasis>will</emphasis> cause
> > > + libQtWebengineCore to crash.
> > > + </para>
> > > +
> > > + <indexterm zone="qtwebengine qtwebengine-kernel">
> > > + <primary sortas="d-qtwebengine">qtwebengine</primary>
> > > + </indexterm>
> > > + </sect2>
> > >
> > >
> > This is going to be a problem. UPower requires CONFIG_USER_NS to function
> > properly.
> >
>
> Ouch. After adding '-config debug' to the qconf invocation (in
> front of the '--') I was able to make a debug build (needs 25GB for
> source and install). Trying to run falkon from gdb gave me a series
> of backtraces (multiple threads).
>
> [26147:26147:0318/162343.989885:FATAL:sandbox_linux.cc(555)] Check failed:
> NamespaceSandbox::InNewPidNamespace().
>
> bool SandboxLinux::EngageNamespaceSandboxInternal(bool from_zygote) {
> CHECK(pre_initialized_);
> CHECK(IsSingleThreaded())
> << "The process cannot have multiple threads when engaging the namespace
> "
> "sandbox, because the thread engaging the sandbox cannot ensure that
> "
> "other threads close all their open directories.";
>
> if (from_zygote) {
> // Check being in a new PID namespace created by the namespace sandbox and
> // being the init process.
> CHECK(NamespaceSandbox::InNewPidNamespace());
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> const pid_t pid = getpid();
> CHECK_EQ(1, pid);
> }
>
> Note that on one of my machines where this works I do not have PID
> namespaces enabled at the moment, but those settings above are all
> the defaults and I obviously never saw any reason to enable that
> when making oldconfig.
>
> That failing code seems to have been called from
>
> [26137:26137:0318/162346.234871:FATAL:zygote_host_impl_linux.cc(204)] Check
> failed: ReceiveFixedMessage(fds[0], kZygoteHelloMessage,
> sizeof(kZygoteHelloMessage), &real_pid).
>
> But I was none the wiser about the rest of it, and after checking
> that the chromium glibc-2.33 patch at Arch matched the qtwebengine
> patch I tried turning off CONFIG_USER_NS just in case, and was
> relieved whn falkon worked.
>
> > I'll spend some time looking at this when i'm done with video editing work
> > (Monday, which is also when I'll start on GNOME-40 and other tickets).
>
> Sorry about that. But I'm surprised - the kernel help says (end of
> lines trimmed for length)
>
> CONFIG_USER_NS:
> │
> │ This allows containers, i.e. vservers, to use user namespaces
> │ to provide different user info for different servers.
> │
> │ When user namespaces are enabled in the kernel it is
> │ recommended that the MEMCG option also be enabled and that
> │ user-space use the memory control groups to limit the amount
> │ of memory a memory unprivileged users can use.
> │
> │ If unsure, say N.
>
FWIIW, i've built qtwebengine 5.15.3 by the book, and I have CONFIG_USER_NS set
in my kernel config. Using the previously compiled falkon (against 5.15.2), I've
not seen any problem (not sure I've tried many things, videos on youtube, and
random web sites). I've been able to compile falkon against 5.15.3, and to
install it. Still no failure up to now.
Pierre
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
