linux-traipu team mailing list archive

Thread
Date

[Bug 577919] Re: chromium-browser fails to start (guest account, OpenVZ): "Failed to move to new PID namespace: Operation not permitted"

To: linux-traipu@xxxxxxxxxxxxxxxxxxx
From: jeremiejig <pauljiang@xxxxxxx>
Date: Mon, 27 Aug 2012 21:16:10 -0000
Reply-to: Bug 577919 <577919@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

First of all I apologize for my possible bad english.

Well I have the same problem and found some more information :

Description: Ubuntu 12:04:1 LTS
Release: 12.04
x86_64

When I look at my syslog file I found this line :

Aug 27 16:47:53 kernel: type=1400 audit(1346078873.846:2503): apparmor="DENIED" operation="open" parent=1 profile="/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper" name="/proc/3574/oom_score_adj" pid=3574 comm="chromium-browse" requested_mask="wc" denied_mask="wc" fsuid=119 ouid=119
Aug 27 16:47:53 kernel: type=1400 audit(1346078873.846:2504): apparmor="DENIED" operation="capable" parent=3574 profile="/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper" pid=3578 comm="chromium-browse" capability=21  capname="sys_admin"

Also when launching chromiun in a shell I get this error :
Failed to move to new PID namespace: Operation not permitted


When I try to fix this error by creating a child profile in apparmor I'm now with this error :
Failed to determine real pocess id of new "init" process

the new syslog :


Aug 27 23:03:29 kernel: [206330.553415] type=1400 audit(1346101409.730:6150): apparmor="DENIED" operation="open" parent=9565 profile="/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper//chromium" name="/proc/9854/oom_score_adj" pid=9854 comm="chromium-browse" requested_mask="wc" denied_mask="wc" fsuid=119 ouid=119
Aug 27 23:03:29 kernel: [206330.556458] type=1400 audit(1346101409.734:6151): apparmor="DENIED" operation="open" parent=1 profile="/usr/lib/lightdm/lightdm/lightdm-guest-session-wrapper//chromium" name="/proc/9859/status" pid=9859 comm="chromium-browse" requested_mask="r" denied_mask="r" fsuid=119 ouid=0

I'm still working around but due to the lack of information on apparmor profile it's a little hard.
In attachment the profile I last use as an attempt to fix the bug.

** Attachment added: "attempt to fix the bug (not working)"
   https://bugs.launchpad.net/ubuntu/+source/gdm-guest-session/+bug/577919/+attachment/3279672/+files/lightdm-guest-session

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Chromium Browser.
https://bugs.launchpad.net/bugs/577919

Title:
  chromium-browser fails to start (guest account, OpenVZ): "Failed to
  move to new PID namespace: Operation not permitted"

Status in Chromium Browser:
  Unknown
Status in OpenVZ kernel (patchset):
  Confirmed
Status in “gdm-guest-session” package in Ubuntu:
  Confirmed

Bug description:
  Binary package hint: chromium-browser

  When i opened my guest account to let my friend to use the computer,
  he couldn't run chromium-browser.

  But it works ok when my user account is activated

  ProblemType: Bug
  DistroRelease: Ubuntu 10.04
  Package: chromium-browser 5.0.342.9~r43360-0ubuntu2
  ProcVersionSignature: Ubuntu 2.6.32-22.33-generic 2.6.32.11+drm33.2
  Uname: Linux 2.6.32-22-generic i686
  Architecture: i386
  Date: Sun May  9 19:49:44 2010
  InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Beta i386 (20100318)
  ProcEnviron:
   LANG=tr_TR.utf8
   SHELL=/bin/bash
  SourcePackage: chromium-browser

To manage notifications about this bug go to:
https://bugs.launchpad.net/chromium-browser/+bug/577919/+subscriptions