From 1afb772f7148e2f0a6409fc11d8505a2bddfd894 Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Sat, 31 Dec 2022 15:56:09 -0500 Subject: [PATCH 1/2] app_containers: Kill all previously running instances Because things like dbus can be broken inside. --- app_containers/.local/bin/run_app_container | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app_containers/.local/bin/run_app_container b/app_containers/.local/bin/run_app_container index 0d08a15..7f7e7e8 100755 --- a/app_containers/.local/bin/run_app_container +++ b/app_containers/.local/bin/run_app_container @@ -29,6 +29,10 @@ if [ -f "$config" ]; then source "$config" fi +# Kill any previously running instances +# This could be due to, say, a broken libappindicator icon (because of broken dbus) +sudo -A machinectl kill $CONTAINER_NAME > /dev/null 2>&1 + # Create a XDG_RUNTIME_DIR for guest on host container_xdg_runtime="$(mktemp -d -p /var/tmp)" trap cleanup EXIT From a631fae406b515a524774a3064969a0bfae981e5 Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Sat, 31 Dec 2022 15:56:56 -0500 Subject: [PATCH 2/2] app_containers: Add TODO about DBus in userns --- app_containers/.local/bin/run_app_container | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app_containers/.local/bin/run_app_container b/app_containers/.local/bin/run_app_container index 7f7e7e8..40ca404 100755 --- a/app_containers/.local/bin/run_app_container +++ b/app_containers/.local/bin/run_app_container @@ -79,6 +79,8 @@ if [ "$CONTAINER_USE_USERNS" = true ]; then private_users=$(shuf -i 65536-$((2147483647 - 65536)) -n1) # Pick a random starting offset bind_opts="idmap" user_on_host=$((private_users + run_as)) + # TODO: DBus is broken inside a user namespace due to permission issues + # TODO: Fix this, somehow. fi # Grant the user inside the container access to the Wayland / Xorg display