From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7325333789757931520 X-Gmail-Labels: Topic type: DISCUSSION X-Received: by 2002:a05:6871:5a97:b0:210:ce97:e194 with SMTP id oo23-20020a0568715a9700b00210ce97e194mr20821oac.6.1705569816322; Thu, 18 Jan 2024 01:23:36 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6870:9729:b0:210:9792:c4a9 with SMTP id n41-20020a056870972900b002109792c4a9ls278004oaq.1.-pod-prod-05-us; Thu, 18 Jan 2024 01:23:35 -0800 (PST) X-Google-Smtp-Source: AGHT+IGm2k4Ce0QQSNlfoQRDTKXC+9n7butNU1hHv9wZI48bLADOlAXoPevusejsqUMWJB3dvVQN X-Received: by 2002:a05:6870:5aaa:b0:206:8095:7f78 with SMTP id dt42-20020a0568705aaa00b0020680957f78mr339238oab.50.1705569815506; Thu, 18 Jan 2024 01:23:35 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1705569815; cv=pass; d=google.com; s=arc-20160816; b=BTKaRvVBEH4L0/ocJWua8wt+ztDr3h0ifaf2YcHlq4cTIkKUdAJmLuoMPDuuzU5Qh4 1+nBIsGz4quoYUztu8ojS1lHbDtVnHOat0U6CQR4wGpNynY1x+0erRhO5ZSLALfTem3y 3cShTgMaksvNCCtGvJXYTtth9pLGAHb5lnDObhB76FMClQLau47q4Myoe4IxDaEATFUH qiM449S8jTl7kGeJ9fwQRELDuRP2vnBR7/Ggb9izUHmDes+vwugL3gHHum30RO6eZc9+ qlUwBGmdgw80w2RETEyAjJ55g7CsuiSEIusmNUWGdnBXjQXDzEciGVkRdzmrGkA/3sLl ICdQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:in-reply-to:from:references :to:content-language:subject:user-agent:date:message-id :dkim-signature; bh=/gK6jTOC6sOHqV2AGM16dzZv6JqHUeqZBKh0D03bmTw=; fh=eewSXB7G1O5VETdv1TqYeqW6/GzVpZAcTeN5jHTG+Y8=; b=p99EHe2NoSSjWsJUyXOa7MiSqIKw42n1n08P8F4qK6nqs+BniEyrjI8TRxCkX2dHy2 ItRQX6MM1n8zd0pWJvmJiae/7rmcleJpxtLP5/aSlQU8E1/3lu4yRnLH5UfYZJsSITXd EdLgzyVRpA9mNYczOj+aQAV0fntjWjAWR2JttLF5+ouWiv0od2FszeiZxa3xxigMSfQ+ TujBtUIwmrUay1z0//hs/Czna/2j3Ryho8q71DeN3Dx+1wy84yAbEJsBQ0EQfe8SZnWW AmhFOFYhuhT2AkpLfK4gzz7eBGyQKm9CM160O2BoHz7ZuP2kVGAIgGOOV0yKTGzA+9bV OZVw== ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Igg5NsMu; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe1f::630 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Return-Path: Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01on0630.outbound.protection.outlook.com. [2a01:111:f400:fe1f::630]) by gmr-mx.google.com with ESMTPS id di25-20020a0568303a1900b006e0b71cd589si101194otb.1.2024.01.18.01.23.35 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 18 Jan 2024 01:23:35 -0800 (PST) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe1f::630 as permitted sender) client-ip=2a01:111:f400:fe1f::630; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=Igg5NsMu; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe1f::630 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZJwQwXSVQcwcBxfA+R3Khl9wdwuGqbqDW8j+T1dbAgxZ9bDloaExpBojC//OJyikU+utviHhU3Kk7Lved+xj1DgATh9CB2BOBD9YcFaFayCyuZ6/X6JP+KuXsEZcvysBEHp9N5HGT8NHXivMWHWp+2JHmZbYkJFupQqAxh2xgOvx8jPYGhCpnFzX6YmsjJVBOKgM+sc7uw0BLdJcqLpn+NcWfA3bX8XjKIEitavQc3UnFYw4bEpYRuGYmGPSbESj8MffzrKOlbMfeEsLJqm7NfrBFSD3PxueqPzb/oE8kfK30rWUUWJ81eHSRT85vZ+HBXduxaIwdAdEKAVbmiMruw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/gK6jTOC6sOHqV2AGM16dzZv6JqHUeqZBKh0D03bmTw=; b=HaD9W67l8iUPGgp6U7N7F/kNS3nDkFPiPFYz1dncD3jV3ILVYJUUi9HJbCz8gT84NZKTaguhl2W2EU3ikIpSie03He0QpRrW9k4hyMHpnYpod8V7TGKuXmcl0wQP+7Q+KBBFwUojCvl24bkKD2GuSCaY/Ej5gYmaQfqnVSMvWBRsAbDPrhX42PZlVtIBIm8+0R4TcZmCEVxYOuUnrhvnDPFGDLMvZX9pIkhmVODgCnx2Rk50IPw25YRL7ufr5JuOwzccBIcrkPfpFXNFlX/TFoPgstdALKBEVLThKnR4jmcWpDbOt1jzQzJGXh5t6pC5VrWmanRLtqPR6GyW943OCA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/gK6jTOC6sOHqV2AGM16dzZv6JqHUeqZBKh0D03bmTw=; b=Igg5NsMupIkurKn8C5JmM2+Ul+ckV3mvv196a+xqUoBt0DY/iUdvuEzn7gnI6gBnuEFEATB6hNdUZ0b/APLj1SjECYPUq3ZRmZtYGjjyZ6FhUG5/zo6D8xz8fwm3m7UpoRHmHArfAlMM8aqVDDxF+dGwmqS34vkWLx80oIGI6xcWx4pF2aBfmH3RSGOyue5gqSufANrTpuBR5xKd48pfEwPN/Cbzb7O3AujK31fKeELaUk2eMWlSHCx3TqtAK3NXH5fJzgJrDTc2bjPBbuFZwMmGp781VO1VBKQaLpdR+mGhNfgymSwIzhISgD0WwVgSPT2n2VjLtwl8H4gdhLr6ow== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; Received: from AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:588::19) by AS2PR10MB6997.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:59b::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7202.24; Thu, 18 Jan 2024 09:23:33 +0000 Received: from AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM ([fe80::8d16:7fbb:4964:94fe]) by AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM ([fe80::8d16:7fbb:4964:94fe%3]) with mapi id 15.20.7202.024; Thu, 18 Jan 2024 09:23:33 +0000 Message-ID: <5f49ea26-6df0-4fd1-a3e7-fb708ba39861@siemens.com> Date: Thu, 18 Jan 2024 10:23:30 +0100 User-Agent: Mozilla Thunderbird Subject: Re: mount loop devices not works in schroot Content-Language: en-US To: Srinuvasan Arjunan , isar-users References: <398dbb64-03db-4922-b829-4cef9656804cn@googlegroups.com> <30d89d27-4004-4f9c-8d3a-e8c466aaaa3f@siemens.com> From: Jan Kiszka In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-ClientProxiedBy: FR0P281CA0091.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10:a9::11) To AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:588::19) Return-Path: jan.kiszka@siemens.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS4PR10MB6181:EE_|AS2PR10MB6997:EE_ X-MS-Office365-Filtering-Correlation-Id: 5116fe50-a4e9-438e-a162-08dc1807242d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: XUxS9jlfQMooSBuURD84rCEnRAdRLSuKmpR6Jt82S2Ss116YR71YSw7OfnOdr3T+26666AyNKriSpmIdmIGuAliy8KAoIIOvqmFt9BchXHFqoNgwHnYALNLmYZtFn9+M1afEQpV9sHXIZpi1fUYQ9du3j4kmMHanYKeKwWACVmmON4R61ylOSo9OCTYX9fGyZ8oIdAfPRnXpbKjS3zQnY4R/lNkHctv4siN5Z1I08HwoG2sdPQ2jhhAsPzA+NEG6XpXIa+vTG2bYUw/OB9L6Zj5nspQs5KYGMtHV88L6NY7rKsK1KSBYrNUtqskMEkUrwEqbyHSuBPcmdRlLszIp8wz3bLFKdVKgCb6VxBIQ/e1GDCHDEI9MzFw9lckHbndyFOZjzlqE6KPbPdgAn0YAUnyS1WpZG++ZIGeXBi7gdVtP9xC945U+boJFJBz0cIuUKdAP9CHCeEZqeYJUase5DMfP+Cxwn0ErzQ0JYVltZNbgCgXJO2nm1EzRdV5FOczkv4Ia7xK7xDW58BxtcoVOR//qptrnbAu3TRBrchXXRVPs+kA/G8C17nSkD4J2/WG6/9WTDzrz5YnfHrGDOFEWox+qh6qtyxdnT8OUjMtiW1J3CdcXYhhpSakoUG5wmdbNfIa9DNwfjggM4ebLBzHhNw== X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230031)(376002)(366004)(39860400002)(396003)(136003)(346002)(230922051799003)(64100799003)(1800799012)(186009)(451199024)(8676002)(8936002)(38100700002)(82960400001)(36756003)(41300700001)(2906002)(31696002)(86362001)(44832011)(5660300002)(53546011)(6506007)(26005)(6486002)(478600001)(2616005)(66946007)(316002)(66556008)(66476007)(6512007)(110136005)(31686004)(45980500001)(43740500002);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?SVFEb0ZHNTRNZ0Rlb3c0U0Y5TkFuVmgxakt1aUp2Ly9CMElYOXI2NTZkL3Rz?= =?utf-8?B?a3Z1ZGtVZThucXJ4dFBvSUg1SE5BazBMUE1DalRzTnVUbkhyRytjczhScWhz?= =?utf-8?B?MTZxcGlZeC8yQzZJYlFQMkZib242M3d5WEFsYUZra0pWbC9abEhnTlhWcGhW?= =?utf-8?B?cWdrcDNUQjZRNDZMVko2U1RvTlF1Rk5rUzB2RG5ZL05lQXZLbGw3b1pLdTlZ?= =?utf-8?B?L25LdEllbEVyNm1rNXJMbUtZWlk2NDh0ZDN4c0xmbDcxRENGRDFDanQvUmFO?= =?utf-8?B?MnRqOWZEakM3M3pZanNtY1pwZFM3Y1BUaFV2d3NVQkc0OU5mZzhLTmFXdWNt?= =?utf-8?B?NDJnK2hJcDVxYWEzSVJ0V2ZYMUNESmF3ekg4Tk5Lektod3FxM1A4VFhGVWRo?= =?utf-8?B?UEhnZjR4VVhmV21OK3BTL0ZNUGNyQThCWWdVVlZvMk9WTXluRFl5aldKbDBU?= =?utf-8?B?VC9YOEsxVi9tRXltd1FRVGVtNmR1aFBmUk1ibVl5WHd6emFxWmNYUVloa0lh?= =?utf-8?B?b0JGRmEzcEFEaHB2SUJMQzU5SHQ0ZkFrMGRPbzNQcEJMeEhwaEFHSDFHY1hv?= =?utf-8?B?K0FWTVZmMWQ0eHl1enVjQVFoWUp5UVVxalUxY1IzNzdJaHI5cnU1RUsvaDND?= =?utf-8?B?ZzJXc01oT3Byc05tM0RvQlpORjZWUTZzRkxvOUZxYVZTMUthV3p6Z2lXbkRt?= =?utf-8?B?Z0EwNStvQ3VwNkdEbmZtLzFqRHQxOTYvUm9veWZTUnkyUzJtVlNRbEFUZXZK?= =?utf-8?B?UU5jQTlBdjNpRFk0M2p4c3pwRzFPVXJRKzg3dGtqODhnb2FPWjRPVHIwVkNI?= =?utf-8?B?VzNOMGZ5VWEyZU1pUC81SlhUQUptTCtaZFBnVWp1QjZlRUgrSVdhR0x4SlNQ?= =?utf-8?B?bHNkZ2ZIWFdVTzhoaWxoaDlqdWVmL1kxdnRFd3BzUHk0T0RvTFdsaHl1eGQr?= =?utf-8?B?c3JtOFhZY09vL243SkxPK1hEdC9RK3U2WFFNbnVlWVUzeUg5T0l1RnZSemdm?= =?utf-8?B?NWZva3R6UXkzUjZTeFNCQnVPQ1I1Z0tpSUdPb0hhbE1sL04zQ1N2aDgxY09C?= =?utf-8?B?aWxCK0k2UmNvYnpmZE5qM0dMaTdnWHFxY3BhdVF1UmxNTmhseElMb1c1TUF6?= =?utf-8?B?MmV3anBXQWVwR2hOemVYN0xDNytrbk9Yc2EzVlNaaFJ0S2NiMXh5d2VMUUdI?= =?utf-8?B?eERFc2o3cnJYajhpcjlqRitqc2hLVlpXdndiVXQzUXdEbEVkZTVLUlBLYVNL?= =?utf-8?B?cHp4YkoxR2NsSFhBby9vM0ZEUW1DOW5XZ0lhVXQrZDlUbmo3QjlyMzNUSDBV?= =?utf-8?B?c0NvOVUzVXQzRHhzekpBS1pXQWRtd2ZrNlgyblV2dnRLSUpncEhXcklJRSs3?= =?utf-8?B?Tk9yRVN0SnJ5b2czNmttU3VtOFp6MGtoMkNYcklsTTlLNDJMNjliVmJ3Rjgz?= =?utf-8?B?eVlBRzJnaWluV2pLMU53alh0a1hldTVHY0RXdDNJcm5sSkN0bjF4U2FLdGxM?= =?utf-8?B?d0ZhZXYrVHlrc3duOHNEck1ERFRUdzBQWStaRXNQNHJTem5HYVhpQjVwbytv?= =?utf-8?B?em8xeU1jYkpFR2FxeE1nOGp5dk1JT041WGRuTDNQdlhZNmlpQUFFZ2JGa0hZ?= =?utf-8?B?dURXSklvTFp4NmdPZ2VNdytQQjJqbkwrUzdBUk1lRUIyNTd5YkZvWUZPbS9v?= =?utf-8?B?QXpPS2NmNWYwV25CM25DUytrd1VxYWIwN1hIbHZqM2NEdkY5d2JyeGp3OFlD?= =?utf-8?B?Qm4xQURBbVorTHNlYW1sSjhpSDY2bGJFYlhudVNVZ01PVklPc2JQcmdJU2tU?= =?utf-8?B?cC9XRUZFQTlIZGZIWkJ0VE1iN3p6cWllN3ZOSmRhTTBLYXBPdjZqL1NrSDRo?= =?utf-8?B?N1ZWN0w1a255TzlGL0pBZEpSdVMyZlBHZG1DVG43MytYdm54RVVWZEFmVW91?= =?utf-8?B?NWFYZURDYWpKd0NCWnN3czNlNDBwb2RvZGkwcXpzOUhHVjA1WEhoWTFFc2Vm?= =?utf-8?B?VDUvaURHcG52bDhZNDVZbzVwRkhrbU94N0RsSHpvdWljcGZabVp3cFNqdHd3?= =?utf-8?B?c3oweWFERzBFN2JHK0xTWkN1dVdjOVppbW1LeE13VXMwM3QvQ1FSbXVuVW43?= =?utf-8?B?akpRRmxHZXk3NTh1b1ZiSUttWStDSys5bVlMUy9hN29udTBtVFFiazRWTmUr?= =?utf-8?B?TkE9PQ==?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5116fe50-a4e9-438e-a162-08dc1807242d X-MS-Exchange-CrossTenant-AuthSource: AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Jan 2024 09:23:33.1516 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: LStlYDgZoIsL/GenehwbKRMAqkvVBqbOsWfl0qLU3ki/4+7zhbStYxzA+mJho0E0xoHjrSe4rW9avNCLVE1DRA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS2PR10MB6997 X-TUID: foXKKRyGZgVF On 18.01.24 09:16, Srinuvasan Arjunan wrote: > > > On Thursday, January 18, 2024 at 1:26:32 PM UTC+5:30 Jan Kiszka wrote: > > On 18.01.24 08:16, Srinuvasan Arjunan wrote: > > Hi All, > > > >              Presently we migrated the chroot to sbuildchroot and > one of > > my image creation part i try to mount some temporary file system as a > > loop device and do create volumes and other stuffs. > > > > Here i could see am not able to mount the file system as a loop > device > > specifically in chroot. > > > > reproduce steps: > >   > > 1. chroot into the created session  > > 2. dd if=/dev/zero of=ext4.img bs=4k count=2048 > > 3.mkfs.ext4 ext4.img > > 4. mnt=$(mktemp -d) > > 5.  mount -o loop 'ext4.img' "${mnt}" > > > > when i mount this ext4.img as a loop devices it throws the below > error: > > Error: "mount: /tmp/tmp.7oJoEpL0vt: mount failed: Operation not > permitted."  > > > > But the above steps are working fine in my host machine. > > > > I hope we need to install the loop module in chroot or any other > > suggestion that would be helpful to mount loop devices in schroot > sessions. > > > > Note:  losetup also not works in schroot. > > > > I don't think you can run such stuff in the schroot, and you will > surely > not be able to once we fully de-privilege the build. That's why I > suggested to you already to get rid of this loop-mount requirement. > > Jan > > -- > Siemens AG, Technology > Linux Expert Center > > > > Thanks jan for your quick reply, but still i didn't get this line "and > you will surely > not be able to once we fully de-privilege the build" > > Can you please provide more information on the above line Unprivileged building implies that you do not allow the building user to use a kernel filesystem driver to mount filesystem images controlled by that user. Filesystem drivers are not designed for that use case, and there is no change in this regard in sight. Jan -- Siemens AG, Technology Linux Expert Center