[Error] Container with root + init logs out host user when first running distrobox enter

vitedevs commented 5 months ago

Describe the bug

The same issue as: https://github.com/89luca89/distrobox/issues/344

I have an Arch container with some exported apps. Every time I enter the container or launch one of the exported apps, I get logged out from my (host) system. After that it works fine - until next host (re)boot.

To Reproduce 1) Create a Linux container, passing --root --init as options; 2) Enter the container or launch any exported app;

Expected behavior Not be logged out.

Desktop (please complete the following information):

Are you using podman, docker or lilipod? docker
Which version or podman, docker or lilipod? 25.0.2
Which version of distrobox? 1.6.0.1
Which host distribution? Pop_OS 22.04 (Ubuntu 22.04)
How did you install distrobox? Can't remember.

89luca89 commented 5 months ago

@vitedevs thanks for reporting, can you try with last git version? there are lots of fixes on root+init containers

I cannot reproduce on Aeon, Ubuntu and Fedora hosts

bubuntux commented 3 months ago

i am seeing something similar, root+init freeze my whole system,

Are you using podman, docker or lilipod? podman
Which version or podman, docker or lilipod? 4.9.3
Which version of distrobox? 1.7.1.0 
Which host distribution?  Fedora 39.20240331.0 (Sericea)
How did you install distrobox? 
rpm package

When i try to

distrobox create --root --image quay.io/toolbx/ubuntu-toolbox:latest  --additional-packages "systemd docker"   --init  --unshare-all --hostname test  --home /home/test -n test
distrobox enter --root test

my whole system freezes, nothing respond after "Firing up init system... "

UPDATE: after further research seems like it only crashed the graphical interface (sway [wayland]), after restarting the graphical interface the container seems to work just fine, i'm unaware why it crashes or how to troubleshoot it

bubuntux commented 3 months ago

I was able to replicate the issue on a nixos env using sway, same results

DamienGombaultRecia commented 3 months ago

Hi. I have noticed a similar problem on a recent Fedora Kinoite version 39. The host desktop environment freezed immediatly after "firing up the init system". I get this log with the verbose option :

bubuntux commented 3 months ago

yeah i also see that, i think is odd but unrelated, i think the problematic line is on distrobox-init [ -e /usr/lib/systemd/systemd ] && exec /usr/lib/systemd/systemd --system --log-target=console --unit=multi-user.target but not sure how to fix the problem

13steinj commented 3 months ago

I suspect this is caused by some newly enabled systemd service. I get this under a specific sub-condition/case/variation:

distrobox create  --name "boxxy" --init --image ubuntu:22.04 --additional-packages "systemd libpam-systemd"
exit
distrobox enter "boxxy"  # fine
exit
distrobox stop "boxxy"
distrobox enter "boxxy"  # STILL fine
sudo systemctl list-unit-files | grep enabled | sort > ./before-desktop  # I'm suspicous
sudo apt -y update && sudo apt -y install ubuntu-desktop  # use apt-fast or nala if it's too slow for you, I usually just say "screw it" and mount /etc/apt from the host
sudo systemctl list-unit-files | grep enabled | sort > ./after-desktop
exit
distrobox stop "boxxy"
distrobox enter "boxxy"  # BOOM, even after I log back in, I can't re-enter the distrobox

I suspect something is attempting to grab the display (or account service, for that matter), kicking the user out.

I haven't used arch in a while but I assume something in the default image is giving you an Xorg server and/or DM and/or WM and/or L(ogin)M(anager).

Diffing the files... I may be inept, but I can't make heads or tails of the diff. But I can pipe them into python and know how to use sets!

>>> from collections import namedtuple
>>> from pprint import pprint

>>> SystemctlUnit = namedtuple("SystemctlUnit", field_names="name,state,preset")

>>> before = set([SystemctlUnit(*x.strip().split()) for x in open("./before-desktop").readlines()])
>>> after = set([SystemctlUnit(*x.strip().split()) for x in open("./after-desktop").readlines()])
>>> pprint(after - before)
{SystemctlUnit(name='ModemManager.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='NetworkManager-dispatcher.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='NetworkManager-wait-online.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='NetworkManager.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='accounts-daemon.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='acpid.path', state='enabled', preset='enabled'),
 SystemctlUnit(name='acpid.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='acpid.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='alsa-utils.service', state='masked', preset='enabled'),
 SystemctlUnit(name='anacron.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='anacron.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='apparmor.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='apport-autoreport.path', state='enabled', preset='enabled'),
 SystemctlUnit(name='apport-autoreport.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='apport-forward.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='bluetooth.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='brltty.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='cron.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='cups-browsed.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='cups.path', state='enabled', preset='enabled'),
 SystemctlUnit(name='cups.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='cups.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='fwupd-refresh.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='gpu-manager.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='kerneloops.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='openvpn-client@.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='openvpn-server@.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='openvpn.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='openvpn@.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='power-profiles-daemon.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='pulseaudio-enable-autospawn.service', state='masked', preset='enabled'),
 SystemctlUnit(name='rtkit-daemon.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='saned.service', state='masked', preset='enabled'),
 SystemctlUnit(name='saned.socket', state='disabled', preset='enabled'),
 SystemctlUnit(name='saned@.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='secureboot-db.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.apparmor.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.autoimport.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.core-fixup.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.recovery-chooser-trigger.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.seeded.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.snap-repair.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='snapd.system-shutdown.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='speech-dispatcherd.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='spice-vdagentd.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-autofs.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-autofs.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd-nss.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-nss.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd-pac.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-pac.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd-pam-priv.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd-pam.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-pam.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd-ssh.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-ssh.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd-sudo.service', state='indirect', preset='enabled'),
 SystemctlUnit(name='sssd-sudo.socket', state='enabled', preset='enabled'),
 SystemctlUnit(name='sssd.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='switcheroo-control.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='systemd-oomd.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='ua-reboot-cmds.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='ua-timer.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='ubuntu-advantage.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='udisks2.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='unattended-upgrades.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='update-notifier-download.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='update-notifier-motd.timer', state='enabled', preset='enabled'),
 SystemctlUnit(name='upower.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='whoopsie.path', state='enabled', preset='enabled'),
 SystemctlUnit(name='wpa_supplicant-nl80211@.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='wpa_supplicant-wired@.service', state='disabled', preset='enabled'),
 SystemctlUnit(name='wpa_supplicant.service', state='enabled', preset='enabled'),
 SystemctlUnit(name='wpa_supplicant@.service', state='disabled', preset='enabled')}
>>> pprint(before-after)
set()

with open("./disabler.sh", "a") as f:
    for x in after - before:
        print(f"systemctl disable {x.name}", file=f)

For the sake of argument I said fuck it-- disable them all!

sudo ./disabler.sh
exit

Then stop and start-- it still logs me out, but, I can re-enter the distrobox sans-issue, which is progress.

E: My issue appears to be resolved via --unshare-ipc (though I don't know what else that affects).

89luca89 commented 2 months ago

Is this still happening with 1.7+?

I still can't reproduce the issue with podman, rootful podman and docker sadly

bubuntux commented 2 months ago

yes, i still can reproduce on distrobox version: 1.7.1.0 podman version 5.0.2 using sway + sddm (fedora sericea 40) <- i think the problem with this setup and using these 2 commands

distrobox create --root --image quay.io/toolbx/ubuntu-toolbox:latest  --additional-packages "systemd docker"   --init  --unshare-all --hostname test  --home /home/test -n test
distrobox enter --root test

89luca89 commented 2 months ago

I'll need to check on Sericea then

Quite busy with other stuff now, maybe a thing to check would be to send both podman and journalctl logs to a file while launching this, so we can try to pinpoint what unit triggers this

bubuntux commented 2 months ago

i temporarily rebased to kinoite to test this out and i saw a quick disconnect on my internet but everything worked fine after it, so the issue seems related to how sway systemd services are setup IMO

89luca89 commented 2 months ago

More than a sway problem, it probably still is a service that distrobox should mask, maybe you can do a diff between systemctl --no-pager between sericea and kinoite, and see what sericea has that kinoite doesn't

evrpg commented 2 months ago

Hello, I have the same issue using Pop_OS.

I created the container with this command: distrobox create -i ubuntu:22.04 --name ubuntu_22.04 --additional-packages "systemd libpam-systemd" --init

I see this line in the dixtrobox enter -v ubuntu_22.04 output : + sh -c sleep 1 && while true; do systemctl is-system-running | grep -E 'running|degraded' && break; echo 'waiting for systemd to come up...\n' && sleep 1; done && systemctl start user@rpg.service && systemctl start user-integration@rpg.service && loginctl enable-linger rpg || : && echo container_setup_done

I have another ArchLinux container that was created with the command: distrobox create -i archlinux:latest --name ArchLinux

And neither the issue nor the line posted above is present.

Please find here out_ubuntu.log the output of distrobox enter ubuntu_22.04 -v, it may help the investigation.

13steinj commented 2 months ago

Just a thought-- it would be great to dump a log of what services are being started to a known location, so issues like this could be debugged more easily.

EpixMan commented 1 month ago

Just a thought-- it would be great to dump a log of what services are being started to a known location, so issues like this could be debugged more easily.

I tried to do my best, Those are my specs: bazzite, hyprland, nvidia.

here is systemctlstatus log before running distrobox enter systemctllog1.log

After crashing I entered another tty and logged journalctl.log after crashing (started distrobox enter on 23:32:00 but wasn't sure on what to exclude, so I just kept the raw result of The journalctl). And another systemctl status here (for after crashing period, but on tty) systemctllog2.log

EpixMan commented 1 month ago

@89luca89 @13steinj Please tell me if you need more info

89luca89 commented 4 weeks ago

This has been fixed as of commit a537dfffa6589640e586a1395eec498ed792ccd9

89luca89 / distrobox

[Error] Container with root + init logs out host user when first running distrobox enter #1193