search

ThomasTJdev / nim_websitecreator

Nim fullstack website framework - deploy a website within minutes
https://nimwc.org
MIT License
176 stars 7 forks source link

Firejail breaks recompile of plugin #93

Closed ThomasTJdev closed 5 years ago

ThomasTJdev commented 5 years ago

I'm having some difficulties starting plugins, when I have compiled with -d:firejail. When I start a plugin from the browser, it breaks during recompile with:

stack trace: (most recent call last)
../../../../.nimble/pkgs/firejail-0.5.0/firejail.nim(14)
/home/user/.nimble/pkgs/firejail-0.5.0/firejail.nim(14, 57) Error: index out of bounds
E, [2019-04-17T08:51:41] -- nimwc_main: No such file or directory; Additional info: "No such file or directory"

Debugging shows the breakpoint to be:

proc recompile*(): int {.inline.} =
  ## Recompile nimwc_main
  let
    appName = dict.getSectionValue("Server", "appname")
    appPath = getAppDir() & "/" & appName
    outp = execCmd("nim c " & checkCompileOptions & " -o:" & appPath & "_new_tmp " & getAppDir() & "/nimwc_main.nim")
=> Breaks during `execCmd`
  moveFile(getAppDir() & "/" & appName & "_new_tmp", getAppDir() & "/" & appName & "_new")
  return outp

But if I just run the command manually from proc recompile*() everything works as expected. (I have echo'ed the command to replicate it)

nim c  -d:ssl -d:ssl -d:webp -d:firejail -d:release -o:/home/user/nim/nim_websitecreator/nimwcpkg/nimwc_main_new_tmp /home/user/nim/nim_websitecreator/nimwcpkg/nimwc_main.nim

I have tried working with the various config options, but I have had no luck. This happens on my local Arch and on a headless Ubuntu. Could you have a try @juancarlospaco ?

juancarlospaco commented 5 years ago

Yes. I know it happens (when defined firejail).

Most users dont seem too annoyed by this, but yeah can be improved. Firejail sees you downloaded files from internet and try to execute them server side and kinda dont like it probably because it looks potentially insecure, then intentionally blocks it. Maybe just document that it needs a restart when adding new plugins and firejail is active :grey_question:

BTW I am participating on https://eventol.flisol.org.ar/events/flisol-caba-2019/ this month, Sat 27, Maybe 2 talks, if approved, and 1 is about NimWC.

ThomasTJdev commented 5 years ago
  • it can be solved by a restart, then recompile.

This is a full restart. The force restart from the browser is not enough.

  • it can also be solved by changing the default firejail config.

How? What config should be changed?

Most users dont seem too annoyed by this, but yeah can be improved.

When we ship NimWC with firejail as default in nimwc.nim.cfg, I think main features such as plugins should work out of the box. We can change the firejail config to allow it as standard, otherwise we should clearly state it in the documentation.

BTW I am participating on https://eventol.flisol.org.ar/events/flisol-caba-2019/ this month, Sat 27, Maybe 2 talks, if approved, and 1 is about NimWC.

Nice 😃 Best of luck! It's a little to far away for me to come and see 😉