Closed zyberzebra closed 3 months ago
Probably similar to https://github.com/freedomofpress/dangerzone/issues/749. I see that your OS is Windows, which means that this problem is not contained to Fedora 39 Silverblue, as we originally assumed. We need to debug further.
Out of curiosity, does this happen with every file that you try to sanitize?
Yes. You need some errorlogs?
Dang. Even with very simple ones, like this: https://github.com/freedomofpress/dangerzone/raw/main/tests/test_docs/sample-doc.doc?
You need some errorlogs?
Sure, if you can run dangerzone-cli
in Windows, and copy its output, that would help. You should be able to find it under "Program files" -> "Dangerzone".
The Simple one worked:
[doc x0jORC] 0% Converting page 1/3 to pixels
[doc x0jORC] 16% Converting page 2/3 to pixels
[doc x0jORC] 32% Converting page 3/3 to pixels
[doc x0jORC] 49% Converted document to pixels
> 'C:\Program Files\Docker\Docker\resources\bin\docker.EXE' run --network none -u dangerzone --security-opt=no-new-privileges:true --cap-drop all --rm -i -v 'C:\Users\user\AppData\Local\Temp\tmppf1tmu4d:/safezone:Z' -e OCR=0 -e OCR_LANGUAGE=None dangerzone.rocks/dangerzone /usr/bin/python3 -m dangerzone.conversion.pixels_to_pdf
[doc x0jORC] 50% Converting page 1/3 from pixels to PDF
[doc x0jORC] 65% Converting page 2/3 from pixels to PDF
[doc x0jORC] 80% Converting page 3/3 from pixels to PDF
[doc x0jORC] 100% Safe PDF created
Safe PDF(s) created successfully
Thats the output on my pdf
[doc i1G6FA] 49% Converted document to pixels
ERROR An exception occurred while converting document 'i1G6FA'
Traceback (most recent call last):
File "C:\Users\dz\dangerzone\dangerzone\isolation_provider\base.py", line 76, in convert
File "C:\Users\dz\AppData\Local\Programs\Python\Python311\Lib\subprocess.py", line 1264, in wait
File "C:\Users\dz\AppData\Local\Programs\Python\Python311\Lib\subprocess.py", line 1591, in _wait
subprocess.TimeoutExpired: Command '['C:\\Program Files\\Docker\\Docker\\resources\\bin\\docker.EXE', 'run', '--network', 'none', '-u', 'dangerzone', '--security-opt=no-new-privileges:true', '--cap-drop', 'all', '--rm', '-i', 'dangerzone.rocks/dangerzone', '/usr/bin/python3', '-m', 'dangerzone.conversion.doc_to_pixels']' timed out after 3 seconds
ERROR [doc i1G6FA] 0% Command '['C:\\Program Files\\Docker\\Docker\\resources\\bin\\docker.EXE', 'run', '--network', 'none', '-u', 'dangerzone', '--security-opt=no-new-privileges:true', '--cap-drop', 'all', '--rm', '-i', 'dangerzone.rocks/dangerzone', '/usr/bin/python3', '-m', 'dangerzone.conversion.doc_to_pixels']' timed out after 3 seconds
Failed to convert document(s)
i have had this problem, and by editing dangerzone/isolation_provider/base.py
line 76 conversion_proc.wait(3) to '10' conversion worked. I guess I should submit a MR to make this timeout something in settings?
@banerian Thanks a lot for this extra info. This shows that whatever is blocking the container from quitting, does not stay on indefinitely. However, the proper fix here is to find out what's the blocker in the first place. Waiting for an arbitrary number of seconds during each conversion will not cut it, I'm afraid.
I have some questions, if you have some time:
.pdf
, .doc
, etc.), number of pages, if they come from a particular source, etc.Since you can edit the Dangerzone source, could you make the following change in the dangerzone/isolation_provider/container.py
file, run dangerzone-cli
, and send us its output?
diff --git a/dangerzone/isolation_provider/container.py b/dangerzone/isolation_provider/container.py
index cbadcc3..6553677 100644
--- a/dangerzone/isolation_provider/container.py
+++ b/dangerzone/isolation_provider/container.py
@@ -165,7 +165,7 @@ class Container(IsolationProvider):
args,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
- stderr=self.proc_stderr,
+ #stderr=self.proc_stderr,
startupinfo=startupinfo,
)
(the above applies to anyone affected by this issue, thanks in advance)
Actually, I'll ping you in another issue (https://github.com/freedomofpress/dangerzone/issues/749#issuecomment-2028074500), since this is one is a duplicate, and we can continue the discussion there.