Closed subhtak closed 3 months ago
gollux
commented
4 months ago dotnet is very peculiar in many senses and it is hard to get it running within a sandbox. I tried that a few months ago and the results is issue 1243 in CMS repository, which documents all the roadblocks I encountered.
In this case, you need to provide /etc/passwd with entries for the UIDs used by the sandbox.
subhtak
commented
4 months ago @gollux thanks for the reply. Attached is the/etc/passwd. I don't have much idea how to add user account specific to this usecase. Pls suggest.
passwd.txt
gollux
commented
4 months ago Look at Isolate's configuration file and find the UID range used for sandboxes. Add corresponding entries to passwd.
subhtak
commented
4 months ago Hey @gollux
I am not very clear with how to make the entry there in etc/passwd as the created user info is not known. Following fields are required separated by colon (:)
I am not able to find out the process id nor the uid/gid when the isolate command is run. This is the range I have in config:
Block of UIDs and GIDs reserved for sandboxes
first_uid = 60000
first_gid = 60000
num_boxes = 50000Please help @gollux
gollux
commented
4 months ago You do not need a process ID, just the user ID. You can determine it by running /usr/bin/id -a in the sandbox, or compute it as a sum of first_uid from the configuration with the ID of the sandbox you are starting (if you do not specify an explicit ID, it defaults to 0).
subhtak
commented
4 months ago Thanks @gollux. After making the required entry in the /etc/passwd, the issue is resolved and dotnet commands are working inside isolate. But everytime making an entry in the /etc/passwd for every code execution is not great idea. I hope we can find a more optimal solution for this.
gollux
commented
4 months ago Just add the required users to /etc/passwd in the host system.
isolate --cg -p --chdir=CSHARP11_BASIC/src --open-files=1024 -E HOME=tmp --box-id=555 --run -- /usr/local/dotnet-sdk/dotnet runThank you in advance