0

X based applications (like Geany, LibreOffice, etc, i.e. with GUI, running via shortcuts in Desktop Apps scope), installed inside libertine, have got access to faked rootfs and to real home dir (/home/phablet). But terminal applications (like mc), installed inside libertine, have got access only to faked rootfs. Why is such difference? What is mechanism for X based applications? How can I grant access for the libertine terminal applications to real home dir?

Vladimir
  • 207
  • I have gnome-terminal and terminator installed in libertine, and they both start out in /home/phablet. After installing mc, I can't actually get it to start. How are you running mc? – Larry Price Oct 05 '16 at 14:03
  • (Hm, Larry, see Kyle's article http://kylenubuntu.blogspot.ru/2016/07/running-x-apps-on-ubuntu-devices.html) Just run: libertine-container-manager exec --command "mc" --id my-container in terminal!! Of course, I can solve my problem with mount, for example: sudo mount --bind /home/phablet /home/phablet/.cache/libertine-container/my-container/rootfs/home/phablet/realhome. But I want to understand mechanism of libertine's restrictions for terminal and GUI apps. – Vladimir Oct 06 '16 at 16:27
  • By the way, if I run libertine-container-manager exec --command "sh" --id my-container in stock terminal (or via ssh) then I have the same: only access to faked rootfs. – Vladimir Oct 06 '16 at 16:39
  • I'm curious if there is an issue with exec as opposed to running from the scope. Feel free to file a bug on https://bugs.launchpad.net/libertine – Larry Price Oct 06 '16 at 18:18
  • I think there's definitely a discrepancy between exec and the libertine-launch function. But you should be using the libertine-launch function to accomplish this, which I'll post in an answer below. There is still a bug for exec, but we don't advise that you use exec. I've filed a bug on launchpad: https://bugs.launchpad.net/libertine/+bug/1631154 – Larry Price Oct 06 '16 at 21:07

1 Answers1

0

exec is a hidden subcommand not meant for everyday use - you could use libertine-launch to properly launch your application from the terminal:

libertine-launch my-container mc

Where my-container is the id of your container, and mc is the name of your application.

The syntax has been updated as of libertine-tools version 16.10.20161005-0ubuntu1, where 16.10 is your current distro (15.10 on the current non-desktop devices):

libertine-launch --id my-container mc
Larry Price
  • 411
  • 3
  • 13
  • Thanks, Larry! Perhaps, problem is not good and not wide documentation about libertine. But, the situation with mounting of home dir is more interesting than you just described. I've explored, that we have 3 various relationships with it. The worst is when I use libertine-container-manager exec: nothing is mounted. The best is real home dir, of course. But when I use libertine-launch I've got something third! For example, I can't see several txt files in the root of real home dir. – Vladimir Oct 07 '16 at 17:21
  • And what about of mechanism of binding and restriction in respect of libertie-launch and exec? AppArmor? I've tried to browse http://bazaar.launchpad.net/~larryprice/libertine/launch-no-display/files but didn't find launch_application method. – Vladimir Oct 07 '16 at 17:36
  • 1
    The decision to not bind-mount during exec is to reinforce that exec is only intended for use with root-type operations. We explicitly only bind-mount a subset of known directories for containers, including Documents, Music, Pictures, Videos, Downloads. There is an open bug for dynamically adding bind-mounts from the cli/gui as well. Here's a link to the code for launch_application from chroot-based containers: https://bazaar.launchpad.net/~libertine-team/libertine/trunk/view/head:/python/libertine/ChrootContainer.py#L202 – Larry Price Oct 07 '16 at 18:09
  • Larry, why are there 2 different types for exec item in shortcuts (launchers)— at first, I mean stock ones and libertine ones? Exec item for stock apps (Document Viewer, Beru, etc) is often like Exec=aa-exec-click -p..., but for libertine is just direct Exec=geany. How does launcher recognize and perform them? What is role of AppArmor in app launching, when we don't write aa-exec-click -p... (for example in ~/.cache/ubuntu-app-launch/desktop/ or in ~/.local/share/click/hooks/desktop/)? – Vladimir Oct 08 '16 at 06:13
  • I think it's problem for new developers, see question https://askubuntu.com/questions/584202/ubuntu-touch-how-to-create-unity-desktop-launcher-to-make-ut-terminal-to-open/584560, esp. when we need to make new shorcuts for our own apps: how, where, what... – Vladimir Oct 08 '16 at 06:15