Debian9 snapd configure issues

mvo · July 25, 2017, 9:39am

During testing of snapd on a stock debian9 install the following issue was found:

The core configure hoook fails with “cannot stat /var/lib/snapd/seccomp: No such file or directory”).

It runs out that inside the core mount namespace (nsenter -m/run/snapd/ns/core.mnt) there is indeed no such file, the /var/lib/snapd/ directory is completely empty.

The /proc/self/mountinfo from inside the namespace:

165 130 7:3 / / rw,relatime - squashfs /dev/loop3 ro
166 165 0:6 / /dev rw,nosuid,relatime master:2 - devtmpfs udev rw,size=738600k,nr_inodes=184650,mode=755
167 166 0:17 / /dev/pts rw,nosuid,noexec,relatime master:3 - devpts devpts rw,gid=5,mode=620,ptmxmode=000
168 166 0:19 / /dev/shm rw,nosuid,nodev master:4 - tmpfs tmpfs rw
169 166 0:14 / /dev/mqueue rw,relatime master:23 - mqueue mqueue rw
170 166 0:34 / /dev/hugepages rw,relatime master:24 - hugetlbfs hugetlbfs rw
171 165 8:1 /etc /etc rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
172 165 8:1 /home /home rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
173 165 8:1 /root /root rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
174 165 0:4 / /proc rw,nosuid,nodev,noexec,relatime master:12 - proc proc rw
175 174 0:33 / /proc/sys/fs/binfmt_misc rw,relatime master:22 - autofs systemd-1 rw,fd=35,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=8916
176 165 0:16 / /sys rw,nosuid,nodev,noexec,relatime master:7 - sysfs sysfs rw
177 176 0:15 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime master:8 - securityfs securityfs rw
178 176 0:21 / /sys/fs/cgroup ro,nosuid,nodev,noexec master:9 - tmpfs tmpfs ro,mode=755
179 178 0:22 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime master:10 - cgroup cgroup rw,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd
180 178 0:24 / /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime master:13 - cgroup cgroup rw,pids
181 178 0:25 / /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime master:14 - cgroup cgroup rw,freezer
182 178 0:26 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime master:15 - cgroup cgroup rw,memory
183 178 0:27 / /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime master:16 - cgroup cgroup rw,cpu,cpuacct
184 178 0:28 / /sys/fs/cgroup/net_cls,net_prio rw,nosuid,nodev,noexec,relatime master:17 - cgroup cgroup rw,net_cls,net_prio
185 178 0:29 / /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime master:18 - cgroup cgroup rw,blkio
186 178 0:30 / /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime master:19 - cgroup cgroup rw,devices
187 178 0:31 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime master:20 - cgroup cgroup rw,cpuset
188 178 0:32 / /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime master:21 - cgroup cgroup rw,perf_event
189 176 0:23 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime master:11 - pstore pstore rw
190 176 0:7 / /sys/kernel/debug rw,relatime master:25 - debugfs debugfs rw
191 165 8:1 /tmp /tmp rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
192 165 8:1 /var/snap//deleted /var/snap rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
193 135 8:1 /var/lib/snapd//deleted /var/lib/snapd rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
194 165 8:1 /var/tmp /var/tmp rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
195 165 0:18 / /run rw,nosuid,noexec,relatime master:5 - tmpfs tmpfs rw,size=149956k,mode=755
196 195 0:20 / /run/lock rw,nosuid,nodev,noexec,relatime master:6 - tmpfs tmpfs rw,size=5120k
197 195 0:18 /snapd/ns /run/snapd/ns rw,nosuid,noexec,relatime - tmpfs tmpfs rw,size=149956k,mode=755
198 165 8:1 /lib/modules /lib/modules rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
199 165 8:1 /usr/src /usr/src rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
200 165 8:1 /var/log /var/log rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
201 165 8:1 /media /media rw,relatime shared:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
202 195 0:18 /netns /run/netns rw,nosuid,noexec,relatime shared:5 - tmpfs tmpfs rw,size=149956k,mode=755
203 171 7:3 /etc/alternatives /etc/alternatives rw,relatime - squashfs /dev/loop3 ro
204 165 8:1 /snap//deleted /snap rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
132 191 8:1 /tmp/snap.0_snap.core.hook.configure_XhtHU0/tmp /tmp rw,relatime - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
133 167 0:37 / /dev/pts rw,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=666
134 166 0:37 /ptmx /dev/ptmx rw,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=666
135 165 0:38 / /var/lib rw,nosuid,nodev,relatime - tmpfs none rw
136 135 7:3 /var/lib/apparmor /var/lib/apparmor rw,relatime - squashfs /dev/loop3 ro
140 135 7:3 /var/lib/classic /var/lib/classic rw,relatime - squashfs /dev/loop3 ro
141 135 7:3 /var/lib/cloud /var/lib/cloud rw,relatime - squashfs /dev/loop3 ro
142 135 7:3 /var/lib/console-conf /var/lib/console-conf rw,relatime - squashfs /dev/loop3 ro
143 135 7:3 /var/lib/dbus /var/lib/dbus rw,relatime - squashfs /dev/loop3 ro
144 135 7:3 /var/lib/dhcp /var/lib/dhcp rw,relatime - squashfs /dev/loop3 ro
145 135 7:3 /var/lib/extrausers /var/lib/extrausers rw,relatime - squashfs /dev/loop3 ro
146 135 7:3 /var/lib/initramfs-tools /var/lib/initramfs-tools rw,relatime - squashfs /dev/loop3 ro
147 135 7:3 /var/lib/initscripts /var/lib/initscripts rw,relatime - squashfs /dev/loop3 ro
148 135 7:3 /var/lib/insserv /var/lib/insserv rw,relatime - squashfs /dev/loop3 ro
149 135 7:3 /var/lib/logrotate /var/lib/logrotate rw,relatime - squashfs /dev/loop3 ro
150 135 7:3 /var/lib/machines /var/lib/machines rw,relatime - squashfs /dev/loop3 ro
151 135 7:3 /var/lib/misc /var/lib/misc rw,relatime - squashfs /dev/loop3 ro
152 135 7:3 /var/lib/pam /var/lib/pam rw,relatime - squashfs /dev/loop3 ro
153 135 7:3 /var/lib/python /var/lib/python rw,relatime - squashfs /dev/loop3 ro
154 135 7:3 /var/lib/resolvconf /var/lib/resolvconf rw,relatime - squashfs /dev/loop3 ro
156 135 7:3 /var/lib/sudo /var/lib/sudo rw,relatime - squashfs /dev/loop3 ro
161 135 7:3 /var/lib/systemd /var/lib/systemd rw,relatime - squashfs /dev/loop3 ro
162 135 7:3 /var/lib/ubuntu-fan /var/lib/ubuntu-fan rw,relatime - squashfs /dev/loop3 ro
163 135 7:3 /var/lib/ucf /var/lib/ucf rw,relatime - squashfs /dev/loop3 ro
164 135 7:3 /var/lib/update-rc.d /var/lib/update-rc.d rw,relatime - squashfs /dev/loop3 ro
210 135 7:3 /var/lib/urandom /var/lib/urandom rw,relatime - squashfs /dev/loop3 ro
211 135 7:3 /var/lib/vim /var/lib/vim rw,relatime - squashfs /dev/loop3 ro
212 135 7:3 /var/lib/waagent /var/lib/waagent rw,relatime - squashfs /dev/loop3 ro
248 176 0:39 / /sys/fs/fuse/connections rw,relatime master:83 - fusectl fusectl rw

The same from outside the namespace:

16 21 0:16 / /sys rw,nosuid,nodev,noexec,relatime shared:7 - sysfs sysfs rw
17 21 0:4 / /proc rw,nosuid,nodev,noexec,relatime shared:12 - proc proc rw
18 21 0:6 / /dev rw,nosuid,relatime shared:2 - devtmpfs udev rw,size=738600k,nr_inodes=184650,mode=755
19 18 0:17 / /dev/pts rw,nosuid,noexec,relatime shared:3 - devpts devpts rw,gid=5,mode=620,ptmxmode=000
20 21 0:18 / /run rw,nosuid,noexec,relatime shared:5 - tmpfs tmpfs rw,size=149956k,mode=755
21 0 8:1 / / rw,relatime shared:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered
22 16 0:15 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime shared:8 - securityfs securityfs rw
23 18 0:19 / /dev/shm rw,nosuid,nodev shared:4 - tmpfs tmpfs rw
24 20 0:20 / /run/lock rw,nosuid,nodev,noexec,relatime shared:6 - tmpfs tmpfs rw,size=5120k
25 16 0:21 / /sys/fs/cgroup ro,nosuid,nodev,noexec shared:9 - tmpfs tmpfs ro,mode=755
26 25 0:22 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:10 - cgroup cgroup rw,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd
27 16 0:23 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime shared:11 - pstore pstore rw
28 25 0:24 / /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime shared:13 - cgroup cgroup rw,pids
29 25 0:25 / /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime shared:14 - cgroup cgroup rw,freezer
30 25 0:26 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:15 - cgroup cgroup rw,memory
31 25 0:27 / /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime shared:16 - cgroup cgroup rw,cpu,cpuacct
32 25 0:28 / /sys/fs/cgroup/net_cls,net_prio rw,nosuid,nodev,noexec,relatime shared:17 - cgroup cgroup rw,net_cls,net_prio
33 25 0:29 / /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime shared:18 - cgroup cgroup rw,blkio
34 25 0:30 / /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime shared:19 - cgroup cgroup rw,devices
35 25 0:31 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:20 - cgroup cgroup rw,cpuset
36 25 0:32 / /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime shared:21 - cgroup cgroup rw,perf_event
37 17 0:33 / /proc/sys/fs/binfmt_misc rw,relatime shared:22 - autofs systemd-1 rw,fd=35,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=8916
38 18 0:14 / /dev/mqueue rw,relatime shared:23 - mqueue mqueue rw
39 18 0:34 / /dev/hugepages rw,relatime shared:24 - hugetlbfs hugetlbfs rw
40 16 0:7 / /sys/kernel/debug rw,relatime shared:25 - debugfs debugfs rw
127 20 0:18 /snapd/ns /run/snapd/ns rw,nosuid,noexec,relatime shared:81 - tmpfs tmpfs rw,size=149956k,mode=755
155 127 0:3 mnt:[4026532096] /run/snapd/ns/core.mnt rw shared:82 - nsfs nsfs rw
244 16 0:39 / /sys/fs/fuse/connections rw,relatime shared:83 - fusectl fusectl rw
98 127 0:18 /snapd/ns /run/snapd/ns rw,nosuid,noexec,relatime - tmpfs tmpfs rw,size=149956k,mode=755
115 98 0:3 mnt:[4026532096] /run/snapd/ns/core.mnt rw shared:82 - nsfs nsfs rw
95 21 7:0 / /snap/core/2488 rw,relatime shared:57 - squashfs /dev/loop0 ro

Note the 192 165 8:1 /var/snap//deleted /var/snap rw,relatime master:1 - ext4 /dev/sda1 rw,errors=remount-ro,data=ordered line.

This is kernel 4.9.0-1-amd64.

mvo · July 25, 2017, 9:43am

Update: a reboot (that booted into 4.9.0-3-amd64) has fixed the issue for me, now I can install the core snap and the configure hook does no longer hangs. However the kernel seems to be unrelated. It looks like the issue is actually that I did a “dpkg --purge snapd” at some point.

zyga-snapd · July 25, 2017, 9:52am

Yes. This makes perfect sense now. After you ran the configure hook the /run/snapd/ns/core.mnt file is kept around until you reboot. This file has bind mounts to things you deleted on the outside when you purged snapd.

Question: why did you purge snapd initially? Was it just for testing or did you have a problem?

mvo · July 25, 2017, 9:53am

For testing only, I wanted to double check that installing core work from the stock 2.21. I will try to get into that state again.