X based applications (like Geany, LibreOffice, etc, i.e. with GUI, running via shortcuts in Desktop Apps scope), installed inside libertine, have got access to faked rootfs and to real home dir (/home/phablet). But terminal applications (like mc), installed inside libertine, have got access only to faked rootfs. Why is such difference? What is mechanism for X based applications? How can I grant access for the libertine terminal applications to real home dir?
Asked
Active
Viewed 1,762 times
0
-
I have gnome-terminal and terminator installed in libertine, and they both start out in /home/phablet. After installing mc, I can't actually get it to start. How are you running mc? – Larry Price Oct 05 '16 at 14:03
-
(Hm, Larry, see Kyle's article http://kylenubuntu.blogspot.ru/2016/07/running-x-apps-on-ubuntu-devices.html) **Just run:** `libertine-container-manager exec --command "mc" --id my-container` in terminal!! Of course, I **can solve** my problem with **mount**, for example: `sudo mount --bind /home/phablet /home/phablet/.cache/libertine-container/my-container/rootfs/home/phablet/realhome`. But I want to understand mechanism of libertine's restrictions for terminal and GUI apps. – Vladimir Oct 06 '16 at 16:27
-
By the way, if I run `libertine-container-manager exec --command "sh" --id my-container` in stock terminal (or via ssh) then I have the same: only access to faked rootfs. – Vladimir Oct 06 '16 at 16:39
-
I'm curious if there is an issue with `exec` as opposed to running from the scope. Feel free to file a bug on https://bugs.launchpad.net/libertine – Larry Price Oct 06 '16 at 18:18
-
I think there's definitely a discrepancy between `exec` and the `libertine-launch` function. But you should be using the `libertine-launch` function to accomplish this, which I'll post in an answer below. There is still a bug for `exec`, but we don't advise that you use `exec`. I've filed a bug on launchpad: https://bugs.launchpad.net/libertine/+bug/1631154 – Larry Price Oct 06 '16 at 21:07
1 Answers
0
exec is a hidden subcommand not meant for everyday use - you could use libertine-launch to properly launch your application from the terminal:
libertine-launch my-container mc
Where my-container is the id of your container, and mc is the name of your application.
The syntax has been updated as of libertine-tools version 16.10.20161005-0ubuntu1, where 16.10 is your current distro (15.10 on the current non-desktop devices):
libertine-launch --id my-container mc
Larry Price
- 411
- 3
- 13
-
Thanks, Larry! Perhaps, problem is not good and not wide documentation about libertine. But, the situation with mounting of home dir is more interesting than you just described. I've explored, that we have 3 various relationships with it. The worst is when I use `libertine-container-manager exec`: nothing is mounted. The best is real home dir, of course. But when I use `libertine-launch` I've got something third! For example, I can't see several txt files in the root of real home dir. – Vladimir Oct 07 '16 at 17:21
-
And what about of mechanism of binding and restriction in respect of `libertie-launch` and `exec`? AppArmor? I've tried to browse http://bazaar.launchpad.net/~larryprice/libertine/launch-no-display/files but didn't find `launch_application` method. – Vladimir Oct 07 '16 at 17:36
-
1The decision to not bind-mount during `exec` is to reinforce that `exec` is only intended for use with root-type operations. We explicitly only bind-mount a subset of known directories for containers, including Documents, Music, Pictures, Videos, Downloads. There is an open bug for dynamically adding bind-mounts from the cli/gui as well. Here's a link to the code for `launch_application` from chroot-based containers: https://bazaar.launchpad.net/~libertine-team/libertine/trunk/view/head:/python/libertine/ChrootContainer.py#L202 – Larry Price Oct 07 '16 at 18:09
-
Larry, why are there 2 different types for exec item in shortcuts (launchers)— at first, I mean stock ones and libertine ones? Exec item for stock apps (Document Viewer, Beru, etc) is often like `Exec=aa-exec-click -p...`, but for libertine is just direct `Exec=geany`. How does launcher recognize and perform them? What is role of AppArmor in app launching, when we don't write `aa-exec-click -p...` (for example in `~/.cache/ubuntu-app-launch/desktop/` or in `~/.local/share/click/hooks/desktop/`)? – Vladimir Oct 08 '16 at 06:13
-
I think it's problem for new developers, see question https://askubuntu.com/questions/584202/ubuntu-touch-how-to-create-unity-desktop-launcher-to-make-ut-terminal-to-open/584560, esp. when we need to make new shorcuts for our own apps: how, where, what... – Vladimir Oct 08 '16 at 06:15