[Vm-dev] Sorry, Sorry! [WAS: Trouble running OSVM in an Ubuntu 20/aarch64 docker]
Bruce O'Neel
bruce.oneel at pckswarms.ch
Sat Jan 2 09:58:44 UTC 2021
Hi,
The chmod should be
chmod 1777 /dev/shm
ls -alh /dev/shm
total 4.0K
drwxrwxrwt 2 root root 60 Dez 21 12:06 .
drwxr-xr-x 17 root root 5.6K Dez 21 12:06 ..
-rw----rw- 1 root root 4.0K Dez 21 12:06 PHS-5723
That 1 before the 777 sets the sticky bit.
**RESTRICTED****DELETION****FLAG****OR****STICKY****BIT**
The restricted deletion flag or sticky bit is a single bit, whose
interpretation depends on the file type. For directories, it prevents
unprivileged users from removing or renaming a file in the directory
unless they own the file or the directory; this is called the
restricted deletion flag for the directory, and is commonly found on
world-writable directories like **/tmp**. For regular files on some older
systems, the bit saves the program's text image on the swap device so
it will load more quickly when run; this is called the stickybit.
The sticky bit plus 777 lets /tmp and /dev/shm work correctly by letting everyone create and delete files, but unless they are root only they can delete only their own files.
It won't fail on a single user system if you just use 777, but, it is a security leak on a multi user system since it lets me manipulate your shared memory segments etc.
cheers
bruce
> Hi Ken,
>
> thanks for this!! I’ll try and add an error message to the failure to point users to the fix. This is another one like not being able to set the heartbeat thread priority that the vm needs to report as helpfully as possible.
>
> _,,,^..^,,,_ (phone)
>
> > On Dec 31, 2020, at 6:15 AM, Ken.Dickey at whidbey.com wrote:
> >
> > Apologies to all, I though I had trimmed the header on this..
> > -KenD
> > =============
> > Message: 6
> > Date: Thu, 31 Dec 2020 04:18:58 -0800
> > From: Christoph Thiede
> > To: OpenSmalltalk/opensmalltalk-vm
> >
> > Cc: Comment , OpenSmalltalk-Bot
> >
> > Subject: Re: [Vm-dev] [OpenSmalltalk/opensmalltalk-vm] Trouble running
> > OSVM in an Ubuntu 20/aarch64 docker (raspi) (#544)
> > Message-ID:
> >
> > Content-Type: text/plain; charset="utf-8"
> >
> > I have tried that and built the VM again, but I keep getting the same
> > mprotect error message :( Any other ideas?
> >
> > From: oscogvm/build.linux64ARMv8/HowToBuild:
> >
> > vvv======vvv
> >
> > If running the resultant squeak vm gives an error something like
> > mprotect(x,y,PROT_READ|PROT_EXEC)
> > or
> > memory_alias_map: shm_open: Permission denied
> > you need to enable shared memory for the COG JIT.
> >
> > As root:
> > chmod 777 /dev/shm
> > echo 'none /dev/shm tmpfs rw,nosuid,nodev 0 0' >> /etc/fstab
> > mount /dev/shm
> >
> > The squeak vm should now work.
> > ^^^======^^^
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/vm-dev/attachments/20210102/00b675fd/attachment-0001.html>
More information about the Vm-dev
mailing list