umu fails to create new namespace when run in Docker

[gknutson1]

While attempting to run umu inside of a docker container, I encountered the following error:

$ GAMEID=0 WINEPREFIX=prefix umu-run 7z.exe
UMU-Proton is up to date
steamrt is up to date
pressure-vessel-wrap[252]: E: Child process exited with code 1: bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.

Both the docker container and the host machine have kernel.unprivileged_userns_clone enabled:

# (on the host machine)
> sysctl kernel.unprivileged_userns_clone
kernel.unprivileged_userns_clone = 1

> docker exec ad6835a5fdd8 sysctl kernel.unprivileged_userns_clone
kernel.unprivileged_userns_clone = 1

Logs

When running with logging enabled (STEAM_LINUX_RUNTIME_VERBOSE=1 STEAM_LINUX_RUNTIME_LOG=1 GAMEID=0 WINEPREFIX=prefix umu-run 7z.exe), I get the following log file:

15:34:44.249106: umu[93]: argv (unescaped): /home/main/.local/share/Steam/compatibilitytools.d/UMU-Proton-9.0-2/proton waitforexitandrun /home/main/7z.exe
15:34:44.257364: pressure-vessel-wrap[93]: I: pressure-vessel version 0.20240610.0
15:34:44.257426: pressure-vessel-wrap[93]: D: Enabled profiling
15:34:44.257433: pressure-vessel-wrap[93]: D: Hypervisor Present bit not set in CPUID 0x1
15:34:44.257510: pressure-vessel-wrap[93]: D: Original argv:
15:34:44.257518: pressure-vessel-wrap[93]: D:   0: '/home/main/.local/share/umu/pressure-vessel/bin/pressure-vessel-wrap'
15:34:44.257522: pressure-vessel-wrap[93]: D:   1: '--env-if-host=PRESSURE_VESSEL_APP_LD_LIBRARY_PATH='
15:34:44.257526: pressure-vessel-wrap[93]: D:   2: '--env-if-host=STEAM_RUNTIME_LIBRARY_PATH=/usr/lib:/home/main:/usr/lib32'
15:34:44.257530: pressure-vessel-wrap[93]: D:   3: '--env-if-host=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
15:34:44.257533: pressure-vessel-wrap[93]: D:   4: '--'
15:34:44.257537: pressure-vessel-wrap[93]: D:   5: '/home/main/.local/share/umu/pressure-vessel/bin/steam-runtime-launcher-interface-0'
15:34:44.257540: pressure-vessel-wrap[93]: D:   6: 'container-runtime'
15:34:44.257544: pressure-vessel-wrap[93]: D:   7: '/home/main/.local/share/Steam/compatibilitytools.d/UMU-Proton-9.0-2/proton'
15:34:44.257547: pressure-vessel-wrap[93]: D:   8: 'waitforexitandrun'
15:34:44.257551: pressure-vessel-wrap[93]: D:   9: '/home/main/7z.exe'
15:34:44.257554: pressure-vessel-wrap[93]: D: Current working directory:
15:34:44.257557: pressure-vessel-wrap[93]: D:   Physical: /home/main
15:34:44.257560: pressure-vessel-wrap[93]: D:   Logical: /home/main
15:34:44.257563: pressure-vessel-wrap[93]: D: Environment variables:
15:34:44.257575: pressure-vessel-wrap[93]: D:   'DISPLAY=:0'
15:34:44.257578: pressure-vessel-wrap[93]: D:   'EXE=/home/main/7z.exe'
15:34:44.257582: pressure-vessel-wrap[93]: D:   'FONTCONFIG_PATH='
15:34:44.257585: pressure-vessel-wrap[93]: D:   'GAMEID=0'
15:34:44.257588: pressure-vessel-wrap[93]: D:   'HOME=/home/main'
15:34:44.257592: pressure-vessel-wrap[93]: D:   'HOSTNAME=ad6835a5fdd8'
15:34:44.257595: pressure-vessel-wrap[93]: D:   'LANG=C.UTF-8'
15:34:44.257598: pressure-vessel-wrap[93]: D:   'LD_LIBRARY_PATH='
15:34:44.257602: pressure-vessel-wrap[93]: D:   'OLDPWD=/home/main/.local/share/umu/var'
15:34:44.257605: pressure-vessel-wrap[93]: D:   'PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games'
15:34:44.257609: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_COPY_RUNTIME=1'
15:34:44.257612: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_LOG_INFO=1'
15:34:44.257615: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_LOG_WITH_TIMESTAMP=1'
15:34:44.257619: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_RUNTIME=sniper_platform_0.20240618.92328'
15:34:44.257622: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_RUNTIME_BASE=/home/main/.local/share/umu'
15:34:44.257626: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_VARIABLE_DIR=/home/main/.local/share/umu/var'
15:34:44.257629: pressure-vessel-wrap[93]: D:   'PRESSURE_VESSEL_VERBOSE=1'
15:34:44.257632: pressure-vessel-wrap[93]: D:   'PROTONPATH=/home/main/.local/share/Steam/compatibilitytools.d/UMU-Proton-9.0-2'
15:34:44.257636: pressure-vessel-wrap[93]: D:   'PROTON_CRASH_REPORT_DIR=/tmp/umu_crashreports'
15:34:44.257639: pressure-vessel-wrap[93]: D:   'PROTON_VERB=waitforexitandrun'
15:34:44.257642: pressure-vessel-wrap[93]: D:   'PWD=/home/main'
15:34:44.257646: pressure-vessel-wrap[93]: D:   'SHLVL=1'
15:34:44.257649: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_APP_ID=0'
15:34:44.257652: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_CLIENT_INSTALL_PATH='
15:34:44.257656: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_DATA_PATH=/home/main/prefix'
15:34:44.257659: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_INSTALL_PATH=/home/main'
15:34:44.257663: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_LIBRARY_PATHS='
15:34:44.257666: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_MOUNTS=/home/main/.local/share/Steam/compatibilitytools.d/UMU-Proton-9.0-2:/home/main/.local/share/umu'
15:34:44.257674: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_SHADER_PATH=/home/main/prefix/shadercache'
15:34:44.257678: pressure-vessel-wrap[93]: D:   'STEAM_COMPAT_TOOL_PATHS=/home/main/.local/share/Steam/compatibilitytools.d/UMU-Proton-9.0-2:/home/main/.local/share/umu'
15:34:44.257681: pressure-vessel-wrap[93]: D:   'STEAM_LINUX_RUNTIME_LOG=1'
15:34:44.257685: pressure-vessel-wrap[93]: D:   'STEAM_LINUX_RUNTIME_VERBOSE=1'
15:34:44.257688: pressure-vessel-wrap[93]: D:   'STEAM_RUNTIME_LIBRARY_PATH=/usr/lib:/home/main:/usr/lib32'
15:34:44.257691: pressure-vessel-wrap[93]: D:   'STORE='
15:34:44.257695: pressure-vessel-wrap[93]: D:   'SteamAppId=0'
15:34:44.257698: pressure-vessel-wrap[93]: D:   'SteamGameId=0'
15:34:44.257701: pressure-vessel-wrap[93]: D:   'TERM=xterm'
15:34:44.257704: pressure-vessel-wrap[93]: D:   'ULWGL_ID=0'
15:34:44.257708: pressure-vessel-wrap[93]: D:   'UMU_ID=0'
15:34:44.257711: pressure-vessel-wrap[93]: D:   'UMU_NO_RUNTIME='
15:34:44.257714: pressure-vessel-wrap[93]: D:   'UMU_ZENITY='
15:34:44.257718: pressure-vessel-wrap[93]: D:   'WAYLAND_DISPLAY=wayland-0'
15:34:44.257721: pressure-vessel-wrap[93]: D:   'WINEPREFIX=/home/main/prefix'
15:34:44.257724: pressure-vessel-wrap[93]: D:   'XDG_RUNTIME_DIR=/tmp'
15:34:44.257728: pressure-vessel-wrap[93]: D: Wrapped command:
15:34:44.257733: pressure-vessel-wrap[93]: D:   1: '/home/main/.local/share/umu/pressure-vessel/bin/steam-runtime-launcher-interface-0'
15:34:44.257736: pressure-vessel-wrap[93]: D:   2: 'container-runtime'
15:34:44.257740: pressure-vessel-wrap[93]: D:   3: '/home/main/.local/share/Steam/compatibilitytools.d/UMU-Proton-9.0-2/proton'
15:34:44.257743: pressure-vessel-wrap[93]: D:   4: 'waitforexitandrun'
15:34:44.257746: pressure-vessel-wrap[93]: D:   5: '/home/main/7z.exe'
15:34:44.257756: pressure-vessel-wrap[93]: D: Found executable directory: /home/main/.local/share/umu/pressure-vessel/bin
15:34:44.257774: pressure-vessel-wrap[93]: D: Found _srt_find_myself() in main executable /home/main/.local/share/umu/pressure-vessel/bin/pressure-vessel-wrap
15:34:44.257779: pressure-vessel-wrap[93]: D: Checking for bwrap...
15:34:44.258526: pressure-vessel-wrap[93]: D: stderr: bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.

15:34:44.258534: pressure-vessel-wrap[93]: D: Wait status 256
15:34:44.259403: pressure-vessel-wrap[93]: D: stderr: bwrap: capset failed: Operation not permitted

15:34:44.259412: pressure-vessel-wrap[93]: D: Wait status 256
15:34:44.260153: pressure-vessel-wrap[93]: D: stderr: bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.

15:34:44.260160: pressure-vessel-wrap[93]: D: Wait status 256
15:34:44.260170: pressure-vessel-wrap[93]: E: Child process exited with code 1: bwrap: No permissions to creating new namespace, likely because the kernel does not allow non-privileged user namespaces. On e.g. debian this can be enabled with 'sysctl kernel.unprivileged_userns_clone=1'.

15:34:44.260174: pressure-vessel-wrap[93]: D: Exiting with status 1

System information

umu version: 0.1.RC4.r232.295c7b8-1 (installed from arch AUR)
Docker version: 27.0.3, build 7d4bcd863a
Docker container: archlinux:multilib-devel-20240714.0.246936
Host: Arch Linux 6.9.10-arch1-1

[R1kaB3rN]

By extension, the container framework shares the same username space requirements as Flatpak because it shares the same code. Do you mind confirming again that you met all of Flatpak's username space requirements?

Also, according the SLR maintainer, nested containerization isn't supported as those setups aren't reliable. If you want to support this use case or want more technical details as for why, please make an issue of this upstream.

[gknutson1]

Do you mind confirming again that you met all of Flatpak's username space requirements?

from that page:

The bwrap or flatpak-bwrap executable must not be setuid root: its permissions should usually be -rwxr-xr-x (0755).

$ stat -c '%A' /usr/bin/bwrap
-rwxr-xr-x

Interestingly, bubblewrap wasn't installed at all when I first tried to check this. I installed it and then tried to re-run umu, but got the same error. Is umu using some kind of internal bwrap binary? I did a quick find \ -name bwrap and the version I just installed was the only file that appeared...

The kernel must have at least CONFIG_USER_NS=y enabled. Other namespace features like CONFIG_PID_NS=y are recommended.

$ gunzip -dc /proc/config.gz | grep -e 'CONFIG_USER_NS' -e 'CONFIG_PID_NS' 
CONFIG_USER_NS=y
CONFIG_USER_NS_UNPRIVILEGED=y
CONFIG_PID_NS=y

sysctl parameters that limit namespace creation, such as user.max_user_namespaces and user.max_mnt_namespaces (/proc/sys/user/max_user_namespaces and so on) must be set to a sufficiently large value.

$ cat /proc/sys/user/max_user_namespaces
124625

$ cat /proc/sys/user/max_mnt_namespaces
124625

If the kernel has been patched to add a kernel.unprivileged_userns_clone sysctl (/proc/sys/kernel/unprivileged_userns_clone), then that option must be set to 1.

$ sysctl kernel.unprivileged_userns_clone
kernel.unprivileged_userns_clone = 1

[GloriousEggroll]

Just throwing this out there -- using umu launcher inside docker isn't something within our project's scope. As a bare minimum we wanted it to work with snap and flatpak for obvious reasons (appeal to snap and flatpak users across various distributions). I don't see any benefit to running this within a docker container when the application itself is already containerized. If users would like to contribute patches to allow it to work within docker they are more than welcome, but it's not something were are going to shift focus towards.

[layercak3]

I don't use Docker, but from a cursory look its default seccomp policy probably blocks clone() with CLONE_NEWUSER: https://docs.docker.com/engine/security/seccomp/

Despite what the maintainer says nested user namespaces is generally ok if you know what you're doing. It's not usable in flatpak primarily because of their portal frontend currently requiring peeking into /.flatpak-info which cannot work securely with it. There are things you may want to do which would be much nicer configured with a proper outer tool like bwrap than by modifying pressure-vessel code which is narrowly-scoped for running proton with the steam runtime.

[gknutson1]

I don't use Docker, but from a cursory look its default seccomp policy probably blocks clone() with CLONE_NEWUSER: https://docs.docker.com/engine/security/seccomp/

Thank you, that helped a ton!

I added clone to the seccomp policy and re-ran umu, which gave me the following (new!) error:

pressure-vessel-wrap[169]: E: Child process exited with code 1: bwrap: Failed to make / slave: Operation not permitted

I then spent a while messing around with strace and eventually determined that umu requires you to enable the following syscalls in seccomp:

clone
pivot_root
mount
umount2
userfaultfd

After which it fired up just fine!