fcrozat / gdm-container Goto Github PK

View Code? Open in Web Editor NEW

12.0 12.0 4.0 99 KB

Shell 76.34% Dockerfile 23.66%

gdm-container's People

Contributors

Stargazers

Watchers

Forkers

dfaggioli yifanjiang federicomenaquintero ttldev

gdm-container's Issues

Allow migration from gdm to gdm-container in one go

As a user of MicroOS with GNOME desktop I need to remove gdm (and patterns-microos-desktop-gnome). gdm-container will refuse to work before the new snapshot is active meaning I need to reboot without a GUI. I assume it could work in one go except for the package checks currently in place.

Maybe the state of the pending snapshot can be used for reference?
Prompt to prepare the snapshot with the right dependencies, which then is known to work after a reboot.
If all else fails, an argument or variable to set, to skip the dependency check.

Reboot ALP host and 'podman run' gdm container erases root user's application

Steps to reproduce:
By following https://confluence.suse.com/display/~cachen/Experience+of+ALP+with+GDM+container
1, successful installed alp host and gdm container
2, root user, successful load gdm and gdm container by running "podman container runlabel --name gdm run registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/gdm:latest"
3, login as root
4, successful install Firefox from flathub by running "flatpak --user "
5, reboot alp host, root user load gdm container by repeat step 2
6, Firefox is erased

Discussed with Yifan, the issue caused by podman run will create a new gdm container which is expected, and podman start the old one could keep firefox alive. However the root user will have the same problem when we have image upgraded, how to store root user's application is a topic for discussing

Fail to uninstall the deployed files

Steps:

Follow the steps in https://github.com/fcrozat/gdm-container#readme to deploy the container
Use podman container runlabel --name gdm run registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/gdm:latest to run gdm
Try to uninstall the deployed files

Actual Result:
Fail to uninstall the deployed files due to error:
Failed to open '/etc/tmpfiles.d/gdm.conf': No such file or directory

Problematic launch using runlabel run_systemd.

I could not have an immediate running gdm greeter interface when running

podman container runlabel install registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/gdm:latest
podman container runlabel run_systemd registry.opensuse.org/suse/alp/workloads/tumbleweed_containerfiles/suse/alp/workloads/gdm:latest

The screen just turns black with a blinking cursor on the top right.

Looking into the journal, though the gdm is configured to run under wayland, it still tries to run X based GNOME, with a failing of switching TTY:

Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (EE) xf86OpenConsole: Switching VT failed    
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (EE)                                         
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (EE)                                         
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: Please consult the The X.Org Foundation suppo
rt                                                                                                          
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]:          at http://wiki.x.org                
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]:  for help.                                   
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (EE) Please also check the log file at "/var/
lib/gdm/.local/share/xorg/Xorg.0.log" for additional information.                                           
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (EE)                                         
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: VGA Arbitration: Cannot restore default devic
e.                                                                                                          
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (WW) xf86CloseConsole: KDSETMODE failed: Oper
ation not permitted                                                                                         
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (WW) xf86CloseConsole: VT_SETMODE failed: Ope
ration not permitted                                                                                        
Sep 02 11:34:54 localhost /usr/libexec/gdm/gdm-x-session[212]: (EE) Server terminated with error (1). Closin
g log file.

Doing nothing afterwards, but barely restarting the display-manager:

podman container exec gdm /usr/bin/systemctl restart display-manager

It will bring up the gdm-wayland-session, and the gdm greeter session comes back normally.

So there seems two problems here:

The gdm tries to start on X instead of Wayland in the first place
When gdm tries to start X, the switching VT is failed (probably related with logind/tty)

systemd system extension doesn't start

I installed the MicroOS 2023/03/30 snapshot, and then built a gdm-container image inside the MicroOS VM from the Dockerrfile.

The systemd system extension appears to install fine, and the nscd error seems (?) inocuous:

localhost:~/gdm-container # podman container runlabel install-sysext gdm-container
fetching container
time="2023-04-04T23:13:45Z" level=info msg="Not using native diff for overlay, this may cause degraded performance for building images: kernel has CONFIG_OVERLAY_FS_REDIRECT_DIR enabled"
Getting image source signatures
Copying blob sha256:d020fb4197da04a93529d8652993900e411098e317f72c0ea5b7eeae0a745fdb
Copying blob sha256:fe5f1f8d365ca5d59f550b22eeccfa6fb177f93237467ca465372c5a959f3621
Copying blob sha256:606994990e34475bb0dd776df5112a6d23f18647ad5f71762bb9c31cd66bea62
Copying blob sha256:a75ef0f7c5dcd05d337ea2eb242c41a25efa4ce959ea457e0db145a35392e481
Copying blob sha256:fddbffa17f8e491873519231db4be448386b0687456f7ef56f1e4b75c0153a0a
Copying blob sha256:4416423a623eb32c6e90e7c229bc93453948605940af71837a2d6b1c123959ba
Copying blob sha256:33e56c2c448ccaf56c0aab23c9e3edf1b48f8951cce0dfb6378eeb5dc6b08084
Copying blob sha256:678c749a7615e9ea9c47c0d315e0a3eaf5e5a4825054f04aee3513e3101da482
Copying blob sha256:10a5ac69f1558a0d9a37d032dc194d6d2c17ee0ff81c76fb63d7dc32ca626e1a
Copying blob sha256:588eec82f5a90bf6f782dd605b8b03764a251510b71063bedba38fff9bed2ec0
Copying config sha256:bd76bb6aa020e7833755ae73814e639ad698c3b672adb0733940d06c6f1b7480
Writing manifest to image destination
Storing signatures
converting container layer to system extension
patching file nsswitch.conf
/
'/host/var/lib/extensions/gdm/usr/lib/tmpfiles.d/gdm.conf' -> '/host/etc/tmpfiles.d/gdm.conf'
'/host/var/lib/extensions/gdm/etc/gdm/Init' -> '/host/etc/gdm/Init'
'/host/var/lib/extensions/gdm/etc/gdm/Init/Default' -> '/host/etc/gdm/Init/Default'
'/host/var/lib/extensions/gdm/etc/gdm/PostLogin' -> '/host/etc/gdm/PostLogin'
'/host/var/lib/extensions/gdm/etc/gdm/PostLogin/Default' -> '/host/etc/gdm/PostLogin/Default'
'/host/var/lib/extensions/gdm/etc/gdm/PostSession' -> '/host/etc/gdm/PostSession'
'/host/var/lib/extensions/gdm/etc/gdm/PostSession/Default' -> '/host/etc/gdm/PostSession/Default'
'/host/var/lib/extensions/gdm/etc/gdm/PreSession' -> '/host/etc/gdm/PreSession'
'/host/var/lib/extensions/gdm/etc/gdm/PreSession/Default' -> '/host/etc/gdm/PreSession/Default'
'/host/var/lib/extensions/gdm/etc/gdm/Xsession' -> '/host/etc/gdm/Xsession'
'/host/var/lib/extensions/gdm/etc/gdm/custom.conf' -> '/host/etc/gdm/custom.conf'
'/host/var/lib/extensions/gdm/etc/sysconfig/displaymanager' -> '/host/etc/sysconfig/displaymanager'
Failed to reload-or-try-restart nscd.service: Unit nscd.service not found.
Created symlink /etc/systemd/system/sysinit.target.wants/systemd-sysext.service → /usr/lib/systemd/system/systemd-sysext.service.
gdm system extension installed, to start gdm, run the following command on host:
systemctl start display-manager

But then, systemctl start display-manager doesn't seem to do anything. This is the start of the journal; I've omitted what follows since it is just gdm-x-session starting as a fallback and also failing.

localhost:~/gdm-container # journalctl -xeu display-manager
Apr 04 23:40:58 localhost.localdomain systemd[1]: Starting X Display Manager...
░░ Subject: A start job for unit display-manager.service has begun execution
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░ 
░░ A start job for unit display-manager.service has begun execution.
░░ 
░░ The job identifier is 1802.
Apr 04 23:40:58 localhost.localdomain display-manager[14497]: /etc/vconsole.conf available
Apr 04 23:40:58 localhost.localdomain display-manager[14497]: KEYMAP: us
Apr 04 23:40:58 localhost.localdomain display-manager[14497]: Command: localectl set-keymap us
Apr 04 23:40:58 localhost.localdomain display-manager[14497]: I: Using systemd /usr/share/systemd/kbd-model-map mapping
Apr 04 23:40:59 localhost.localdomain gdm-launch-environment][14517]: pam_systemd(gdm-launch-environment:session): Failed to create session: No such process
Apr 04 23:40:59 localhost.localdomain gdm-launch-environment][14517]: pam_unix(gdm-launch-environment:session): session opened for user gdm(uid=497) by (uid=0)
Apr 04 23:40:59 localhost.localdomain /usr/libexec/gdm/gdm-wayland-session[14529]: dbus[14529]: Could not get password database information for UID of current process: User "???" unknown o>
Apr 04 23:40:59 localhost.localdomain /usr/libexec/gdm/gdm-wayland-session[14529]: dbus[14529]: Failed to start message bus: Memory allocation failure in message bus
Apr 04 23:40:59 localhost.localdomain gdm-launch-environment][14517]: pam_unix(gdm-launch-environment:session): session closed for user gdm
Apr 04 23:40:59 localhost.localdomain gdm-launch-environment][14517]: GLib-GObject: g_object_unref: assertion 'G_IS_OBJECT (object)' failed
Apr 04 23:40:59 localhost.localdomain gdm[14511]: Gdm: GdmDisplay: Session never registered, failing
Apr 04 23:40:59 localhost.localdomain gdm[14511]: Gdm: Child process -14526 was already dead.
Apr 04 23:40:59 localhost.localdomain gdm[14511]: Gdm: GdmDisplay: Session never registered, failing
Apr 04 23:40:59 localhost.localdomain gdm[14511]: Gdm: Child process -14526 was already dead.
Apr 04 23:40:59 localhost.localdomain gdm-launch-environment][14531]: pam_systemd(gdm-launch-environment:session): Failed to create session: No such process
Apr 04 23:40:59 localhost.localdomain gdm-launch-environment][14531]: pam_unix(gdm-launch-environment:session): session opened for user gdm(uid=497) by (uid=0)

What do the PAM errors from gdm-launch-environment mean? And the one from gdm-wayland-session about user "???" - how can I test if userdb is working?

Actually... what sets up /usr/lib/userdb/gdm.{group,user}? The import-from-oci.sh script has a comment about "kill userdb from container", but I don't know where those files actually come from.

The GNOME icon is missing in gnome-control-center

Follow the steps in https://github.com/fcrozat/gdm-container/blob/main/README.md to

Deploy the container
Run gdm
Login the system via gdm
Launch the gnome-control-center
Navigate to the "About" and check the GNOME icon

Actual Result:
The GNOME icon is missing.

Fail to run gdm

Steps:

Deploy the container (follow the steps in README)
Try to run gdm with systemctl start gdm OR podman container runlabel run registry.opensuse.org/home/fcrozat/branches/opensuse/templates/images/tumbleweed/containers/gdm-container

Actual Result:
Fail to start gdm. And we can find the below erros:
Jul 14 10:06:04 192.168.122.42 gdm[8442]: Gdm: Can’t find the GDM user “gdm”. Aborting!
Jul 14 10:06:04 192.168.122.42 gdm[8442]: Gdm: The GDM user should not be root. Aborting!
Jul 14 10:06:04 192.168.122.42 gdm[8442]: Gdm: Can’t find the GDM group “gdm”. Aborting!
Jul 14 10:06:04 192.168.122.42 gdm[8442]: Gdm: The GDM group should not be root. Aborting!
Jul 14 10:06:04 192.168.122.42 gdm[8442]: Gdm: GdmManager: couldn't look up username gdm
Jul 14 10:06:04 192.168.122.42 gdm[8442]: Gdm: GdmDisplay: Session never registered, failing

Needs gdm user

I'm trying to run the instructions based on a Tumbleweed install with a "Server" profile, e.g. no graphical stuff installed. This means that the gdm user does not exist; the following appears in the journal when trying to start gdm:

Gdm: can't find the GDM user "gdm". Aborting!
Gdm: the GDM user should not be root. Aborting!

So... should the podman container runlabel script take care of creating that user?

can not launch gnome-terminal inside container

This is the error message I get when I try to launch gnome-terminal from xterm:

# AT-SPI: Error retrieving accessibility bus address: org.freedesktop.DBus.Error.ServiceUnknown: The name org.a11y.Bus was not provided by any .service files
# Error creating terminal: The name org.gnome.Terminal was not provided by any .service files

Seems this error is dbus related.

Investigate the dependency of userdbd to make nss-systemd worked.

Currently we have use systemd-userdbd to make sure the nss-systemd resolves the correct user and group information shipped in /etc/userdb, however this requirement is stated not a strong requirement from systemd upstream:

https://github.com/systemd/systemd/blob/main/man/nss-systemd.xml#L46

It will be worthy of spending time on investigating if the hard dependency of sytemd-userdbd.service can be completely dropped.

The Disk Capacity field shows "Unknown" in gnome-control-center

Follow the steps in https://github.com/fcrozat/gdm-container/blob/main/README.md to

Deploy the container
Run gdm
Login the system via gdm
Launch the gnome-control-center
Navigate to the "About" and check the Disk Capacity field

Actual Result:
The Disk Capacity field shows "Unknown"

Avoid duplicate uid/gid of gdm user

The gdm user is set to a fixed user and group id pair as 473:473. My testing system somehow randomly make dnsmasq using this pair of uid/gid:

user@localhost:~> getent group | grep 473
dnsmasq:x:473:
gdm:x:473:
user@localhost:~> getent passwd | grep 473
dnsmasq:x:473:473:dnsmasq:/var/lib/empty:/usr/sbin/nologin
gdm:x:473:473:Gnome Display Manager daemon:/var/lib/gdm:/usr/sbin/nologin

We may find a way to mitigate the impact.

Fix gdm-systemd regarding tty

It's not trying wayland for some reason.

Execute "podman container runlabel install imageID" run into errors

On TW, install podman and accountsservice packages
run as root: podman container runlabel install registry.opensuse.org/home/fcrozat/branches/opensuse/templates/images/tumbleweed/containers/gdm-container

Actual Result:
We got cp: cannot stat '/container/usr/lib/tmpfiles.d/gdm.conf': No such file or directory error.

Fail to start gdm container by using `systemctl start gdm`

Fail to start gdm container by using systemctl start gdm.

While podman container runlabel run registry.opensuse.org/home/fcrozat/branches/opensuse/templates/images/tumbleweed/containers/gdm-container works fine.