Conty: Errors in ChromeOS dev mode

I can run it from root after doing this:

xhost +local:
sudo -s
mount -o remount,exec /tmp
ALLOW_ROOT=1 ./conty.sh glxinfo

However if I try to run as a regular user I get this:

./conty.sh steam
Running Conty

bwrap: Failed to mount tmpfs: Operation not permitted

(This happens for trying any app.)

In Chromebrew we have been able to use bwrap as a regular user by using a wrapper script:

sudo chown root "/usr/local/bin/bwrap.elf"
sudo chmod +s "/usr/local/bin/bwrap.elf"
/usr/local/bin/bwrap.elf "$@"
sudo chown chronos "/usr/local/bin/bwrap.elf"

Any chance of using sudo with bwrap if the bwrap command fails?

We don’t have the option of using unprivileged user namespaces, as Google has disabled that in the kernels on these devices.

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 17 (7 by maintainers)

Most upvoted comments

Good! Just to note, there is no builtin firefox in the lite version of Conty, so it uses firefox binary from your PATH, maybe that’s the problem, not sure though.

+1
Kron4ek on Apr 1, 2021

Success!

SUDO_MOUNT=1 USE_SYS_UTILS=1 ./conty_lite_lz4.sh glxinfo -B
Using system squashfuse and bwrap
Using regular mount command (sudo mount) instead of squashfuse
Running Conty

name of display: :0
display: :0  screen: 0
direct rendering: Yes
Extended renderer info (GLX_MESA_query_renderer):
    Vendor: Intel Open Source Technology Center (0x8086)
    Device: Mesa DRI Intel(R) UHD Graphics 615 (AML-KBL) (0x591c)
    Version: 21.0.1
    Accelerated: yes
    Video memory: 3058MB
    Unified memory: yes
    Preferred profile: core (0x1)
    Max core profile version: 4.6
    Max compat profile version: 3.0
    Max GLES1 profile version: 1.1
    Max GLES[23] profile version: 3.2
OpenGL vendor string: Intel Open Source Technology Center
OpenGL renderer string: Mesa DRI Intel(R) UHD Graphics 615 (AML-KBL)
OpenGL core profile version string: 4.6 (Core Profile) Mesa 21.0.1
OpenGL core profile shading language version string: 4.60
OpenGL core profile context flags: (none)
OpenGL core profile profile mask: core profile

OpenGL version string: 3.0 Mesa 21.0.1
OpenGL shading language version string: 1.30
OpenGL context flags: (none)

OpenGL ES profile version string: OpenGL ES 3.2 Mesa 21.0.1
OpenGL ES profile shading language version string: OpenGL ES GLSL ES 3.20
+1
satmandu on Apr 1, 2021

I guess there is a better solution than running as root. Since you have bwrap wrapper in your /usr/local/bin (which is present in your PATH env variable, right?), you can make Conty to use bwrap (wrapper script in this case) and squashfuse installed on your system instead of the builtin ones.

export USE_SYS_UTILS=1
./conty.sh glxinfo

It should work without root rights after that, cosidering you have both bwrap and squashfuse installed. Do you have squashfuse in ChromeOS? If no, you can take it from the utils.tar uploaded in this repo.

I can also add an option to use just system-wide bwrap or just system-wide squashfuse instead of both of them at the same time, this should make running Conty easier for ChromeOS users, if there is no easy way to install squashfuse in ChromeOS.

+1
Kron4ek on Mar 31, 2021
Read more comments on GitHub
← cdrs-tokio: schema change event is never received
Conty: Wine crash on launch →