Matthias Gerstner mgerstner

## README.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                mgerstner
                / README.md
            
            
              Created
              November 23, 2021 10:43
            
              
                Connection to hosts D-Bus daemon not working from within user namespace
              
          
    When trying to enter a user namespace and still communicating with the rest of the Linux system via D-Bus then this won't work:
$ unshare -U -r
$ root # dbus-monitor --system
Failed to open connection to system bus: Did not receive a reply. Possible causes include: \
 the remote application did not send a reply, the message bus security policy blocked the reply, \
 the reply timeout expired, or the network connection was broken.

The reason for this is a bit intricate. It is not found on kernel permission level but in the D-Bus userspace logic. It is explained in this mailing list post:

  
## scpio.sh
#!/bin/bash

if ! which nsjail >/dev/null 2>&1; then
  echo "you need nsjail (security/nsjail in OBS) for this wrapper to work"
  exit 1
fi

# we need to create a temporary config file since mounts with
# : don't work on the command line
TMPFILE=`mktemp -t is_maintained.nsjail.XXXXXXXXXX` || exit 1
	#!/bin/bash

	if ! which nsjail >/dev/null 2>&1; then
	echo "you need nsjail (security/nsjail in OBS) for this wrapper to work"
	exit 1
	fi

	# we need to create a temporary config file since mounts with
	# : don't work on the command line
	TMPFILE=`mktemp -t is_maintained.nsjail.XXXXXXXXXX` \|\| exit 1