Skip to content
GitLab
Open
Created by Bastien Nocera@hadess

"Failed to close file descriptor for child process (Operation not permitted)" on reader

Using rawhide, with glib 2.71.0 plus this patch:

commit ce04a124040be091407e070280d86ca810bacb8c
Author: Philip Withnall <pwithnall@endlessos.org>
Date:   Mon Jan 17 15:27:24 2022 +0000

    gspawn: Report errors with closing file descriptors between fork/exec
    
    If a seccomp policy is set up incorrectly so that it returns `EPERM` for
    `close_range()` rather than `ENOSYS` due to it not being recognised, no
    error would previously be reported from GLib, but some file descriptors
    wouldn’t be closed, and that would cause a hung zombie process. The
    zombie process would be waiting for one half of a socket to be closed.
    
    Fix that by correctly propagating errors from `close_range()` back to the
    parent process so they can be reported correctly.
    
    Distributions which aren’t yet carrying the Docker fix to correctly
    return `ENOSYS` from unrecognised syscalls may want to temporarily carry
    an additional patch to fall back to `safe_fdwalk()` if `close_range()`
    fails with `EPERM`. This change will not be accepted upstream as `EPERM`
    is not the right error for `close_range()` to be returning.
    
    Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
    
    Fixes: #2580

We get errors running gnome-bluetooth's build on progress.gnome.org:

[1/211] Generating lib/bluetooth-settings-resources_c with a custom command
FAILED: lib/bluetooth-settings-resources.c 
/usr/bin/glib-compile-resources ../lib/bluetooth.gresource.xml --sourcedir lib --sourcedir ../lib --c-name bluetooth_settings --generate --target lib/bluetooth-settings-resources.c --dependency-file lib/bluetooth-settings-resources.c.d
../lib/bluetooth.gresource.xml: Failed to close file descriptor for child process (Operation not permitted).
[2/211] Generating lib/bluetooth-settings-resources_h with a custom command
FAILED: lib/bluetooth-settings-resources.h 
/usr/bin/glib-compile-resources ../lib/bluetooth.gresource.xml --sourcedir lib --sourcedir ../lib --c-name bluetooth_settings --generate --target lib/bluetooth-settings-resources.h
../lib/bluetooth.gresource.xml: Failed to close file descriptor for child process (Operation not permitted).

(job https://gitlab.gnome.org/verdre/gnome-bluetooth/-/jobs/1776897)

Ideally the runner would be updated so it returns the correct value when close_range() fails.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information