Crouton: Google Play crashes on Crouton chroot mount

same issue on Acer r11 on developer channel. Google Play appeared after the latest chrome update. Google play was working and so were the 3 Android apps I installed, but could no longer start Xfce , stuck in a loop requiring a password.

Fixed crouton by wiping it out and reinstalling from scratch.

Google Play no longer works at all , fails to start. Error message " unfortunately Google Play has stopped"

a bit off topic, but if I update my Toshiba Chromebook2 (2015) to dev channel, can I access the play store?

or is it only 3 systems now, and others on the compatibility list later in the year?

@tedm -

Not yet, only the 3 systems have it working on the beta channel now.
A lot of us are waiting for the roll out to other systems but the site now says: 2016/2017 so we'll have to keep our fingers crossed and see if it arrives this year.

-DennisL

@DennisLfromGA Thanks Dennis, I wonder why the early testing is limited to 3 machines, and not all of the proposed compatible systems?

Having the same issue, although I'm running chroot off an external SD card (also from an USB drive). The developer version works fine until I start a linux session then android apps start crashing left and right. I'm on an R11. I think the same behavior is now happening on the beta version as well.

There could be some interference from SELinux. I'll try to look into it when I get a chance.

latest update fixed this issue for me - update - appeared to fix the issue, but has now returned.

Version 53.0.2785.47 beta (64-bit)
Platform 8530.43.0 (Official Build) beta-channel cyan
ARC Version 3117197
Firmware Google_Cyan.7287.57.64

For what it's worth, I've created a video and short blog post about the behavior. Hoping someone can fix it. http://fuzzythinking.davidmullens.com/content/chromebook-chromeos-53-android-apps-and-crouton-linux-conflict/

I've done some sleuthing into this. I'm currently running Beta channel, and crouton for a delicious and usable Emacs environment.

Commenting out the /sys/fs/selinux remount-as-RO section in enter-chroot allows me to get into a terminal chroot, with some complaints from dbus. Android apps (Settings, Play) seem to work, persist, survive suspends, and survive crouton usage. (I seemingly cannot use startxiwi like this, but didn't look into it much.)

Turning that section back on (remounting the slaved,shared /sys/fs/selinux as RO), causes the Android crashes quite readily.

I don't understand the ramifications of an rshared->rbind+rslave setup with a RO remount on the slave. But that seems to be the trouble spot.

So, I think i have a viable fix. It is dependent on information I don't have which is the answer to the question: "Do we depend on SELinux in the chroot?"

If we don't, then the fix is this:

$ diff -u enter-chroot.orig enter-chroot
--- enter-chroot.orig   2016-08-18 19:08:17.410285787 -0400
+++ enter-chroot        2016-08-18 19:08:17.410285787 -0400
@@ -777,10 +777,7 @@
     mount --make-rshared /sys
     mount --rbind /sys "$CHROOT/sys"
     mount --make-rslave "$CHROOT/sys"
-    # Remount selinux as ro
-    if [ -d "$CHROOT/sys/fs/selinux" ]; then
-        mount -o remount,ro "$CHROOT/sys/fs/selinux"
-    fi
+    umount $CHROOT/sys/fs/selinux
 fi

 # Modify chroot's /sys/class/drm to avoid vgem

With the above change, I can start my chroot, and all Android apps continue on happily.

I'll make a fork,branch,pull-request shortly. If in the interim, feedback could be given on the sense of this, I'd appreciate it. I use SELinux wittingly all of never.

I can confirm that this works like a charm for me! I guess once the pull
request is merged and closed, we can close this issue.

The only disadvantage would be not having selinux. Out of curiosity why do
android apps crash if /sys/fs/selinux is mounted?

On Thu, Aug 18, 2016 at 4:14 PM, Armando Di Cianno <[email protected]

wrote:

So, I think i have a viable fix. It is dependent on information I don't
have which is the answer to the question: "Do we depend on SELinux in the
chroot?"

If we don't, then the fix is this:

$ diff -u enter-chroot.orig enter-chroot
--- enter-chroot.orig 2016-08-18 19:08:17.410285787 -0400
+++ enter-chroot 2016-08-18 19:08:17.410285787 -0400
@@ -777,10 +777,7 @@
mount --make-rshared /sys
mount --rbind /sys "$CHROOT/sys"
mount --make-rslave "$CHROOT/sys"

• # Remount selinux as ro
• if [ -d "$CHROOT/sys/fs/selinux" ]; then
• mount -o remount,ro "$CHROOT/sys/fs/selinux"
• fi
• umount $CHROOT/sys/fs/selinux
  fi

# Modify chroot's /sys/class/drm to avoid vgem

With the above change, I can start my chroot, and all Android apps
continue on happily.

I'll make a fork,branch,pull-request shortly. If in the interim, feedback
could be given on the sense of this, I'd appreciate it. I use SELinux
wittingly all of never.

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
https://github.com/dnschneid/crouton/issues/2706#issuecomment-240884693,
or mute the thread
https://github.com/notifications/unsubscribe-auth/ABXUGkU6_ypIEVulLWXl1esEUblDearMks5qhOc4gaJpZM4JaCOe
.

I'm on Dev (version 54) and thing seem to be working for me too. Thanks for looking into this.

@sshivaji from what I can tell Chrome OS institutes a lot of SELinux policy/enablement (see /etc/selinux/arc) to allow ARC to make android apps magically work. That's why it exists, but ... as for why a crash happens with crouton, I'm honestly not 100% sure. It could be as odd and simple as the remount,ro on the bind-mounted selinuxfs file system somehow interrupted the standard system SELinux (and thereby killing ARC, which uses it heavily), or it could be that it wasn't really remounted read-only, and crouton is touching it somehow. Either way, I suspect most of aren't consciously using SELinux in our crouton setups, and for me, having Android Evernote and a real emacs simultaneously was too good not to make work. :-)

@dmullens awesome! Yeah, tiny bug, but it was very aggravating -- having crouton and Android apps is pretty great. :-)

I just got an update on Beta channel, and the fix is still working.

Updated Chrome OS version info:

Version 53.0.2785.70 beta
Platform 8530.62.0 (Official Build) beta-channel veyron_minnie
ARC Version 3152187
Firmware Google_Veyron_Minnie.6588.197.0

I got that update this morning but the issue is still there for me

Acer R11
Version 53.0.2785.70 beta (64-bit)
Platform 8530.62.0 (Official Build) beta-channel cyan
ARC Version 3152187
Firmware Google_Cyan.7287.57.64

Your Chromebook is up to date.

So, I spent a little more time trying to shave this yak thoroughly, but I've resigned myself to believing that "don't use SELinux in the chroot" is the right choice.

I tried to mount selinuxfs itself and bind-mounting and/or copying various bits of /etc/selinux. This works to a point. However, once the chroot knows about how it's supposed to enforce/configure SELinux, the dbus errors come back. I actually traced the dbus/selinux/in-chroot error to a missing configuration file from the host system (it's looking for CONTEXT_ROOT/contexts/dbus_contexts (so root is "arc" on the host, for e.g). That file doesn't exist on the host, and if /etc/selinux is bind-mounted, one can't really write files into it (since the host is RO). Then I tried to copy all the files instead of a bind mount as well as creating an empty/fully-open dbus_contexts file. That actually worked. Then I started to get "legitimate" SELinux errors when starting X (since it was using the host system's configuration now, and enforcing who-knows-what policies).

... at that point I decided none of this was worth it. SELinux and chroots just don't mix in a nice way, I suppose. So, I stand by my original patch and pull-request.

@pjchamberlain if you apply the very minor patch (see above or my pull request), it should work for you. I'd be interested to know your results if you try it.

@greymouser Its really great to use both crouton and Android simultaneously, feels like a dream come true! On SELinux, I am fine with your patch the way it is. I now feel that expecting to use SElinux in a hybrid android, crouton environment is very unusual!

@greymouser that is indeed one well-shaved yak. Thanks for digging into SELinux; have an ice cream 🍦

@greymouser applying a patch is a bit beyond me otherwise I'd give it a go

@pjchamberlain

All you have to do is edit /usr/local/bin/enter-chroot. Find the line with #Remount selinux as ro in the file. Then delete the lines marked as minus below and add the + line to the file (the line starting with umount). Then save the file and restart the chroot and you are good to go.

# Remount selinux as ro
-    if [ -d "$CHROOT/sys/fs/selinux" ]; then
-        mount -o remount,ro "$CHROOT/sys/fs/selinux"
-    fi
+    umount $CHROOT/sys/fs/selinux
 fi 

@pjchamberlain,

@sshivaji advice is the simple way to do it, just remember you'll need to edit the file again after each crouton update - until the pull request is mergerd.

-DennisL

Thanks @sshivaji - I can edit scripts :-) and yes @greymouser it's working for me. - including skype which is a real PITA to get working on linux. Happy days.

This should be fixed in the latest release now. Please re-open if things are still broken.

@sshivaji how would I be able to edit it in the terminal?? I tried vim, didnt work in terminal. pls help, im a noob.. DDDD:

mount: /run/crouton/mnt/stateful_partition/crouton/chroots/precise/sys/fs/selinux not mounted or bad option

   In some cases useful info is found in syslog - try
   dmesg | tail or so.

Unmounting /mnt/stateful_partition/crouton/chroots/precise...
was my error.

@Herran - Just update your chroot using crouton's '-u' option, no editing required since it's now been merged.

@DennisLfromGA when i tried "sudo sh ~/Downloads/crouton -n precise -u" I recieve sudo sh ~/Downloads/crouton -n precise -u
Downloading latest crouton installer...

################################################################## 100.0%

/usr/local/chroots/precise already exists; updating it...
Preparing chroot environment...
Installing brightness into the chroot...
Installing croutonpowerd into the chroot...
Installing croutonversion into the chroot...
Installing host-dbus into the chroot...
Installing host-x11 into the chroot...
Installing volume into the chroot...
Installing pulseaudio-default.pa into the chroot...
Installing croutoncycle into the chroot...
Installing croutontriggerd into the chroot...
Installing croutonxinitrc-wrapper into the chroot...
Installing setres into the chroot...
Installing xinit into the chroot...
Installing xbindkeysrc.scm into the chroot...
Installing xorg-intel-sna.conf into the chroot...
Installing xserverrc into the chroot...
Installing xserverrc-xorg into the chroot...
Installing xserverrc-local.example into the chroot...
Installing startxfce4 into the host...
Installing crouton-noroot into the chroot...
Installing startxfce4 into the chroot...
Installing enter-chroot into the host...
Installing delete-chroot into the host...
Installing edit-chroot into the host...
Installing mount-chroot into the host...
Installing unmount-chroot into the host...
Installing crash_reporter_wrapper into the host...
mount: /run/crouton/mnt/stateful_partition/crouton/chroots/precise/sys/fs/selinux not mounted or bad option

   In some cases useful info is found in syslog - try
   dmesg | tail or so.

Unmounting /mnt/stateful_partition/crouton/chroots/precise...

@Herran,

Download a fresh copy of crouton from here: https://goo.gl/fd3zc
Then again try: sudo sh ~/Downloads/crouton -n precise -u

The needed changes _have_ been merged so it _should_ update without error or at least get past the 'selinux' error.

-DennisL

@DennisLfromGA keeps erroring for me :( guess its just my computer.

@Herran,

Sorry, try deleting 'crouton' first -

rm -f ~/Downloads/crouton

then do the above download and update.

-DennyL

@Herran have you recently rebooted? If you previously unmounted selinux or something, you'll get errors until you reboot.

oh thanks.

On Thu, Sep 1, 2016 at 6:05 PM, David Schneider [email protected]
wrote:

@Herran https://github.com/Herran have you recently rebooted? If you
previously unmounted selinux or something, you'll get errors until you
reboot.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/dnschneid/crouton/issues/2706#issuecomment-244256674,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AUrwMSePXLGTI3mx_Sf-pPOlF4CU2OGBks5ql3ZEgaJpZM4JaCOe
.

Thanks for the fix. Working for me

still continues to fail. Tried everything :(

On Fri, Sep 2, 2016 at 12:53 AM, pjchamberlain [email protected]
wrote:

Thanks for the fix. Working for me

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/dnschneid/crouton/issues/2706#issuecomment-244307775,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AUrwMdvfIDMsFR6cBDC6dOrU5hCMPYCtks5ql9XtgaJpZM4JaCOe
.

I thought this was closed I'm still having the same issue. I just opened a
new issue... # 2758.

On Fri, Sep 2, 2016 at 7:21 AM, Herran [email protected] wrote:

still continues to fail. Tried everything :(

On Fri, Sep 2, 2016 at 12:53 AM, pjchamberlain [email protected]
wrote:

Thanks for the fix. Working for me

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<https://github.com/dnschneid/crouton/issues/2706#issuecomment-244307775
,
or mute the thread
AUrwMdvfIDMsFR6cBDC6dOrU5hCMPYCtks5ql9XtgaJpZM4JaCOe>
.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/dnschneid/crouton/issues/2706#issuecomment-244388461,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AUSNW6FOn4yiUChHh_yQChnwzOIH5gWpks5qmDDzgaJpZM4JaCOe
.