550580 – www-client/chromium-43.0.2357.65 kernel configuration error message is cryptic

Bug 550580 - www-client/chromium-43.0.2357.65 kernel configuration error message is cryptic

Summary: www-client/chromium-43.0.2357.65 kernel configuration error message is cryptic

Status:	RESOLVED OBSOLETE

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Chromium Project

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-05-27 18:43 UTC by DrSlony
Modified:	2015-09-20 19:34 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description DrSlony 2015-05-27 18:43:57 UTC

* Messages for package www-client/chromium-43.0.2357.65:

 *   USER_NS is required for sandbox to work
 * Please check to make sure these options are set correctly.
 * Failure to do so may cause unexpected problems.

What on earth is USER_NS? Where do we check to make sure these options are set correctly? What optionS (plural)? Failure to do so may cause what problems?

Comment 1 Mike Gilbert gentoo-dev

2015-05-27 19:21:43 UTC

(In reply to DrSlony from comment #0)
> What on earth is USER_NS?

It's a kernel configuration option.

I'll see if I can make the messaging a bit more clear.

Comment 2 Nick Pershyn 2015-06-03 18:17:39 UTC

(In reply to DrSlony from comment #0)
> What on earth is USER_NS?

If you run a menuconfig for kernel configuration you could press '/'. It would display a search menu. There you can paste "USER_NS". Search gives you the result. For example:

Symbol: USER_NS [=n]
Type  : boolean
Prompt: User namespace
  Location:
    -> General setup
      -> Namespaces support (NAMESPACES [=y])
  Defined at init/Kconfig:1188
  Depends on: NAMESPACES [=y]

If you go to that location you will find the option:
[ ]   User namespace

If you press '?' there you'll find that it is CONFIG_USER_NS which is the same as saying USER_NS kernel config option. It also contains the description:
This allows containers, i.e. vservers, to use user namespaces
to provide different user info for different servers.

When user namespaces are enabled in the kernel it is
recommended that the MEMCG and MEMCG_KMEM options also be
enabled and that user-space use the memory control groups to
limit the amount of memory a memory unprivileged users can
use.

If unsure, say N.

Comment 3 DrSlony 2015-06-03 20:44:24 UTC

Thank you for the detailed response.

Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev

2015-09-20 18:18:22 UTC

Is there something we can change related to this bug?

I'm just wondering whether it's a problem with chromium ebuild, or more of a support request.

Comment 5 DrSlony 2015-09-20 19:34:18 UTC

If the message came from the ebuild, then the ebuilds now in portage don't have that message anymore, so the issue is obsolete.

The issue was that the message was unclear, and even though Nick kindly explained it, his explanation would not have been necessary if the message was written more clearly, e.g. "The USER_NS kernel configuration option is required for sandbox to work <maybe a note here on what sandbox is>. Please make sure this option is set, as failure to do so may result in unexpected failures." Something to keep in mind for future ebuilds.