© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
The capability isn't really good to be checked, binfmt_misc isn't part of the usual caps that you'd get e.g. with getpcaps.
One would think that checking for the MP might be better:
root@Keschdeich
systemd-1 on /proc/sys/
binfmt_misc on /proc/sys/
Or the service /lib/systemd/
● binfmt-
Loaded: loaded (/lib/systemd/
Active: failed (Result: exit-code) since Mon 2019-09-09 08:37:20 UTC; 9ms ago
Docs: man:update-
Process: 551 ExecStart=
Main PID: 551 (code=exited, status=2)
Sep 09 08:37:20 e systemd[1]: Starting Enable support for additional executable binary formats...
Sep 09 08:37:20 e update-
Sep 09 08:37:20 e update-
Sep 09 08:37:20 e update-
And that is the same for the registering of the formats.
This is only mapped into the container and non-writable (usually).
If I remove the container safety exit I get the same:
$ sudo -E /var/lib/
...
update-binfmts: warning: unable to open /proc/sys/
update-binfmts: warning: unable to open /proc/sys/
update-binfmts: warning: unable to enable binary format qemu-hppa
update-binfmts: exiting due to previous errors
But unfortunately qemu-user-static only recommends binfmt-support (as strictly you can use qemu-user-static without binfmt). But to register anything this would need to be available.
The script already has a check if the binary `update-binfmts` exists (as it is only a recommends).
I'm beginning to lean towards `systemctl is-active binfmt-
If it is installed and failed, then the following registrations will fail as well and should not be tried.
While at the same time a container MIGHT be set up with plenty of permissions (privileged, special mapping of the host binfmt as writable). That isn't recommended but could be done.
The check to the active service would catch all of those - fix the bug in WSL (and probably other container formats), while at the same time enable the feature for those who set up privileged-