Remove check for unobstructed procfs mount.

This is no longer required as of gVisor release 20241104.

Updates issue #19.

Author: EtiennePerot

docs/setup.md

@@ -51,10 +51,6 @@ This is adequate for single-user setups not exposed to the outside Internet, whi
     * On **Kubernetes**: Add a [`hostPath` volume](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) with `path` set to `/sys/fs/cgroup`, then mount it in your container's `volumeMounts` with options `mountPath` set to `/sys/fs/cgroup` and `readOnly` set to `false`.
     * **Why**: This is needed so that gVisor can create child [cgroups](https://en.wikipedia.org/wiki/Cgroups), necessary to enforce per-sandbox resource usage limits.
     * If you wish to disable resource limiting on code evaluation sandboxes, you can skip this setting and not mount `cgroupfs` at all in the container. Note that this means code evaluation sandboxes will be able to take as much CPU and memory as they want.
-* **Mount `procfs` at `/proc2`**:
-    * On **Docker**: Add `--mount=type=bind,source=/proc,target=/proc2,readonly=false,bind-recursive=disabled` to `docker run`.
-    * On **Kubernetes**: Add a [`hostPath` volume](https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) with `path` set to `/proc`, then mount it in your container's `volumeMounts` with options `mountPath` set to `/proc2` and `readOnly` set to `false`.
-    * **Why**: By default, in non-privileged mode, the container runtime will mask certain sub-paths of `/proc` inside the container by creating submounts of `/proc` (e.g. `/proc/bus`, `/proc/sys`, etc.). gVisor does not really care or use anything under these sub-mounts, but *does* need to be able to mount `procfs` in the chroot environment it isolates itself in. However, its ability to mount `procfs` requires having an existing unobstructed view of `procfs` (i.e. a mount of `procfs` with no submounts). Otherwise, such mount attempts will be denied by the kernel (see the explanation for "locked" mounts on [`mount_namespaces(7)`](https://www.man7.org/linux/man-pages/man7/mount_namespaces.7.html)). Therefore, exposing an unobstructed (non-recursive) view of `/proc` elsewhere in the container filesystem (such as `/proc2`) informs the kernel that it is OK for this container to be able to mount `procfs`.
 * Remove the container's default **AppArmor profile**:
     * On **Docker**: Add `--security-opt=apparmor=unconfined` to `docker run`.
     * On **Kubernetes**: Set [`spec.securityContext.appArmorProfile.type`](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-apparmor-profile-for-a-container) to `Unconfined`.
@@ -213,7 +209,6 @@ $ git clone https://github.com/EtiennePerot/safe-code-execution && \
     --security-opt=apparmor=unconfined \
     --security-opt=label=type:container_engine_t \
     --mount=type=bind,source=/sys/fs/cgroup,target=/sys/fs/cgroup,readonly=false \
-    --mount=type=bind,source=/proc,target=/proc2,readonly=false,bind-recursive=disabled \
     --mount=type=bind,source="$(pwd)",target=/test \
     ghcr.io/open-webui/open-webui:main \
     sh -c 'python3 /test/open-webui/tools/run_code.py --self_test && python3 /test/open-webui/functions/run_code.py --self_test'

open-webui/functions/run_code.py

@@ -2858,54 +2858,6 @@ def check_cgroups(cls):
                 "cgroupfs does not have the 'memory' controller enabled, necessary to enforce memory limits; please enable it, or disable resource limiting if appropriate"
             )
 
-    @classmethod
-    def check_procfs(cls):
-        """
-        Verifies that we have an unobstructed view of procfs.
-
-        :return: Nothing.
-        :raises EnvironmentNeedsSetupException: If procfs is obstructed.
-        """
-        mount_infos = []
-        with open("/proc/self/mountinfo", "rb") as mountinfo_f:
-            for line in mountinfo_f:
-                line = line.decode("utf-8").strip()
-                if not line:
-                    continue
-                mount_components = line.split(" ")
-                if len(mount_components) < 10:
-                    continue
-                hyphen_index = mount_components.index("-")
-                if hyphen_index < 6:
-                    continue
-                mount_info = {
-                    "mount_path": mount_components[4],
-                    "path_within_mount": mount_components[3],
-                    "fs_type": mount_components[hyphen_index + 1],
-                }
-                mount_infos.append(mount_info)
-        procfs_mounts = frozenset(
-            m["mount_path"]
-            for m in mount_infos
-            if m["fs_type"] == "proc" and m["path_within_mount"] == "/"
-        )
-        if len(procfs_mounts) == 0:
-            raise cls.EnvironmentNeedsSetupException(
-                "procfs is not mounted; please mount it"
-            )
-        obstructed_procfs_mounts = set()
-        for mount_info in mount_infos:
-            for procfs_mount in procfs_mounts:
-                if mount_info["mount_path"].startswith(procfs_mount + os.sep):
-                    obstructed_procfs_mounts.add(procfs_mount)
-        for procfs_mount in procfs_mounts:
-            if procfs_mount not in obstructed_procfs_mounts:
-                return  # We have at least one unobstructed procfs view.
-        assert len(obstructed_procfs_mounts) > 0, "Logic error"
-        raise cls.EnvironmentNeedsSetupException(
-            "procfs is obstructed; please mount a new procfs mount somewhere in the container, e.g. /proc2 (`--mount=type=bind,source=/proc,target=/proc2,readonly=false,bind-recursive=disabled`)"
-        )
-
     @classmethod
     def unshare(cls, flags):
         """
@@ -3033,7 +2985,6 @@ def check_setup(
         cls.check_unshare()
         if require_resource_limiting:
             cls.check_cgroups()
-        cls.check_procfs()
         if not auto_install_allowed and cls.get_runsc_path() is None:
             raise cls.GVisorNotInstalledException(
                 "gVisor is not installed (runsc binary not found in $PATH); please install it or enable AUTO_INSTALL valve for auto installation"

open-webui/tools/run_code.py

@@ -2275,54 +2275,6 @@ def check_cgroups(cls):
                 "cgroupfs does not have the 'memory' controller enabled, necessary to enforce memory limits; please enable it, or disable resource limiting if appropriate"
             )
 
-    @classmethod
-    def check_procfs(cls):
-        """
-        Verifies that we have an unobstructed view of procfs.
-
-        :return: Nothing.
-        :raises EnvironmentNeedsSetupException: If procfs is obstructed.
-        """
-        mount_infos = []
-        with open("/proc/self/mountinfo", "rb") as mountinfo_f:
-            for line in mountinfo_f:
-                line = line.decode("utf-8").strip()
-                if not line:
-                    continue
-                mount_components = line.split(" ")
-                if len(mount_components) < 10:
-                    continue
-                hyphen_index = mount_components.index("-")
-                if hyphen_index < 6:
-                    continue
-                mount_info = {
-                    "mount_path": mount_components[4],
-                    "path_within_mount": mount_components[3],
-                    "fs_type": mount_components[hyphen_index + 1],
-                }
-                mount_infos.append(mount_info)
-        procfs_mounts = frozenset(
-            m["mount_path"]
-            for m in mount_infos
-            if m["fs_type"] == "proc" and m["path_within_mount"] == "/"
-        )
-        if len(procfs_mounts) == 0:
-            raise cls.EnvironmentNeedsSetupException(
-                "procfs is not mounted; please mount it"
-            )
-        obstructed_procfs_mounts = set()
-        for mount_info in mount_infos:
-            for procfs_mount in procfs_mounts:
-                if mount_info["mount_path"].startswith(procfs_mount + os.sep):
-                    obstructed_procfs_mounts.add(procfs_mount)
-        for procfs_mount in procfs_mounts:
-            if procfs_mount not in obstructed_procfs_mounts:
-                return  # We have at least one unobstructed procfs view.
-        assert len(obstructed_procfs_mounts) > 0, "Logic error"
-        raise cls.EnvironmentNeedsSetupException(
-            "procfs is obstructed; please mount a new procfs mount somewhere in the container, e.g. /proc2 (`--mount=type=bind,source=/proc,target=/proc2,readonly=false,bind-recursive=disabled`)"
-        )
-
     @classmethod
     def unshare(cls, flags):
         """
@@ -2450,7 +2402,6 @@ def check_setup(
         cls.check_unshare()
         if require_resource_limiting:
             cls.check_cgroups()
-        cls.check_procfs()
         if not auto_install_allowed and cls.get_runsc_path() is None:
             raise cls.GVisorNotInstalledException(
                 "gVisor is not installed (runsc binary not found in $PATH); please install it or enable AUTO_INSTALL valve for auto installation"

src/safecode/sandbox.py

@@ -1783,54 +1783,6 @@ def check_cgroups(cls):
                 "cgroupfs does not have the 'memory' controller enabled, necessary to enforce memory limits; please enable it, or disable resource limiting if appropriate"
             )
 
-    @classmethod
-    def check_procfs(cls):
-        """
-        Verifies that we have an unobstructed view of procfs.
-
-        :return: Nothing.
-        :raises EnvironmentNeedsSetupException: If procfs is obstructed.
-        """
-        mount_infos = []
-        with open("/proc/self/mountinfo", "rb") as mountinfo_f:
-            for line in mountinfo_f:
-                line = line.decode("utf-8").strip()
-                if not line:
-                    continue
-                mount_components = line.split(" ")
-                if len(mount_components) < 10:
-                    continue
-                hyphen_index = mount_components.index("-")
-                if hyphen_index < 6:
-                    continue
-                mount_info = {
-                    "mount_path": mount_components[4],
-                    "path_within_mount": mount_components[3],
-                    "fs_type": mount_components[hyphen_index + 1],
-                }
-                mount_infos.append(mount_info)
-        procfs_mounts = frozenset(
-            m["mount_path"]
-            for m in mount_infos
-            if m["fs_type"] == "proc" and m["path_within_mount"] == "/"
-        )
-        if len(procfs_mounts) == 0:
-            raise cls.EnvironmentNeedsSetupException(
-                "procfs is not mounted; please mount it"
-            )
-        obstructed_procfs_mounts = set()
-        for mount_info in mount_infos:
-            for procfs_mount in procfs_mounts:
-                if mount_info["mount_path"].startswith(procfs_mount + os.sep):
-                    obstructed_procfs_mounts.add(procfs_mount)
-        for procfs_mount in procfs_mounts:
-            if procfs_mount not in obstructed_procfs_mounts:
-                return  # We have at least one unobstructed procfs view.
-        assert len(obstructed_procfs_mounts) > 0, "Logic error"
-        raise cls.EnvironmentNeedsSetupException(
-            "procfs is obstructed; please mount a new procfs mount somewhere in the container, e.g. /proc2 (`--mount=type=bind,source=/proc,target=/proc2,readonly=false,bind-recursive=disabled`)"
-        )
-
     @classmethod
     def unshare(cls, flags):
         """
@@ -1958,7 +1910,6 @@ def check_setup(
         cls.check_unshare()
         if require_resource_limiting:
             cls.check_cgroups()
-        cls.check_procfs()
         if not auto_install_allowed and cls.get_runsc_path() is None:
             raise cls.GVisorNotInstalledException(
                 "gVisor is not installed (runsc binary not found in $PATH); please install it or enable AUTO_INSTALL valve for auto installation"