From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <mbroz@redhat.com>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id wOfpfPVS98Ev for <dm-crypt@saout.de>;
 Wed, 17 Aug 2011 13:31:03 +0200 (CEST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 by mail.saout.de (Postfix) with ESMTP
 for <dm-crypt@saout.de>; Wed, 17 Aug 2011 13:31:01 +0200 (CEST)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
 (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
 by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p7HBV19j030166
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
 for <dm-crypt@saout.de>; Wed, 17 Aug 2011 07:31:01 -0400
Received: from [10.34.26.53] (tawny.brq.redhat.com [10.34.26.53])
 by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
 p7HBV05p026591
 for <dm-crypt@saout.de>; Wed, 17 Aug 2011 07:31:00 -0400
Message-ID: <4E4BA673.9060000@redhat.com>
Date: Wed, 17 Aug 2011 13:30:59 +0200
From: Milan Broz <mbroz@redhat.com>
MIME-Version: 1.0
References: <4E4AD6F2.8020800@archlinux.org> <4E4AE4DB.30205@redhat.com>
 <4E4AE740.9020800@archlinux.org> <4E4B6E61.4020301@redhat.com>
 <4E4BA46F.5010809@alexanderkoch.net> <1313577794.6534.12.camel@oban>
 <4E4B9C78.70504@redhat.com>
In-Reply-To: <4E4B9C78.70504@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] The weird bug again: semid XXXXXX: semop failed for
 cookie 0xdeadbeef: incorrect semaphore state
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

On 08/17/2011 12:48 PM, Milan Broz wrote:
>> For chromium, it might be that the default sandboxing (setuid one) uses
>> PID and network namespaces. Not sure why it'd mess with semaphores, but
>> maybe there's something to look at there.

It is apparently related to sandboxing, namely to using namespaces
(You need kernel support for it to reproduce. See about:sandbox in chromium.)

I would really like to know what crazy is chromium doing to global
system.

Despite I like the idea of sandboxing I have to ask
why it is part of "browser" and not some separate package.
What's next? Bundled kernel? :)

Also installing setuid /usr/lib64/chromium/chromium-sandbox ...
Not even man page for it. Sigh...

Milan