I tried to compile wine-cvs on Gentoo and it got stopped during the install stage with a sandbox violation.
This is a gentoo feature protecting the system from software that steps outside its own territory. It seems that wine is taking it upon itself to mod the mimetypes for the whole system.
Is this an oversight or am I misreading it?
Sorry the output got chopped but you get the picture.
--------------------------- ACCESS VIOLAT LOG FILE = "/var/log/sandbox/sandbox-app-
rename: /usr/local/share/applications/ unlink: /usr/local/share/applications/ rename: /usr/share/applications/.mimei unlink: /usr/share/applications/.mimei -----------------------------------------
Regards.
On Thu, Oct 27, 2005 at 08:38:27PM +0200, wino@piments.com wrote:
I tried to compile wine-cvs on Gentoo and it got stopped during the install stage with a sandbox violation.
This is a gentoo feature protecting the system from software that steps outside its own territory. It seems that wine is taking it upon itself to mod the mimetypes for the whole system.
Is this an oversight or am I misreading it?
Sorry the output got chopped but you get the picture.
Its the update-mime-database call I guess.
So yes, WINE might step out of the sandbox here.
Ciao, Marcus
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what program to load the exe's with... but then again I could be wrong. anyone else?
Dustin
wino@piments.com wrote:
I tried to compile wine-cvs on Gentoo and it got stopped during the install stage with a sandbox violation.
This is a gentoo feature protecting the system from software that steps outside its own territory. It seems that wine is taking it upon itself to mod the mimetypes for the whole system.
Is this an oversight or am I misreading it?
Sorry the output got chopped but you get the picture.
--------------------------- ACCESS VIOLAT LOG FILE = "/var/log/sandbox/sandbox-app-
rename: /usr/local/share/applications/ unlink: /usr/local/share/applications/ rename: /usr/share/applications/.mimei unlink: /usr/share/applications/.mimei
Regards.
On Thu, 27 Oct 2005 21:23:48 +0200, Dustin Navea speeddymon@gmail.com wrote:
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what program to load the exe's with... but then again I could be wrong. anyone else?
Dustin
Well that's why the sandbox is there.
I install Wine for one specific user account that has suitably restricted access rights. I do not want wine or wine installer to go outside that brief.
I want wine on this system so that I can use on or two bits of windows software , I DO NOT want it to start thinking it really IS windows and start taking over my computer for me.
That is the fundamental reason why I use Linux and not M$.
I think I mis-worded what I was trying to say.. I believe that the mimetypes have to be updated specifically for the .exe binaries. If you have ever tried to click on an executable when wine is not installed, your GUI shows you the action that it is running the file, but it doesn't do anything (because wine isnt installed, and the gui can't run PE binaries, only aout and elf ones).. So wine has to update the mimetype for exe's, so that when you double click on one, it does the same as opening a console and typing "wine filename.exe"..
Hope that clears up what I was trying to say previously.
Dustin
wino@piments.com wrote:
On Thu, 27 Oct 2005 21:23:48 +0200, Dustin Navea speeddymon@gmail.com wrote:
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what program to load the exe's with... but then again I could be wrong. anyone else?
Dustin
Well that's why the sandbox is there.
I install Wine for one specific user account that has suitably restricted access rights. I do not want wine or wine installer to go outside that brief.
I want wine on this system so that I can use on or two bits of windows software , I DO NOT want it to start thinking it really IS windows and start taking over my computer for me.
That is the fundamental reason why I use Linux and not M$.
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
What it is does is the first time it is run it _asks_ me if I wish to associalte it with certain file types and depending on the response it sets some preference _for that user_.
If I then start gimp as another user it has no knowlege of this and asks the same questions : for that user.
What I am trying to suggest here is that spending too long , too close to windows code it can be infectious. I am trying to raise a little reminder of where we are here. Linuxland not Billville.
If you have ever tried to click on an executable ...
A .exe is not an "executable" on this system. You cannot "click" on a file, a file is data on a disk. You may click on a filename displayed in a filemanager at which point I would expect it to execute the program , if any , I have associtated with that file type. If I have installed new software I may need to alter that setting.
your GUI shows you the action that it is running the file,
Does it? What GUI is that? Are refering to a window manager, a desktop environment or a file manager ??
If it does as you say , your particular GUI is broken I suggest you try another that behaves correctly.
OK, I wont labour the point any more.
If installing wine is messing with global config files , it should not be.
Regards.
On Thu, 27 Oct 2005 22:53:19 +0200, Dustin Navea speeddymon@gmail.com wrote:
I think I mis-worded what I was trying to say.. I believe that the mimetypes have to be updated specifically for the .exe binaries. If you have ever tried to click on an executable when wine is not installed, your GUI shows you the action that it is running the file, but it doesn't do anything (because wine isnt installed, and the gui can't run PE binaries, only aout and elf ones).. So wine has to update the mimetype for exe's, so that when you double click on one, it does the same as opening a console and typing "wine filename.exe"..
Hope that clears up what I was trying to say previously.
Dustin
wino@piments.com wrote:
On Thu, 27 Oct 2005 21:23:48 +0200, Dustin Navea speeddymon@gmail.com wrote:
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what program to load the exe's with... but then again I could be wrong. anyone else?
Dustin
Well that's why the sandbox is there. I install Wine for one specific user account that has suitably restricted access rights. I do not want wine or wine installer to go outside that brief. I want wine on this system so that I can use on or two bits of windows software , I DO NOT want it to start thinking it really IS windows and start taking over my computer for me. That is the fundamental reason why I use Linux and not M$.
Thursday, October 27, 2005, 5:04:05 PM, wino@piments.com wrote:
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
I wander what else can you use to open exe files with? And not just open, but run?
Vitaliy
On Fri, 28 Oct 2005 01:11:21 +0200, Vitaliy Margolen wine-devel@kievinfo.com wrote:
Thursday, October 27, 2005, 5:04:05 PM, wino@piments.com wrote:
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
I wander what else can you use to open exe files with? And not just open, but run?
Vitaliy
winex , dosemu ?? But that's not the point.
On Fri, 28 Oct 2005 01:11:21 +0200, Vitaliy Margolen wine-devel@kievinfo.com wrote:
Thursday, October 27, 2005, 5:04:05 PM, wino@piments.com wrote:
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
I wander what else can you use to open exe files with? And not just open, but run?
Vitaliy
crossover, win4lin
btw, I thought open and run was the same thing. LOL
wino@piments.com wrote:
On Fri, 28 Oct 2005 01:11:21 +0200, Vitaliy Margolen wine-devel@kievinfo.com wrote:
Thursday, October 27, 2005, 5:04:05 PM, wino@piments.com wrote:
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
I wander what else can you use to open exe files with? And not just open, but run?
Vitaliy
crossover, win4lin
btw, I thought open and run was the same thing. LOL
No, because you may wish to open the file in a disassembler, a hex editor, a resource viewer, etc. In these cases, you certainly wouldn't want to *run* it. I think that's a part of the point :P.
On Fri, 28 Oct 2005, wino@piments.com wrote: [...]
I wander what else can you use to open exe files with? And not just open, but run?
[...]
crossover, win4lin
This is probably a bit off topic, but are you sure about Win4Lin? Unlike the other applications mentionned before I thought it only ran Virtual Machines...
that is exactly my point.. lol thanks for saving me the time of writing what you just said..
wino: wine believes it needs to do that for all users, because it thinks that all users want to run windows programs.. I understand now that you only want to be able to run wine under 1 user, and so therefore it shouldnt change system-wide settings, but is there a .exe mimetype on a user level? Last time I checked there wasn't, and so therefore it has to do it on the system level, and the only reason that wine needs to control the exe's is because there isnt anything else that will run a .exe file itself. Notice i said run.. You can load .exe's into a hex editor, and maybe that is what you want to do on your other users, in which case I agree, wine should ask if you associate .exe's with wine. But most users who are installing wine, are probably going to be doing it to run windows programs, and on a system-wide level, not to run windows programs on a per-user level, and load them in a hex editor on all other users, which is why wine is just taking control, instead of asking, to make it a more user-friendly experience.
Hope that makes sense..
Dustin
Vitaliy Margolen wrote:
Thursday, October 27, 2005, 5:04:05 PM, wino@piments.com wrote:
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
I wander what else can you use to open exe files with? And not just open, but run?
Vitaliy
On Fri, 28 Oct 2005 02:02:14 +0200, Dustin Navea speeddymon@gmail.com wrote:
which is why wine is just taking control, instead of asking, to make it a more user-friendly experience.
Stop , no more! That is _exactly_ the windows mentality I am refering to. That is the whole point.
This , " I know what you want and need so I will take over and run your system and your life just to be nice and user-frendly" is what we REALY, REALY dont need transfering to Linux.
It is not the business of Wine to start friggin with my system.
If I wanted moron-user-friendly I would still be running M$ not Linux.
If I wanted moron-user-friendly I would still be running M$ not Linux.
Ah then we could petition AJ to remove the configure script and go back to Makefile templates that you modify to be aligned with your configuration :-)
And frankly, if you want to control exactly what the installer does, just do not type 'make install' and copy the files over yourself.
Lionel
On Fri, 28 Oct 2005 20:40:04 +0200, Lionel Ulmer lionel.ulmer@free.fr wrote:
If I wanted moron-user-friendly I would still be running M$ not Linux.
Ah then we could petition AJ to remove the configure script and go back to Makefile templates that you modify to be aligned with your configuration :-)
And frankly, if you want to control exactly what the installer does, just do not type 'make install' and copy the files over yourself.
Lionel
No, I think the configuration script is fine with this one exception. It should not be reconfiguring the system, it's that simple , no need to extrapolate to rediculous lengths or to do hand configure.
I just emerged wine-0.9 and it did not show this behaviour.
I was replying to Dustin's suggestion that this kind of incorrect behaviour is fine because it can be called "user-friendly" , which is not an appropriate arguement on Linux.
I suggest we kill this discussion the point has been made.
Regards.
Hello,
Stop , no more! That is _exactly_ the windows mentality I am refering to. That is the whole point.
This , " I know what you want and need so I will take over and run your system and your life just to be nice and user-frendly" is what we REALY, REALY dont need transfering to Linux.
I know that this is not exactly the point, but I think the Gnome/KDE/whatsoever mime type handling can cope with multiple applications per mime type. So if dosemu is allready asociated, wine wouldn't overwrite this, it just adds itself to the list of possible apps. At least that's what happens with the Open Document formats when both OpenOffice and Kword are installed. If I click on an .odt file, Openoffice comes up, if I right click it, I can select OpenOffice Writer, Kword, or let KDE open an application chooser dialog, where I can pass any application.
I think what Wine does here is perfectly ok. Many other Linux apps add themselves to the Menu / Mime type database(OpenOffice, KOffice, Firefox, RealPlayer. Not doing so would cause many problems for new users. On the other hand, if one doesn't want an app to modify it's system, it's perfectly OK to install it for one user only.
If there's a problem with overriding existing mime type asociations, than the mime type handling is too limited and should be extended, for example, by allowing multiple applications to be asociated with a mime type, like KDE does.
Stefan
Stefan Dösinger wrote:
Hello,
Stop , no more! That is _exactly_ the windows mentality I am refering to. That is the whole point.
This , " I know what you want and need so I will take over and run your system and your life just to be nice and user-frendly" is what we REALY, REALY dont need transfering to Linux.
I know that this is not exactly the point, but I think the Gnome/KDE/whatsoever mime type handling can cope with multiple applications per mime type.
This is correct! Please don't change the current behavior....it's completely right, how wine handles this!
Regards
Signer: Eddy Nigg Company: StartCom Linux at www.startcom.org http://www.startcom.org/ MediaHost^(TM) at www.mediahost.org http://www.mediahost.org/ Skype: startcom callto://startcom/ Phone: +1.213.341.0390
Import StartCom Public CA http://cert.startcom.org/index.php?app=109
Le jeudi 27 octobre 2005 à 17:11 -0600, Vitaliy Margolen a écrit :
Thursday, October 27, 2005, 5:04:05 PM, wino@piments.com wrote:
Thanks for the explaination but that's just my point. That is windows mentality, but this is not windows.
If I install gimp it does not try to reconfigure my system and take over control of any image file types it can handle. That is windows mentality.
I wander what else can you use to open exe files with? And not just open, but run?
mono
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The running of wine programs is not controlled by the mimetype but by a feature of the linux kernel.
In /etc/init.d you might find a init script called wine. This script uses the kernel modules binfmt_misc to tell the linux kernel that when it encounters a file being executed with a special byte in the header to call it with wine. You can disable this by disabling the wine init script. If you do this then you will not be able to type notepad.exe and have it launch wine. You will actually have to type wine notepad and assuming notepad is in your winepath then it will work. Otherwise you'll probably get a file not found error.
Using the binfmt_misc kernel module is 100% optional and is enabled to make things easier for the normal user. If you don't want it, turn it off.
Kevin
Dustin Navea wrote:
I think I mis-worded what I was trying to say.. I believe that the mimetypes have to be updated specifically for the .exe binaries. If you have ever tried to click on an executable when wine is not installed, your GUI shows you the action that it is running the file, but it doesn't do anything (because wine isnt installed, and the gui can't run PE binaries, only aout and elf ones).. So wine has to update the mimetype for exe's, so that when you double click on one, it does the same as opening a console and typing "wine filename.exe"..
Hope that clears up what I was trying to say previously.
Dustin
wino@piments.com wrote:
On Thu, 27 Oct 2005 21:23:48 +0200, Dustin Navea speeddymon@gmail.com wrote:
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what program to load the exe's with... but then again I could be wrong. anyone else?
Dustin
Well that's why the sandbox is there.
I install Wine for one specific user account that has suitably restricted access rights. I do not want wine or wine installer to go outside that brief.
I want wine on this system so that I can use on or two bits of windows software , I DO NOT want it to start thinking it really IS windows and start taking over my computer for me.
That is the fundamental reason why I use Linux and not M$.
On Sat, 29 Oct 2005 01:39:28 +0200, Kevin DeKorte kdekorte@yahoo.com wrote:
/etc/init.d/wine
thanks for pointing that out. I dont have the wine script and it seems we now need to mount the pseudo-fs if we want it.
https://www.redhat.com/archives/fedora-list/2004-August/msg02587.html
In any case I'd rather keep tabs on these things and only have them start explicitly.
Anything even remotely windows related gets very short reign on my Linux box.
As wine gets to be a fuller and fuller functional simulation of windows at some stage we are going to open the door to a whole universe of virus/trogan/worm shyte.
I am not going to wait till that happens to bolt the barn door.
Thanks for the info.
wino@piments.com wrote:
Well that's why the sandbox is there...
You are absolutely right. More and more Linux applications are becoming in this respect indistinguishable from Windows applications: they never even question their "right" to change your system behind your back. In their arrogance, they never even consider that one might want to restrict their ability to change things to that which belongs to a single user.
A very unfortunate trend...
cdr
Le jeu 27/10/2005 à 18:17, cdr a écrit :
wino@piments.com wrote:
Well that's why the sandbox is there...
You are absolutely right. More and more Linux applications are becoming in this respect indistinguishable from Windows applications: they never even question their "right" to change your system behind your back. In their arrogance, they never even consider that one might want to restrict their ability to change things to that which belongs to a single user.
If you install it for a single user, install it _as_ a single user. Without root access, it won't change anything for the rest of the system.
Or check what it does, and don't let it do what you don't like. The source _is_ available, you know.
Vincent
Le jeu 27/10/2005 à 16:37, wino@piments.com a écrit :
On Thu, 27 Oct 2005 21:23:48 +0200, Dustin Navea speeddymon@gmail.com wrote:
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what program to load the exe's with... but then again I could be wrong. anyone else?
Dustin
Well that's why the sandbox is there.
I install Wine for one specific user account that has suitably restricted access rights. I do not want wine or wine installer to go outside that brief.
I want wine on this system so that I can use on or two bits of windows software , I DO NOT want it to start thinking it really IS windows and start taking over my computer for me.
That is the fundamental reason why I use Linux and not M$.
It's most probably the call to "update-desktop-database" in tools/Makefile while doing the make install part.
If using the Gentoo e-package (or whatever the name, I can't be bothered to check the exact name), file a bug to Gentoo and ask them to add UPDATE_DESKTOP_DATABASE=/bin/true to the make install line in the rules. But then you'll need to run it sometime after if you want the connection between .exe and wine to be made.
Is ldconfig replaced while building a package under Gentoo? Because, you know, wine's make install does run ldconfig, and it should change its cache file in /etc...
Side note: you shouldn't need to make install as root if the result goes to a sandbox...
Vincent
Thanks for an informative reply.
Gentoo has just added an ebuild for 0.9 that does not display this issue.
The problem I had was installing from wine-cvs with an ebuild script that had be fine in the past, next time I need cvs I'll add a patch to do what you suggested.
Thanks for your help.
On Fri, 28 Oct 2005 00:30:15 +0200, Vincent Béron vberon@mecano.gme.usherb.ca wrote:
Le jeu 27/10/2005 à 16:37, wino@piments.com a écrit :
On Thu, 27 Oct 2005 21:23:48 +0200, Dustin Navea speeddymon@gmail.com wrote:
I dont see how that is a problem? AFAIK wine has to mod them so that when you double click on an exe in your GUI, the GUI knows what
program
to load the exe's with... but then again I could be wrong. anyone
else?
Dustin
Well that's why the sandbox is there.
I install Wine for one specific user account that has suitably restricted access rights. I do not want wine or wine installer to go outside that brief.
I want wine on this system so that I can use on or two bits of windows software , I DO NOT want it to start thinking it really IS windows and start taking over my computer for me.
That is the fundamental reason why I use Linux and not M$.
It's most probably the call to "update-desktop-database" in tools/Makefile while doing the make install part.
If using the Gentoo e-package (or whatever the name, I can't be bothered to check the exact name), file a bug to Gentoo and ask them to add UPDATE_DESKTOP_DATABASE=/bin/true to the make install line in the rules. But then you'll need to run it sometime after if you want the connection between .exe and wine to be made.
Is ldconfig replaced while building a package under Gentoo? Because, you know, wine's make install does run ldconfig, and it should change its cache file in /etc...
Side note: you shouldn't need to make install as root if the result goes to a sandbox...
Vincent
-
Aneurin Price -
cdr -
Dustin Navea -
Francois Gouget -
Jonathan Ernst -
Kevin DeKorte -
Lionel Ulmer -
Marcus Meissner -
MediaHost (TM) -
peter@piments.com -
Stefan Dösinger -
Vincent Béron -
Vitaliy Margolen -
wino@piments.com