I am creating an app with Python which I am going to execute it in gramine when I run the command gramine-sgx ./python app.py I get error: /usr/bin/python3.8: can't open file 'app.py': [Errno 13] Permission denied
and my python.manifest.template is:
loader.entrypoint = "file:{{ gramine.libos }}"
libos.entrypoint = "{{ entrypoint }}"
loader.log_level = "{{ log_level }}"
loader.env.LD_LIBRARY_PATH = "{{ python.stdlib }}/lib:/lib:{{ arch_libdir }}:/usr/lib:/usr/{{ arch_libdir }}"
loader.insecure__use_cmdline_argv = true
sys.enable_sigterm_injection = true
fs.mounts = [
{ path = "/lib", uri = "file:{{ gramine.runtimedir() }}" },
{ path = "{{ arch_libdir }}", uri = "file:{{ arch_libdir }}" },
{ path = "/usr", uri = "file:/usr" },
{ path = "{{ python.stdlib }}", uri = "file:{{ python.stdlib }}" },
{ path = "{{ python.distlib }}", uri = "file:{{ python.distlib }}" },
{ path = "/etc", uri = "file:/etc" },
{ type = "tmpfs", path = "/tmp" },
]
sys.stack.size = "2M"
sys.enable_extra_runtime_domain_names_conf = true
sgx.debug = true
sgx.nonpie_binary = true
sgx.enclave_size = "512M"
sgx.thread_num = 32
sgx.remote_attestation = "{{ ra_type }}"
sgx.ra_client_spid = "{{ ra_client_spid }}"
sgx.ra_client_linkable = {{ 'true' if ra_client_linkable == '1' else 'false' }}
sgx.trusted_files = [
"file:{{ gramine.libos }}",
"file:{{ entrypoint }}",
"file:{{ gramine.runtimedir() }}/",
"file:{{ arch_libdir }}/",
"file:/usr/{{ arch_libdir }}/",
"file:{{ python.stdlib }}/",
"file:{{ python.distlib }}/",
"file:app.py",
"file:/etc/mime.types",
"file:/etc/default/apport",
]
sgx.allowed_files = [
"file:/etc/nsswitch.conf",
"file:/etc/ethers",
"file:/etc/hosts",
"file:/etc/group",
"file:/etc/passwd",
"file:/etc/gai.conf",
"file:/etc/host.conf",
]
I have no idea why this error occurs. I have installed Python on my system, besides, I can run samples of gramine which are written in Python using make SGX=1 for building them.
