diff options
| author | Peter Hunt <pehunt@redhat.com> | 2019-09-16 12:37:16 -0400 |
|---|---|---|
| committer | Peter Hunt <pehunt@redhat.com> | 2019-09-16 15:27:00 -0400 |
| commit | 5f97721afc1a1167ec3981bc3caac9be4fdae2ae (patch) | |
| tree | ef0e834dc81b3e6ce994c8bcd3c066fc119ad104 /libpod/oci_linux.go | |
| parent | 1f5514ea551b12041346763a951bbe4a2f5fc3c3 (diff) | |
| download | podman-5f97721afc1a1167ec3981bc3caac9be4fdae2ae.tar.gz podman-5f97721afc1a1167ec3981bc3caac9be4fdae2ae.tar.bz2 podman-5f97721afc1a1167ec3981bc3caac9be4fdae2ae.zip | |
exec: fix --preserve-fds
There were two problems with preserve fds.
libpod didn't open the fds before passing _OCI*PIPE to conmon. This caused libpod to talk on the preserved fds, rather than the pipes, with conmon talking on the pipes. This caused a hang.
Libpod also didn't convert an int to string correctly, so it would further fail.
Fix these and add a unit test to make sure we don't regress in the future
Note: this test will not pass on crun until crun supports --preserve-fds
Signed-off-by: Peter Hunt <pehunt@redhat.com>
Diffstat (limited to 'libpod/oci_linux.go')
| -rw-r--r-- | libpod/oci_linux.go | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/libpod/oci_linux.go b/libpod/oci_linux.go index 091b6d155..9ec074704 100644 --- a/libpod/oci_linux.go +++ b/libpod/oci_linux.go @@ -8,6 +8,7 @@ import ( "os/exec" "path/filepath" "runtime" + "strconv" "strings" "syscall" "time" @@ -199,7 +200,7 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty args := r.sharedConmonArgs(c, sessionID, c.execBundlePath(sessionID), c.execPidPath(sessionID), c.execLogPath(sessionID), c.execExitFileDir(sessionID), ociLog) if preserveFDs > 0 { - args = append(args, formatRuntimeOpts("--preserve-fds", string(preserveFDs))...) + args = append(args, formatRuntimeOpts("--preserve-fds", strconv.Itoa(preserveFDs))...) } for _, capability := range capAdd { @@ -236,6 +237,12 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty return -1, nil, err } + if preserveFDs > 0 { + for fd := 3; fd < 3+preserveFDs; fd++ { + execCmd.ExtraFiles = append(execCmd.ExtraFiles, os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd))) + } + } + // we don't want to step on users fds they asked to preserve // Since 0-2 are used for stdio, start the fds we pass in at preserveFDs+3 execCmd.Env = append(r.conmonEnv, fmt.Sprintf("_OCI_SYNCPIPE=%d", preserveFDs+3), fmt.Sprintf("_OCI_STARTPIPE=%d", preserveFDs+4), fmt.Sprintf("_OCI_ATTACHPIPE=%d", preserveFDs+5)) @@ -248,12 +255,6 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty Setpgid: true, } - if preserveFDs > 0 { - for fd := 3; fd < 3+preserveFDs; fd++ { - execCmd.ExtraFiles = append(execCmd.ExtraFiles, os.NewFile(uintptr(fd), fmt.Sprintf("fd-%d", fd))) - } - } - err = startCommandGivenSelinux(execCmd) // We don't need children pipes on the parent side |