From 340becf542b240f82ffda0fe998da334a3ffbd0b Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 11 Jul 2018 09:38:04 +0200 Subject: rootless: propagate errors from GetRootlessRuntimeDir() Signed-off-by: Giuseppe Scrivano --- libpod/oci.go | 21 ++++++++++++++++++--- libpod/runtime.go | 39 ++++++++++++++++++++++++++++++--------- 2 files changed, 48 insertions(+), 12 deletions(-) (limited to 'libpod') diff --git a/libpod/oci.go b/libpod/oci.go index 612935aed..c0478b3b6 100644 --- a/libpod/oci.go +++ b/libpod/oci.go @@ -180,6 +180,11 @@ func waitPidsStop(pids []int, timeout time.Duration) error { func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (err error) { var stderrBuf bytes.Buffer + runtimeDir, err := GetRootlessRuntimeDir() + if err != nil { + return err + } + parentPipe, childPipe, err := newPipe() if err != nil { return errors.Wrapf(err, "error creating socket pair") @@ -253,7 +258,7 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er // 0, 1 and 2 are stdin, stdout and stderr cmd.Env = append(r.conmonEnv, fmt.Sprintf("_OCI_SYNCPIPE=%d", 3)) cmd.Env = append(cmd.Env, fmt.Sprintf("_OCI_STARTPIPE=%d", 4)) - cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", GetRootlessRuntimeDir())) + cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok { cmd.Env = append(cmd.Env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify)) } @@ -362,11 +367,16 @@ func (r *OCIRuntime) createOCIContainer(ctr *Container, cgroupParent string) (er func (r *OCIRuntime) updateContainerStatus(ctr *Container) error { state := new(spec.State) + runtimeDir, err := GetRootlessRuntimeDir() + if err != nil { + return err + } + // Store old state so we know if we were already stopped oldState := ctr.state.State cmd := exec.Command(r.path, "state", ctr.ID()) - cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", GetRootlessRuntimeDir())) + cmd.Env = append(cmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) out, err := cmd.CombinedOutput() if err != nil { @@ -556,6 +566,11 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty return nil, errors.Wrapf(ErrEmptyID, "must provide a session ID for exec") } + runtimeDir, err := GetRootlessRuntimeDir() + if err != nil { + return nil, err + } + args := []string{} // TODO - should we maintain separate logpaths for exec sessions? @@ -597,7 +612,7 @@ func (r *OCIRuntime) execContainer(c *Container, cmd, capAdd, env []string, tty execCmd.Stdout = os.Stdout execCmd.Stderr = os.Stderr execCmd.Stdin = os.Stdin - execCmd.Env = append(execCmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", GetRootlessRuntimeDir())) + execCmd.Env = append(execCmd.Env, fmt.Sprintf("XDG_RUNTIME_DIR=%s", runtimeDir)) return execCmd, nil } diff --git a/libpod/runtime.go b/libpod/runtime.go index ce64f0d5b..d0cc1eaa5 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -167,7 +167,7 @@ var ( CgroupManager: CgroupfsCgroupsManager, HooksDir: hooks.DefaultDir, StaticDir: filepath.Join(storage.DefaultStoreOptions.GraphRoot, "libpod"), - TmpDir: getDefaultTmpDir(), + TmpDir: "", MaxLogSize: -1, NoPivotRoot: false, CNIConfigDir: "/etc/cni/net.d/", @@ -176,7 +176,7 @@ var ( ) // GetRootlessRuntimeDir returns the runtime directory when running as non root -func GetRootlessRuntimeDir() string { +func GetRootlessRuntimeDir() (string, error) { runtimeDir := os.Getenv("XDG_RUNTIME_DIR") uid := fmt.Sprintf("%d", rootless.GetRootlessUID()) if runtimeDir == "" { @@ -196,18 +196,29 @@ func GetRootlessRuntimeDir() string { } } if runtimeDir == "" { - runtimeDir = filepath.Join(os.Getenv("HOME"), "rundir") + home := os.Getenv("HOME") + if home == "" { + return "", fmt.Errorf("neither XDG_RUNTIME_DIR nor HOME was set non-empty") + } + resolvedHome, err := filepath.EvalSymlinks(home) + if err != nil { + return "", errors.Wrapf(err, "cannot resolve %s", home) + } + runtimeDir = filepath.Join(resolvedHome, "rundir") } - return runtimeDir + return runtimeDir, nil } -func getDefaultTmpDir() string { +func getDefaultTmpDir() (string, error) { if !rootless.IsRootless() { - return "/var/run/libpod" + return "/var/run/libpod", nil } - rootlessRuntimeDir := GetRootlessRuntimeDir() - return filepath.Join(rootlessRuntimeDir, "libpod", "tmp") + rootlessRuntimeDir, err := GetRootlessRuntimeDir() + if err != nil { + return "", err + } + return filepath.Join(rootlessRuntimeDir, "libpod", "tmp"), nil } // NewRuntime creates a new container runtime @@ -217,7 +228,12 @@ func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) { runtime.config = new(RuntimeConfig) // Copy the default configuration + tmpDir, err := getDefaultTmpDir() + if err != nil { + return nil, err + } deepcopier.Copy(defaultRuntimeConfig).To(runtime.config) + runtime.config.TmpDir = tmpDir configPath := ConfigPath foundConfig := true @@ -227,9 +243,14 @@ func NewRuntime(options ...RuntimeOption) (runtime *Runtime, err error) { foundConfig = false } + runtimeDir, err := GetRootlessRuntimeDir() + if err != nil { + return nil, err + } + // containers/image uses XDG_RUNTIME_DIR to locate the auth file. // So make sure the env variable is set. - err = os.Setenv("XDG_RUNTIME_DIR", GetRootlessRuntimeDir()) + err = os.Setenv("XDG_RUNTIME_DIR", runtimeDir) if err != nil { return nil, errors.Wrapf(err, "cannot set XDG_RUNTIME_DIR") } -- cgit v1.2.3-54-g00ecf From 0066374fc3f69bbfd9ed08986115049d9a39b1f8 Mon Sep 17 00:00:00 2001 From: Giuseppe Scrivano Date: Wed, 11 Jul 2018 09:38:31 +0200 Subject: runtime: delete unused function Signed-off-by: Giuseppe Scrivano --- libpod/runtime.go | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'libpod') diff --git a/libpod/runtime.go b/libpod/runtime.go index d0cc1eaa5..a2ebc4de4 100644 --- a/libpod/runtime.go +++ b/libpod/runtime.go @@ -1,7 +1,6 @@ package libpod import ( - "bytes" "fmt" "io/ioutil" "os" @@ -693,18 +692,6 @@ func (r *Runtime) generateName() (string, error) { // The code should never reach here. } -// SaveDefaultConfig saves a copy of the default config at the given path -func SaveDefaultConfig(path string) error { - var w bytes.Buffer - e := toml.NewEncoder(&w) - - if err := e.Encode(&defaultRuntimeConfig); err != nil { - return err - } - - return ioutil.WriteFile(path, w.Bytes(), 0644) -} - // ImageRuntime returns the imageruntime for image resolution func (r *Runtime) ImageRuntime() *image.Runtime { return r.imageRuntime -- cgit v1.2.3-54-g00ecf