From e6673012b5da79714a83e7d99ff0a23c8f401cb9 Mon Sep 17 00:00:00 2001
From: baude <bbaude@redhat.com>
Date: Wed, 14 Aug 2019 09:29:47 -0500
Subject: do not activate sd_notify support when varlink

add ability to not activate sd_notify when running under varlink as it
causes deadlocks and hangs.

Fixes: #3572

Signed-off-by: baude <bbaude@redhat.com>
---
 libpod/oci.go                |  2 ++
 libpod/oci_internal_linux.go | 12 ++++++++----
 libpod/options.go            |  9 +++++++++
 libpod/runtime.go            |  4 ++++
 4 files changed, 23 insertions(+), 4 deletions(-)

(limited to 'libpod')

diff --git a/libpod/oci.go b/libpod/oci.go
index 2eb004b84..4ba3114e3 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -60,6 +60,7 @@ type OCIRuntime struct {
 	noPivot       bool
 	reservePorts  bool
 	supportsJSON  bool
+	sdNotify      bool
 }
 
 // ociError is used to parse the OCI runtime JSON log.  It is not part of the
@@ -87,6 +88,7 @@ func newOCIRuntime(name string, paths []string, conmonPath string, runtimeCfg *R
 	runtime.logSizeMax = runtimeCfg.MaxLogSize
 	runtime.noPivot = runtimeCfg.NoPivotRoot
 	runtime.reservePorts = runtimeCfg.EnablePortReservation
+	runtime.sdNotify = runtimeCfg.SDNotify
 
 	// TODO: probe OCI runtime for feature and enable automatically if
 	// available.
diff --git a/libpod/oci_internal_linux.go b/libpod/oci_internal_linux.go
index e2c73f5ed..6e4ee2cf2 100644
--- a/libpod/oci_internal_linux.go
+++ b/libpod/oci_internal_linux.go
@@ -247,10 +247,14 @@ func (r *OCIRuntime) configureConmonEnv(runtimeDir string) ([]string, []*os.File
 	if notify, ok := os.LookupEnv("NOTIFY_SOCKET"); ok {
 		env = append(env, fmt.Sprintf("NOTIFY_SOCKET=%s", notify))
 	}
-	if listenfds, ok := os.LookupEnv("LISTEN_FDS"); ok {
-		env = append(env, fmt.Sprintf("LISTEN_FDS=%s", listenfds), "LISTEN_PID=1")
-		fds := activation.Files(false)
-		extraFiles = append(extraFiles, fds...)
+	if !r.sdNotify {
+		if listenfds, ok := os.LookupEnv("LISTEN_FDS"); ok {
+			env = append(env, fmt.Sprintf("LISTEN_FDS=%s", listenfds), "LISTEN_PID=1")
+			fds := activation.Files(false)
+			extraFiles = append(extraFiles, fds...)
+		}
+	} else {
+		logrus.Debug("disabling SD notify")
 	}
 	return env, extraFiles, nil
 }
diff --git a/libpod/options.go b/libpod/options.go
index 7fbd0016a..1e7877dac 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -482,6 +482,15 @@ func WithEventsLogger(logger string) RuntimeOption {
 	}
 }
 
+// WithEnableSDNotify sets a runtime option so we know whether to disable socket/FD
+// listening
+func WithEnableSDNotify() RuntimeOption {
+	return func(rt *Runtime) error {
+		rt.config.SDNotify = true
+		return nil
+	}
+}
+
 // Container Creation Options
 
 // WithShmDir sets the directory that should be mounted on /dev/shm.
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 8a4eee081..2fa8dd424 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -252,6 +252,10 @@ type RuntimeConfig struct {
 	EventsLogFilePath string `toml:"-events_logfile_path"`
 	//DetachKeys is the sequence of keys used to detach a container
 	DetachKeys string `toml:"detach_keys"`
+
+	// SDNotify tells Libpod to allow containers to notify the host
+	// systemd of readiness using the SD_NOTIFY mechanism
+	SDNotify bool
 }
 
 // runtimeConfiguredFrom is a struct used during early runtime init to help
-- 
cgit v1.2.3-54-g00ecf