Ensure that exec errors write exit codes to the DB #7236
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mheon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
|
Um, I just pulled this and I don't see the 126/127 status? Is there still something left to be done? And if there is, would you mind adding this to the system tests, since there are no tests in e2e? diff --git a/test/system/075-exec.bats b/test/system/075-exec.bats
index b2c49510a..dc73ad8ce 100644
--- a/test/system/075-exec.bats
+++ b/test/system/075-exec.bats
@@ -19,8 +19,15 @@ load helpers
run_podman exec $cid sh -c "cat /$rand_filename"
is "$output" "$rand_content" "Can exec and see file in running container"
+ # Specially defined situations: exec a dir, or no such command.
+ # We don't check the full error message because runc & crun differ.
+ run_podman 126 exec $cid /etc
+ is "$output" ".*permission denied" "podman exec /etc"
+ run_podman 127 exec $cid /no/such/command
+ is "$output" ".*such file or dir" "podman exec /no/such/command"
+
+ # Done
run_podman exec $cid rm -f /$rand_filename
-
run_podman wait $cid
is "$output" "0" "output from podman wait (container exit code)"
|
|
Are you running the server with |
|
Are you sure |
mheon
force-pushed
the
write_error_to_inspect
branch
from
95fabbc to
c8c906a
Compare
126 and 127 are specified in podman-run(1): |
|
Ah, you're right. Fixing. |
|
Re: my earlier comment ("duh, not working for me"): PEBKAC. I forgot to restart the server after |
In local Podman, the frontend interprets the error and exit code given by the Exec API to determine the appropriate exit code to set for Podman itself; special cases like a missing executable receive special exit codes. Exec for the remote API, however, has to do this inside Libpod itself, as Libpod will be directly queried (via the Inspect API for exec sessions) to get the exit code. This was done correctly when the exec session started properly, but we did not properly handle cases where the OCI runtime fails before the exec session can properly start. Making two error returns that would otherwise not set exit code actually do so should resolve the issue. Fixes containers#6893 Signed-off-by: Matthew Heon <[email protected]>
mheon
force-pushed
the
write_error_to_inspect
branch
from
c8c906a to
7a64ce3
Compare
|
LGTM |
|
/lgtm Thanks @mheon |
github-actions
bot
added
the
locked - please file new issue/PR
In local Podman, the frontend interprets the error and exit code given by the Exec API to determine the appropriate exit code to set for Podman itself; special cases like a missing executable receive special exit codes.
Exec for the remote API, however, has to do this inside Libpod itself, as Libpod will be directly queried (via the Inspect API for exec sessions) to get the exit code. This was done correctly when the exec session started properly, but we did not properly handle cases where the OCI runtime fails before the exec session can properly start. Making two error returns that would otherwise not set exit code actually do so should resolve the issue.
Fixes #6893