fix: Use dropbear 'multi' build and allow overwriting scp in containe…

…rs (#2667)

changes/2667.fix.md

@@ -0,0 +1 @@
+Allow sudo-enabled container users to ovewrite `/usr/bin/scp` and `/usr/libexec/sftp-server` by unifying the intrinsic ssh binaries to use the merged `dropbearmulti` executable.

scripts/agent/build-dropbear.sh

@@ -35,17 +35,17 @@ autoconf && autoheader
 sed -i 's/\(DEFAULT_RECV_WINDOW\) [0-9][0-9]*/\1 2097152/' src/default_options.h
 sed -i 's/\(RECV_MAX_PAYLOAD_LEN\) [0-9][0-9]*/\1 2621440/' src/default_options.h
 sed -i 's/\(TRANS_MAX_PAYLOAD_LEN\) [0-9][0-9]*/\1 2621440/' src/default_options.h
+sed -i 's/\(TRANS_MAX_PAYLOAD_LEN\) [0-9][0-9]*/\1 2621440/' src/default_options.h
+sed -i 's/\(SFTPSERVER_PATH\) "[^"]\+"/\1 "\/opt\/kernel\/sftp-server"/' src/default_options.h
 sed -i 's/\(MAX_CMD_LEN\) [0-9][0-9]*/\1 20000/' src/sysoptions.h
 sed -i '/channel->transwindow -= len;/s/^/\/\//' src/common-channel.c
 sed -i 's/DEFAULT_PATH/getenv("PATH")/' src/svr-chansession.c
 
 # Disable clearing environment variables for new pty sessions and remote commands
 sed -i 's%/\* *#define \+DEBUG_VALGRIND *\*/%#define DEBUG_VALGRIND%' src/debug.h
 
-make -j$(nproc)
-cp dropbear        ../dropbear.$X_ARCH.bin
-cp dropbearkey     ../dropbearkey.$X_ARCH.bin
-cp dropbearconvert ../dropbearconvert.$X_ARCH.bin
+make -j$(nproc) PROGRAMS='dropbear dropbearkey dropbearconvert scp' MULTI=1 SCPPROGRESS=1
+cp dropbearmulti ../dropbearmulti.$X_ARCH.bin
 make clean
 EOF
 )
@@ -68,9 +68,7 @@ docker run --rm -it \
   dropbear-builder \
   /workspace/build.sh
 
-cp $temp_dir/dropbear.*.bin        $SCRIPT_DIR/../../src/ai/backend/runner
-cp $temp_dir/dropbearkey.*.bin     $SCRIPT_DIR/../../src/ai/backend/runner
-cp $temp_dir/dropbearconvert.*.bin $SCRIPT_DIR/../../src/ai/backend/runner
+cp $temp_dir/dropbearmulti.*.bin        $SCRIPT_DIR/../../src/ai/backend/runner
 ls -lh src/ai/backend/runner
 
 rm -rf "$temp_dir"

scripts/agent/build-sftpserver.sh

@@ -29,9 +29,8 @@ autoreconf
 
 sed -i 's/^# \?define SFTP_MAX_MSG_LENGTH[ \t]*.*/#define SFTP_MAX_MSG_LENGTH 5242880/g' sftp-common.h
 
-make -j$(nproc) sftp-server scp
+make -j$(nproc) sftp-server
 cp sftp-server /workspace/sftp-server.$X_ARCH.bin
-cp scp /workspace/scp.$X_ARCH.bin
 EOF
 )
 
@@ -53,7 +52,6 @@ docker run --rm -it \
     /workspace/build.sh
 
 cp $temp_dir/sftp-server.*.bin $SCRIPT_DIR/../../src/ai/backend/runner
-cp $temp_dir/scp.*.bin $SCRIPT_DIR/../../src/ai/backend/runner
 ls -lh src/ai/backend/runner
 
 cd $SCRIPT_DIR/..

src/ai/backend/agent/agent.py

@@ -448,11 +448,8 @@ def mount_static_binary(filename: str, target_path: str) -> None:
 
         mount_static_binary(f"su-exec.{arch}.bin", "/opt/kernel/su-exec")
         mount_versioned_binary(f"libbaihook.*.{arch}.so", "/opt/kernel/libbaihook.so")
-        mount_static_binary(f"sftp-server.{arch}.bin", "/usr/libexec/sftp-server")
-        mount_static_binary(f"scp.{arch}.bin", "/usr/bin/scp")
-        mount_static_binary(f"dropbear.{arch}.bin", "/opt/kernel/dropbear")
-        mount_static_binary(f"dropbearconvert.{arch}.bin", "/opt/kernel/dropbearconvert")
-        mount_static_binary(f"dropbearkey.{arch}.bin", "/opt/kernel/dropbearkey")
+        mount_static_binary(f"dropbearmulti.{arch}.bin", "/opt/kernel/dropbearmulti")
+        mount_static_binary(f"sftp-server.{arch}.bin", "/opt/kernel/sftp-server")
         mount_static_binary(f"tmux.{arch}.bin", "/opt/kernel/tmux")
 
         jail_path: Optional[Path]

src/ai/backend/kernel/intrinsic.py

@@ -21,7 +21,8 @@ async def init_sshd_service(child_env):
         auth_path.parent.chmod(0o700)
         proc = await asyncio.create_subprocess_exec(
             *[
-                "/opt/kernel/dropbearkey",
+                "/opt/kernel/dropbearmulti",
+                "dropbearkey",
                 "-t",
                 "rsa",
                 "-s",
@@ -43,7 +44,8 @@ async def init_sshd_service(child_env):
         # Make the generated private key downloadable by users.
         proc = await asyncio.create_subprocess_exec(
             *[
-                "/opt/kernel/dropbearconvert",
+                "/opt/kernel/dropbearmulti",
+                "dropbearconvert",
                 "dropbear",
                 "openssh",
                 "/tmp/dropbear/id_dropbear",
@@ -66,7 +68,8 @@ async def init_sshd_service(child_env):
             log.warning("could not set the permission for /home/work/.ssh")
     proc = await asyncio.create_subprocess_exec(
         *[
-            "/opt/kernel/dropbearkey",
+            "/opt/kernel/dropbearmulti",
+            "dropbearkey",
             "-t",
             "rsa",
             "-s",
@@ -126,7 +129,8 @@ async def init_sshd_service(child_env):
 
 async def prepare_sshd_service(service_info):
     cmdargs = [
-        "/opt/kernel/dropbear",
+        "/opt/kernel/dropbearmulti",
+        "dropbear",
         "-r",
         "/tmp/dropbear/dropbear_rsa_host_key",
         "-E",  # show logs in stderr

src/ai/backend/runner/entrypoint.sh

@@ -16,6 +16,11 @@ fi
 #       Therefore, we must AVOID any filesystem operation applied RECURSIVELY to /home/work,
 #       to prevent indefinite "hangs" during a container startup.
 
+# Symlink the scp binary
+if [ ! -f "/usr/bin/scp" ]; then
+  ln -s /opt/kernel/dropbearmulti /usr/bin/scp
+fi
+
 if [ $USER_ID -eq 0 ]; then
 
   echo "WARNING: Running the user codes as root is not recommended."