Skip to content

Commit

Permalink
Merge pull request #3554 from kolyshkin/1.1-fix-dev-pts
Browse files Browse the repository at this point in the history
[1.1] Fix failed exec after systemctl daemon-reload (regression in 1.1.3)
  • Loading branch information
AkihiroSuda authored Aug 18, 2022
2 parents 1c6dc76 + 204c673 commit 46a5a84
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 7 deletions.
16 changes: 9 additions & 7 deletions libcontainer/cgroups/systemd/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -288,14 +288,16 @@ func generateDeviceProperties(r *configs.Resources) ([]systemdDbus.Property, err
case devices.CharDevice:
entry.Path = fmt.Sprintf("/dev/char/%d:%d", rule.Major, rule.Minor)
}
// systemd will issue a warning if the path we give here doesn't exist.
// Since all of this logic is best-effort anyway (we manually set these
// rules separately to systemd) we can safely skip entries that don't
// have a corresponding path.
if _, err := os.Stat(entry.Path); err != nil {
logrus.Debugf("skipping device %s for systemd: %s", entry.Path, err)
continue
}
}
// systemd will issue a warning if the path we give here doesn't exist.
// Since all of this logic is best-effort anyway (we manually set these
// rules separately to systemd) we can safely skip entries that don't
// have a corresponding path.
if _, err := os.Stat(entry.Path); err == nil {
deviceAllowList = append(deviceAllowList, entry)
}
deviceAllowList = append(deviceAllowList, entry)
}

properties = append(properties, newProp("DeviceAllow", deviceAllowList))
Expand Down
16 changes: 16 additions & 0 deletions tests/integration/dev.bats
Original file line number Diff line number Diff line change
Expand Up @@ -128,3 +128,19 @@ function teardown() {
runc exec test_allow_block sh -c 'fdisk -l '"$device"''
[ "$status" -eq 0 ]
}

# https://github.com/opencontainers/runc/issues/3551
@test "runc exec vs systemctl daemon-reload" {
requires systemd root

runc run -d --console-socket "$CONSOLE_SOCKET" test_exec
[ "$status" -eq 0 ]

runc exec -t test_exec sh -c "ls -l /proc/self/fd/0; echo 123"
[ "$status" -eq 0 ]

systemctl daemon-reload

runc exec -t test_exec sh -c "ls -l /proc/self/fd/0; echo 123"
[ "$status" -eq 0 ]
}

0 comments on commit 46a5a84

Please sign in to comment.