Skip to content

Commit

Permalink
Ensure that exec errors write exit codes to the DB
Browse files Browse the repository at this point in the history
In local Podman, the frontend interprets the error and exit code
given by the Exec API to determine the appropriate exit code to
set for Podman itself; special cases like a missing executable
receive special exit codes.

Exec for the remote API, however, has to do this inside Libpod
itself, as Libpod will be directly queried (via the Inspect API
for exec sessions) to get the exit code. This was done correctly
when the exec session started properly, but we did not properly
handle cases where the OCI runtime fails before the exec session
can properly start. Making two error returns that would otherwise
not set exit code actually do so should resolve the issue.

Fixes containers#6893

Signed-off-by: Matthew Heon <[email protected]>
  • Loading branch information
mheon authored and vrothberg committed Aug 11, 2020
1 parent d9c86fd commit 729e0aa
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 0 deletions.
14 changes: 14 additions & 0 deletions libpod/container_exec.go
Original file line number Diff line number Diff line change
Expand Up @@ -415,6 +415,13 @@ func (c *Container) ExecHTTPStartAndAttach(sessionID string, httpCon net.Conn, h

execOpts, err := prepareForExec(c, session)
if err != nil {
session.State = define.ExecStateStopped
session.ExitCode = define.ExecErrorCodeGeneric

if err := c.save(); err != nil {
logrus.Errorf("Error saving container %s exec session %s after failure to prepare: %v", err, c.ID(), session.ID())
}

return err
}

Expand All @@ -427,6 +434,13 @@ func (c *Container) ExecHTTPStartAndAttach(sessionID string, httpCon net.Conn, h

pid, attachChan, err := c.ociRuntime.ExecContainerHTTP(c, session.ID(), execOpts, httpCon, httpBuf, streams, cancel)
if err != nil {
session.State = define.ExecStateStopped
session.ExitCode = define.TranslateExecErrorToExitCode(define.ExecErrorCodeGeneric, err)

if err := c.save(); err != nil {
logrus.Errorf("Error saving container %s exec session %s after failure to start: %v", err, c.ID(), session.ID())
}

return err
}

Expand Down
9 changes: 9 additions & 0 deletions test/system/075-exec.bats
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,15 @@ load helpers
run_podman exec $cid sh -c "cat /$rand_filename"
is "$output" "$rand_content" "Can exec and see file in running container"


# Specially defined situations: exec a dir, or no such command.
# We don't check the full error message because runc & crun differ.
run_podman 126 exec $cid /etc
is "$output" ".*permission denied" "podman exec /etc"
run_podman 127 exec $cid /no/such/command
is "$output" ".*such file or dir" "podman exec /no/such/command"

# Done
run_podman exec $cid rm -f /$rand_filename

run_podman wait $cid
Expand Down

0 comments on commit 729e0aa

Please sign in to comment.