Ensure exec can find config.json

youki-dev · Jan 16, 2022 · 982e257 · 982e257
1 parent c73ba01
commit 982e257
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 8 deletions.
diff --git a/crates/libcontainer/src/container/init_builder.rs b/crates/libcontainer/src/container/init_builder.rs
@@ -106,7 +106,7 @@ impl<'a> InitContainerBuilder<'a> {
         let mut spec = Spec::load(&source_spec_path)?;
         Self::validate_spec(&spec).context("failed to validate runtime spec")?;
 
-        spec.canonicalize_rootfs(&self.bundle)?;
+        spec.canonicalize_rootfs(&self.bundle).context("failed to canonicalize rootfs")?;
         Ok(spec)
     }
 

diff --git a/crates/libcontainer/src/container/tenant_builder.rs b/crates/libcontainer/src/container/tenant_builder.rs
@@ -96,7 +96,7 @@ impl<'a> TenantContainerBuilder<'a> {
             .load_container_state(container_dir.clone())
             .context("failed to load container state")?;
         let mut spec = self
-            .load_init_spec(&container_dir)
+            .load_init_spec(&container)
             .context("failed to load init spec")?;
         self.adapt_spec_for_tenant(&mut spec, &container)
             .context("failed to adapt spec for tenant")?;
@@ -114,7 +114,7 @@ impl<'a> TenantContainerBuilder<'a> {
 
         let use_systemd = self.should_use_systemd(&container);
         let rootless = Rootless::new(&spec)?;
-
+        
         let mut builder_impl = ContainerBuilderImpl {
             init: false,
             syscall: self.base.syscall,
@@ -146,10 +146,13 @@ impl<'a> TenantContainerBuilder<'a> {
         Ok(container_dir)
     }
 
-    fn load_init_spec(&self, container_dir: &Path) -> Result<Spec> {
-        let spec_path = container_dir.join("config.json");
+    fn load_init_spec(&self, container: &Container) -> Result<Spec> {
+        let spec_path = container.bundle().join("config.json");
+
+        let mut spec = Spec::load(&spec_path)
+            .with_context(|| format!("failed to load spec from {:?}", spec_path))?;
 
-        let spec = Spec::load(spec_path).context("failed to load spec")?;
+        spec.canonicalize_rootfs(container.bundle()).context("failed to canonicalize rootfs")?;
         Ok(spec)
     }
 

diff --git a/crates/libcontainer/src/process/container_intermediate_process.rs b/crates/libcontainer/src/process/container_intermediate_process.rs
@@ -46,7 +46,7 @@ pub fn container_intermediate_process(
     if let Some(user_namespace) = namespaces.get(LinuxNamespaceType::User) {
         namespaces
             .unshare_or_setns(user_namespace)
-            .with_context(|| format!("Failed to enter user namespace: {:?}", user_namespace))?;
+            .with_context(|| format!("failed to enter user namespace: {:?}", user_namespace))?;
         if user_namespace.path().is_none() {
             log::debug!("creating new user namespace");
             // child needs to be dumpable, otherwise the non root parent is not
@@ -80,7 +80,7 @@ pub fn container_intermediate_process(
     if let Some(pid_namespace) = namespaces.get(LinuxNamespaceType::Pid) {
         namespaces
             .unshare_or_setns(pid_namespace)
-            .with_context(|| format!("Failed to enter pid namespace: {:?}", pid_namespace))?;
+            .with_context(|| format!("failed to enter pid namespace: {:?}", pid_namespace))?;
     }
 
     // We have to record the pid of the child (container init process), since