exec: expose --preserve-fds#1995
Merged
mrunalp merged 1 commit intoopencontainers:masterfrom Feb 26, 2019
Merged
Conversation
Member
|
Seems reasonable, though I would like an integration test. |
This was referenced Feb 25, 2019
6287951 to
9b01eab
Compare
The implementation is already there, we only need to add the CLI option and pass it down. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
9b01eab to
52f4e0f
Compare
Member
Author
|
tests are passing now |
Member
|
LGTM. |
Contributor
|
LGTM |
Contributor
|
@caniszczyk pull-approve is taking a long time to detect LGTMs. |
thaJeztah
added a commit
to thaJeztah/containerd
that referenced
this pull request
Mar 7, 2019
This includes an improved fix for CVE-2019-5736 to reduce the increased memory-consumption introduced by the original patch, RHEL 7.6 getting into a loop due to a kernel bug in those kernels, and improve compatibility with older kernels. changes included: - opencontainers/runc#1973 Vendor opencontainers/runtime-spec 29686dbc - opencontainers/runc#1978 Remove detection for scope properties, which have always been broken - opencontainers/runc#1963 Vendor in go-criu and use it for CRIU's RPC definition - opencontainers/runc#1995 exec: expose --preserve-fds - opencontainers/runc#2000 fix preserve-fds flag may cause runc hang - opencontainers/runc#1968 Create bind mount mountpoints during restore - opencontainers/runc#1984 nsenter: cloned_binary: "memfd" cleanups Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
added a commit
to thaJeztah/containerd
that referenced
this pull request
Mar 7, 2019
This includes an improved fix for CVE-2019-5736 to reduce the increased memory-consumption introduced by the original patch, RHEL 7.6 getting into a loop due to a kernel bug in those kernels, and improve compatibility with older kernels. changes included: - opencontainers/runc#1973 Vendor opencontainers/runtime-spec 29686dbc - opencontainers/runc#1978 Remove detection for scope properties, which have always been broken - opencontainers/runc#1963 Vendor in go-criu and use it for CRIU's RPC definition - opencontainers/runc#1995 exec: expose --preserve-fds - opencontainers/runc#2000 fix preserve-fds flag may cause runc hang - opencontainers/runc#1968 Create bind mount mountpoints during restore - opencontainers/runc#1984 nsenter: cloned_binary: "memfd" cleanups Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit b8d40b3) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
added a commit
to thaJeztah/containerd
that referenced
this pull request
Mar 7, 2019
This includes an improved fix for CVE-2019-5736 to reduce the increased memory-consumption introduced by the original patch, RHEL 7.6 getting into a loop due to a kernel bug in those kernels, and improve compatibility with older kernels. changes included: - opencontainers/runc#1973 Vendor opencontainers/runtime-spec 29686dbc - opencontainers/runc#1978 Remove detection for scope properties, which have always been broken - opencontainers/runc#1963 Vendor in go-criu and use it for CRIU's RPC definition - opencontainers/runc#1995 exec: expose --preserve-fds - opencontainers/runc#2000 fix preserve-fds flag may cause runc hang - opencontainers/runc#1968 Create bind mount mountpoints during restore - opencontainers/runc#1984 nsenter: cloned_binary: "memfd" cleanups Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit b8d40b3) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
kolyshkin
reviewed
Oct 22, 2020
| runc run -d --console-socket $CONSOLE_SOCKET test_busybox | ||
| [ "$status" -eq 0 ] | ||
|
|
||
| run bash -c "cat hello > preserve-fds.test; exec 3<preserve-fds.test; $RUNC --log /proc/self/fd/2 --root $ROOT exec --preserve-fds=1 test_busybox cat /proc/self/fd/3" |
Contributor
There was a problem hiding this comment.
What I don't understand is why cat hello is not failing. There is no such file named hello.
Member
Author
There was a problem hiding this comment.
I guess the error is just ignored but the file is still created by the shell. I guess it had to be echo but too long ago to remember :)
Contributor
There was a problem hiding this comment.
I mean, yes, cat hello should fail and this is ignored by bash since it does not run with set -e.
What I don't understand is how the check below (that checks that $output contains hello works at all.
Contributor
There was a problem hiding this comment.
@giuseppe pointed out that cat hello produces the message like cat: hello: no such file or directory, and thus the check for hello in the $output succeeds!
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The implementation is already there, we only need to add the CLI
option and pass it down.
Signed-off-by: Giuseppe Scrivano gscrivan@redhat.com