Skip to content

[1.1] libcontainer: skip chown of /dev/null caused by fd redirection#3731

Merged
AkihiroSuda merged 2 commits intoopencontainers:release-1.1from
kolyshkin:1.1-fix-dev-null
Feb 9, 2023
Merged

[1.1] libcontainer: skip chown of /dev/null caused by fd redirection#3731
AkihiroSuda merged 2 commits intoopencontainers:release-1.1from
kolyshkin:1.1-fix-dev-null

Conversation

@kolyshkin
Copy link
Contributor

@kolyshkin kolyshkin commented Feb 9, 2023

This is a backport of #3707 to release-1.1 branch, fixing #3674.

Clean cherry-pick, no issues.

@kolyshkin kolyshkin added regression backport/1.1-pr A backport PR to release-1.1 labels Feb 9, 2023
@kolyshkin kolyshkin added this to the 1.1.5 milestone Feb 9, 2023
@kolyshkin kolyshkin mentioned this pull request Feb 9, 2023
Merged
Dzejrou and others added 2 commits February 8, 2023 19:49
@Dzejrou @kolyshkin
libcontainer: skip chown of /dev/null caused by fd redirection
fa722c1 
In 18c4760 (libct: fixStdioPermissions: skip chown if not needed)
the check whether the STDIO file descriptors point to /dev/null was
removed which can cause /dev/null to change ownership e.g. when using
docker exec on a running container:

$ ls -l /dev/null
crw-rw-rw- 1 root root 1, 3 Aug 1 14:12 /dev/null
$ docker exec -u test 0ad6d3064e9d ls
$ ls -l /dev/null
crw-rw-rw- 1 test root 1, 3 Aug 1 14:12 /dev/null

Signed-off-by: Jaroslav Jindrak <dzejrou@gmail.com>
(cherry picked from commit 7e5e017)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin
tests/int: test for /dev/null owner regression
9233b3d 
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 1bb6209)
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
@kolyshkin
Copy link
Contributor Author

kolyshkin commented Feb 9, 2023

@cyphar @AkihiroSuda @thaJeztah PTAL

thaJeztah
thaJeztah approved these changes Feb 9, 2023
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@thaJeztah
Copy link
Member

thaJeztah commented Feb 9, 2023

@kolyshkin can this be moved out of draft?

@kolyshkin kolyshkin marked this pull request as ready for review February 9, 2023 09:14
@AkihiroSuda AkihiroSuda merged commit 3775df9 into opencontainers:release-1.1 Feb 9, 2023
@kolyshkin
Copy link
Contributor Author

kolyshkin commented Mar 28, 2023

This is a regression in 1.1.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thaJeztah thaJeztah thaJeztah approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

backport/1.1-pr A backport PR to release-1.1 regression

Projects

None yet

Milestone

1.1.5

Development

Successfully merging this pull request may close these issues.

4 participants

@kolyshkin @thaJeztah @AkihiroSuda @Dzejrou