Skip to content

Commit ae9f207

Browse files
xibzxibz
committed
Fixes bug with fifo files
This commit addresses an issue with the fifo paths specified in the machine config not being relative to the jailer's root path. This change fixes this by making the path relative and running chown on those fifo files Signed-off-by: xibz <[email protected]>
1 parent afedbc7 commit ae9f207

File tree

1 file changed

+22
-4
lines changed

1 file changed

+22
-4
lines changed

runtime/runc_jailer.go

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -245,17 +245,23 @@ func (j *runcJailer) BuildLinkFifoHandler() firecracker.Handler {
245245
contentsPath := j.RootPath()
246246
fifoFileName := filepath.Base(m.Cfg.LogFifo)
247247
newFifoPath := filepath.Join(contentsPath, fifoFileName)
248-
if err := os.Link(m.Cfg.LogFifo, newFifoPath); err != nil {
248+
// Since Firecracker is unaware that we are in a jailed environment and
249+
// what owner/group to set this as when creating, we will manually have
250+
// to adjust the permission bits ourselves
251+
if err := linkAndChown(m.Cfg.LogFifo, newFifoPath, j.Config.UID, j.Config.GID); err != nil {
249252
return err
250253
}
251-
m.Cfg.LogFifo = newFifoPath
254+
// this path needs to be relative to the root path, and since we are
255+
// placing the file in the root path the LogFifo value should just be the
256+
// file name.
257+
m.Cfg.LogFifo = fifoFileName
252258

253259
metricFifoFileName := filepath.Base(m.Cfg.MetricsFifo)
254260
newMetricFifoPath := filepath.Join(contentsPath, metricFifoFileName)
255-
if err := os.Link(m.Cfg.MetricsFifo, newMetricFifoPath); err != nil {
261+
if err := linkAndChown(m.Cfg.MetricsFifo, newMetricFifoPath, j.Config.UID, j.Config.GID); err != nil {
256262
return err
257263
}
258-
m.Cfg.MetricsFifo = newMetricFifoPath
264+
m.Cfg.MetricsFifo = metricFifoFileName
259265

260266
return nil
261267
},
@@ -493,6 +499,18 @@ func mkdirAllWithPermissions(path string, mode os.FileMode, uid, gid uint32) err
493499
return nil
494500
}
495501

502+
func linkAndChown(src, dst string, uid, gid uint32) error {
503+
if err := os.Link(src, dst); err != nil {
504+
return err
505+
}
506+
507+
if err := os.Chown(dst, int(uid), int(gid)); err != nil {
508+
return err
509+
}
510+
511+
return nil
512+
}
513+
496514
func getNetNS(spec specs.Spec) string {
497515
for _, ns := range spec.Linux.Namespaces {
498516
if ns.Type == networkNamespaceRuncName {

0 commit comments

Comments
 (0)