Skip to content

Commit bb788d7

Browse files
authored
Merge pull request #412 from xibz/fifo_fix
Fixes bug with fifo files
2 parents afedbc7 + ae9f207 commit bb788d7

File tree

1 file changed

+22
-4
lines changed

1 file changed

+22
-4
lines changed

runtime/runc_jailer.go

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -245,17 +245,23 @@ func (j *runcJailer) BuildLinkFifoHandler() firecracker.Handler {
245245
contentsPath := j.RootPath()
246246
fifoFileName := filepath.Base(m.Cfg.LogFifo)
247247
newFifoPath := filepath.Join(contentsPath, fifoFileName)
248-
if err := os.Link(m.Cfg.LogFifo, newFifoPath); err != nil {
248+
// Since Firecracker is unaware that we are in a jailed environment and
249+
// what owner/group to set this as when creating, we will manually have
250+
// to adjust the permission bits ourselves
251+
if err := linkAndChown(m.Cfg.LogFifo, newFifoPath, j.Config.UID, j.Config.GID); err != nil {
249252
return err
250253
}
251-
m.Cfg.LogFifo = newFifoPath
254+
// this path needs to be relative to the root path, and since we are
255+
// placing the file in the root path the LogFifo value should just be the
256+
// file name.
257+
m.Cfg.LogFifo = fifoFileName
252258

253259
metricFifoFileName := filepath.Base(m.Cfg.MetricsFifo)
254260
newMetricFifoPath := filepath.Join(contentsPath, metricFifoFileName)
255-
if err := os.Link(m.Cfg.MetricsFifo, newMetricFifoPath); err != nil {
261+
if err := linkAndChown(m.Cfg.MetricsFifo, newMetricFifoPath, j.Config.UID, j.Config.GID); err != nil {
256262
return err
257263
}
258-
m.Cfg.MetricsFifo = newMetricFifoPath
264+
m.Cfg.MetricsFifo = metricFifoFileName
259265

260266
return nil
261267
},
@@ -493,6 +499,18 @@ func mkdirAllWithPermissions(path string, mode os.FileMode, uid, gid uint32) err
493499
return nil
494500
}
495501

502+
func linkAndChown(src, dst string, uid, gid uint32) error {
503+
if err := os.Link(src, dst); err != nil {
504+
return err
505+
}
506+
507+
if err := os.Chown(dst, int(uid), int(gid)); err != nil {
508+
return err
509+
}
510+
511+
return nil
512+
}
513+
496514
func getNetNS(spec specs.Spec) string {
497515
for _, ns := range spec.Linux.Namespaces {
498516
if ns.Type == networkNamespaceRuncName {

0 commit comments

Comments
 (0)