New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add self extracting executable #35775
Add self extracting executable #35775
Conversation
else | ||
{ | ||
/// move decompressed file instead of this binary and apply command | ||
char bash[] = "/usr/bin/bash"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But why cannot we run it directly, without bash?
ClickHouse should not require shell interpreter to run.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have to execute two programs: replace current binary with other file (clickhouse.decompressed
) and execute it. I found solution only with bash. I'm open to ideas.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use rename
function?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From man: If newpath already exists, it will be atomically replaced, so that there is no point at which another process attempting to access newpath will find it missing. However, there will probably be a window in which both oldpath and newpath refer to the file being renamed.
On practice it renames successfully, but execve
tries to execute decompressor instead other file, and fails with Text file busy
. But next command to this binary will be successful.
utils/self-extr-exec/compressor.cpp
Outdated
@@ -0,0 +1,352 @@ | |||
#include <cstring> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Btw, compressor can be written in C++ with exceptions, RAII, etc...
Only decompressor is intended to be lightweight.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I made it to make the compressor and decompressor look the same. I can change it, but this version looks good to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok.
@yakov-olkhovskiy one month has passed, I will reassign. |
@alexey-milovidov missed this one doing other projects... can do next week |
… decompressor for compressed file
@yakov-olkhovskiy Did you test it with ClickHouse directly? It would be nice to add it by default to our containers |
@nikitamikhaylov no, I didn't - only tested with some helloworld executable to check arguments and environment transfer |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Before reviewing the code I noticed it's written more in a C-style.
What do you think about rewriting it first in a more C++-style (e.g. replacing new[], delete[] with std::vector)?
EDIT: now I see that a lot of C++ code was removed on purpose.
It would be also nice to forward arguments to a binary when we do decompression and execute it. From quick look into code I don't understand whether we do it or not |
@nikitamikhaylov If I understand you correctly
|
@nikitamikhaylov we do ClickHouse/utils/self-extr-exec/decompressor.cpp Lines 268 to 297 in 12e7770
|
Co-authored-by: Antonio Andelic <antonio2368@users.noreply.github.com>
Co-authored-by: Antonio Andelic <antonio2368@users.noreply.github.com>
@mergify update |
✅ Branch has been successfully updated |
fillCommand(command, argc, argv, length); | ||
|
||
/// replace file and call executable | ||
char * newargv[] = { bash, executable, command, nullptr }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we run it with sh -c
?
Why is shell needed?
It makes everything more complicated, and proper argument forwarding is nearly impossible.
I think ClickHouse should run under chroot with no shell.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as I remember the reason for using sh was that attempt to run just clickhouse gives "text file is busy" error.
And what about chroot here? how it helps?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can workaround the "text file busy" error by renaming the old executable to a temporary file first.
Chroot will not help, it is just a motivation to not use sh
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will try
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexey-milovidov doesn't work either. Algorithm is next:
system("mv " + argv[0] + " " + argv[0] + ".tmp");
system("mv " + argv[0] + ".decompressed " + argv[0]);
system("rm " + argv[0] + ".tmp"); // optional, result is the same without it
execvp(argv[0], argv);
result the same - last execvp gives "Text file busy" error
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@alexey-milovidov BUT replacing mv clickhouse.decompressed clickhouse
by cp clickhouse.decompressed clickhouse
seems to work! :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changelog category (leave one):
Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):
Add self extracting executable #34755