Skip to content

Update cap-std-ext to 5.1.2, use new CmdFds API#2143

Merged
cgwalters merged 1 commit intobootc-dev:mainfrom
cgwalters:update-cap-std
Apr 16, 2026
Merged

Update cap-std-ext to 5.1.2, use new CmdFds API#2143
cgwalters merged 1 commit intobootc-dev:mainfrom
cgwalters:update-cap-std

Conversation

@cgwalters
Copy link
Copy Markdown
Collaborator

@cgwalters cgwalters commented Apr 14, 2026

This is a safer API, but this is specifically prep for using varlink.

Assisted-by: OpenCode (Claude Opus 4)

@cgwalters
Update cap-std-ext to 5.1.2, use new CmdFds API
a5656ae 
This is a safer API, but this is specifically prep
for using varlink.

Assisted-by: OpenCode (Claude Opus 4)
Signed-off-by: Colin Walters <walters@verbum.org>
@github-actions github-actions Bot added the area/ostree Issues related to ostree label Apr 14, 2026
@bootc-bot bootc-bot Bot requested a review from ckyrouac April 14, 2026 19:58
gemini-code-assist[bot]
gemini-code-assist Bot reviewed Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the cap-std-ext dependency to version 5.1.2 and refactors file descriptor management across several modules to use the new CmdFds API. The changes in podstorage.rs, skopeo.rs, and write.rs replace direct calls to take_fd_n on Command with the use of a CmdFds collector. A potential issue was identified in podstorage.rs where using a raw file descriptor for the registry authentication file could lead to collisions with other fixed file descriptors like STORAGE_RUN_FD.

Comment thread crates/lib/src/podstorage.rs
Comment on lines 158 to 160
let target_fd = fd.as_fd().as_raw_fd();
cmd.take_fd_n(fd, target_fd);
fds.take_fd_n(fd, target_fd);
cmd.env("REGISTRY_AUTH_FILE", format!("/proc/self/fd/{target_fd}"));
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Using the parent process's raw file descriptor as the target FD in the child is fragile and risks collisions with other FDs being passed, such as STORAGE_RUN_FD (which is fixed at 3). If target_fd happens to be 3, CmdFds will detect a conflict. It is safer to use a fixed, distinct FD number for the registry authentication file.

Suggested change
let target_fd = fd.as_fd().as_raw_fd();
cmd.take_fd_n(fd, target_fd);
fds.take_fd_n(fd, target_fd);
cmd.env("REGISTRY_AUTH_FILE", format!("/proc/self/fd/{target_fd}"));
let target_fd = 4; // Use a fixed FD to avoid potential collisions with STORAGE_RUN_FD (3)
fds.take_fd_n(fd, target_fd);
cmd.env("REGISTRY_AUTH_FILE", format!("/proc/self/fd/{target_fd}"));

@cgwalters cgwalters merged commit 37d3389 into bootc-dev:main Apr 16, 2026
60 of 66 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmarrero jmarrero jmarrero approved these changes

@ckyrouac ckyrouac Awaiting requested review from ckyrouac

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

area/ostree Issues related to ostree

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cgwalters @jmarrero