Add support to sig-proxy for podman-remote

Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
containers · Sep 5, 2022 · a23ae36 · a23ae36
1 parent 098c071
commit a23ae36
Show file tree

Hide file tree

Showing 6 changed files with 101 additions and 5 deletions.
diff --git a/pkg/domain/infra/abi/terminal/sigproxy_commn.go b/pkg/domain/infra/abi/terminal/sigproxy_commn.go
@@ -15,17 +15,13 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
-// Make sure the signal buffer is sufficiently big.
-// runc is using the same value.
-const signalBufferSize = 2048
-
 // ProxySignals ...
 func ProxySignals(ctr *libpod.Container) {
 	// Stop catching the shutdown signals (SIGINT, SIGTERM) - they're going
 	// to the container now.
 	shutdown.Stop() //nolint: errcheck
 
-	sigBuffer := make(chan os.Signal, signalBufferSize)
+	sigBuffer := make(chan os.Signal, SignalBufferSize)
 	signal.CatchAll(sigBuffer)
 
 	logrus.Debugf("Enabling signal proxying")

diff --git a/pkg/domain/infra/abi/terminal/terminal.go b/pkg/domain/infra/abi/terminal/terminal.go
@@ -12,6 +12,10 @@ import (
 	"github.com/sirupsen/logrus"
 )
 
+// Make sure the signal buffer is sufficiently big.
+// runc is using the same value.
+const SignalBufferSize = 2048
+
 // RawTtyFormatter ...
 type RawTtyFormatter struct {
 }

diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
@@ -825,6 +825,13 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
 	}
 
 	// Attach
+	if opts.SigProxy {
+		RemoteProxySignals(con.ID, func(signal string) error {
+			killOpts := entities.KillOptions{All: false, Latest: false, Signal: signal}
+			_, err := ic.ContainerKill(ctx, []string{con.ID}, killOpts)
+			return err
+		})
+	}
 	if err := startAndAttach(ic, con.ID, &opts.DetachKeys, opts.InputStream, opts.OutputStream, opts.ErrorStream); err != nil {
 		if err == define.ErrDetach {
 			return &report, nil

diff --git a/pkg/domain/infra/tunnel/runtime.go b/pkg/domain/infra/tunnel/runtime.go
@@ -2,6 +2,13 @@ package tunnel
 
 import (
 	"context"
+	"os"
+	"syscall"
+
+	"github.com/containers/podman/v4/libpod/define"
+	"github.com/containers/podman/v4/pkg/domain/infra/abi/terminal"
+	"github.com/containers/podman/v4/pkg/signal"
+	"github.com/sirupsen/logrus"
 )
 
 // Image-related runtime using an ssh-tunnel to utilize Podman service
@@ -18,3 +25,27 @@ type ContainerEngine struct {
 type SystemEngine struct {
 	ClientCtx context.Context
 }
+
+// RemoteProxySignals enables sig-proxy in remote mode.
+func RemoteProxySignals(ctrID string, killFunc func(string) error) {
+	sigBuffer := make(chan os.Signal, terminal.SignalBufferSize)
+	signal.CatchAll(sigBuffer)
+
+	logrus.Debugf("Enabling signal proxying")
+
+	go func() {
+		for s := range sigBuffer {
+			signalName, err := signal.ParseSysSignalToName(s.(syscall.Signal))
+			if err != nil {
+				logrus.Infof("Ceasing signal forwarding to container %s as it has stopped", ctrID)
+			}
+			if err := killFunc(signalName); err != nil {
+				if err.Error() == define.ErrCtrStateInvalid.Error() {
+					logrus.Infof("Ceasing signal forwarding to container %s as it has stopped", ctrID)
+				} else {
+					logrus.Errorf("forwarding signal %d to container %s: %v", s, ctrID, err)
+				}
+			}
+		}
+	}()
+}
diff --git a/pkg/signal/signal_common.go b/pkg/signal/signal_common.go
@@ -56,3 +56,12 @@ func StopCatch(sigc chan os.Signal) {
 	signal.Stop(sigc)
 	close(sigc)
 }
+
+func ParseSysSignalToName(s syscall.Signal) (string, error) {
+	for k, v := range SignalMap {
+		if v == s {
+			return k, nil
+		}
+	}
+	return "", fmt.Errorf("invalid syscall signal: %s", s)
+}
diff --git a/pkg/signal/signal_common_test.go b/pkg/signal/signal_common_test.go
@@ -118,3 +118,52 @@ func TestParseSignalNameOrNumber(t *testing.T) {
 		})
 	}
 }
+
+func TestParseSysSignalToName(t *testing.T) {
+	type args struct {
+		signal syscall.Signal
+	}
+	tests := []struct {
+		name    string
+		args    args
+		want    string
+		wantErr bool
+	}{
+		{
+			name: "Kill should work",
+			args: args{
+				signal: syscall.SIGKILL,
+			},
+			want:    "KILL",
+			wantErr: false,
+		},
+		{
+			name: "Non-defined signal number should not work",
+			args: args{
+				signal: 923,
+			},
+			want:    "",
+			wantErr: true,
+		},
+		{
+			name: "garbage should fail",
+			args: args{
+				signal: -1,
+			},
+			want:    "",
+			wantErr: true,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got, err := ParseSysSignalToName(tt.args.signal)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("ParseSysSignalToName() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if got != tt.want {
+				t.Errorf("ParseSysSignalToName() got = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}