Consolidate XDG_RUNTIME code #1740
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
66d84bc
to
2ae9667
Compare
|
testing the change here: containers/podman#20528 |
|
podman PR passes. Ready to review |
|
LGTM |
pkg/homedir/homedir_unix.go
Outdated
| return rootlessConfigHomeDir, nil | ||
| } | ||
|
|
||
| // GetRuntimeDirUser returns the runtime directory |
There was a problem hiding this comment.
Is there guidance for someone who's using this package as to when they should use the value returned by this function instead of the one they get from GetRuntimeDir()?
There was a problem hiding this comment.
I can specify it, the main difference is that this function tries to guess the value of XDG_RUNTIME_DIR if it is not set
pkg/homedir/homedir_unix.go
Outdated
| rootlessRuntimeDir string | ||
| ) | ||
|
|
||
| // GetRootlessConfigHomeDir returns the config home directory when running as non root |
There was a problem hiding this comment.
Is this supposed to be used as an alternative to GetConfigHome()? When?
There was a problem hiding this comment.
the documentation of GetConfigHome() is very clear on the expectation of that function, and I didn't want to break it. I am not sure what is the best way to proceed.
Are you okay if we add the extra feature of trying to guess the ConfigHomeDir to the existing GetConfigHome() and not add a new function?
pkg/homedir/homedir_unix.go
Outdated
| } | ||
| tmpDir := filepath.Join(resolvedHome, ".config") | ||
| st, err := os.Stat(tmpDir) | ||
| if err == nil && int(st.Sys().(*syscall.Stat_t).Uid) == os.Geteuid() && st.Mode().Perm() >= 0o700 { |
There was a problem hiding this comment.
The >= made my eyes bug out. I understand that FileMode.Perm is only the ugo portion, but even so this just feels too weird. Is this a common Go idiom? If it isn't, would you mind changing it to .Perm() & 0o700 == 0o700?
There was a problem hiding this comment.
that code is coming from containers/podman@f44b05f
This is a good occasion to fix it, I'll use your version
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
2ae9667
to
c7d2bb5
Compare
There was a problem hiding this comment.
I appreciate this is mostly “just” moving code from Podman, but that is an occasion to revisit. Also, I think the introduction or 1/2/3 project boundaries between this subpackage and the original Podman callers mean that the API semantics and contracts must be much better documented, because with the ~stable API of c/storage (and presumably new non-Podman callers?), future maintainers of this subpackage need to now such things and “just see what Podman does” will be much less tenable.
pkg/homedir/homedir_unix.go
Outdated
| rootlessRuntimeDirError = fmt.Errorf("cannot resolve %s: %w", home, err) | ||
| return | ||
| } | ||
| runtimeDir = filepath.Join(resolvedHome, "rundir") |
There was a problem hiding this comment.
$HOME/rundir, do we really want that?
There was a problem hiding this comment.
yeah I think it would make sense to drop this if we "rework" this anyway.
I cannot imagine anyway wanting this fallback. Also podman sort of depends on runroot actually being tmpfs as the data must be gone after a reboot so this seems like a bad default. In all the issues I looked at in podman I never seen a path like this as the logic should already pick a path under /tmp before that I hardly imagine a case were this fails but $HOME would work.
And lastly I hate any program thinking they have the right to directly write into the my $HOME and not using some standard directory.
There was a problem hiding this comment.
Weird things do happen in containers and other restricted environments… and this dates back to 2018 (containers/podman@4086a0f ).
I guess I don’t feel that strongly about this part — it is worth discussing but this function can change its fallback logic without changing its API (unless something records the value to persistent storage, and you hinted elsewhere that might be happening?).
from how I understood it, the goal of this PR is effectively just to move code from Podman to c/storage so that it can be used from other packages. If there are small changes to accommodate other users then fine, but I don't think we need to re-evaluate all we did so far. Currently, I am not even sure why we need this, I am working on it only because there is a Jira card for it. If you think we don't need it, I am fine to close this PR and explain it in the related Jira card. |
With my Skopeo hat on, I don‘t know how I would review a PR to call a function which requires a parameter with an unknown value. Somebody in our GitHub organization must know what the For many of the other comments, quite possibly it’s just the comments that need adjusting. (I think moving the code to c/storage is a bit of a higher burden, because c/storage mostly (entirely?) wants to keep a stable API, so the functions need to be merged roughly in the shape callers will want to use them. We have much less freedom to just adjust the function and all callers, and doing that cross-repo comes with a notably higher cost.)
@vrothberg filed it. Valentin? (My guess is
) |
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
2 times, most recently
from
99e7d57
to
8007023
Compare
I filed the card during/after a meeting where we discussed XDG_ related issues. IIRC after looking at a bug and realizing that the tools don't behave the same and that the code is scattered. The goal of consolidating the code was to have 1 source of truth to make sure that a given bug must only get fixed in one place. |
|
what do you think of the new version? There are no API changes and it doesn't break any functionality on non-linux platforms. The |
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
8007023
to
0d648f1
Compare
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
2 times, most recently
from
a3a48cc
to
358e8f2
Compare
See the non-resolved comments from the earlier review — these functions now return The Jira card asked for warnings, but that’s not a blocker for this PR as such.
I personally can’t LGTM that underdocumented function as it exists today. So splitting that into a separate PR and finding another reviewer would work. Alternatively, that other reviewer could LGTM this PR as a whole as it is — I’m not an expert in the problem space and I’m perfectly fine with leaving this PR to one. |
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
2 times, most recently
from
61e7c0a
to
06acced
Compare
|
|
I think we should just drop Do you want me to do this as part of this PR or can be done later? The issue with |
|
I agree that dropping Ideally, the ordering that makes most sense to me is #1740 (comment) . Priorities change, so I’d prefer not to make things a bit worse now to make them better only later; but I’ll defer to others if that seems unreasonable. |
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
3 times, most recently
from
fb7b787
to
7341607
Compare
this complicates dependencies since now I've also to deal with buildah and c/image. I've made these changes and opened the test PRs. If there are no more objections and the test PRs pass, let's merge as it is becoming kind of difficult to keep rebasing all our repos |
Yeah, and unfortunately the timing coincides with the soon-to-begin vendor dance.
When a problem, during investigation, grows larger than anticipated, my go-to tool is to split it into smaller and more granular PRs, slicing the problem into isolated easier-to-handle chunks. I don’t know how to deal with a PR that grows with the understood problem … or even faster than the understood problem, when issues come up more frequently than resolutions. (Historically, when there was enough business value for the feature, what has happened is that someone else approved and merged that PR. And I realize that included some in-retrospect-critical features. *shrug*) |
copy the version from Podman that checks if the user owns the directory. [NO NEW TESTS NEEDED] moved from Podman Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
copy the version from Podman. [NO NEW TESTS NEEDED] moved from Podman Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
7341607
to
51c2ed2
Compare
| // Everyone but the tests this is intended for should only call DefaultStoreOptions, never this function. | ||
| func defaultStoreOptionsIsolated(rootless bool, rootlessUID int, storageConf string) (StoreOptions, error) { | ||
| func loadStoreOptionsFromConfFile(storageConf string) (StoreOptions, error) { |
There was a problem hiding this comment.
(The idea of …Isolated is that it doesn’t depend on the environment, and it can be fully unit-tested in any environment; in this case, that would probably still mean having userPerUserStorage bool, rootlessUID int parameters; see [1]
… OTOH now that getRootlessStorageOpts effectively can’t be isolated that way any more, and considering that there is only one unit test exercising this, that might be not valuable enough to preserve… )
| storageOpts, err := loadStoreOptionsFromConfFile("./storage_test.conf") | ||
| expectedPath := filepath.Join(os.Getenv("HOME"), fmt.Sprintf("%d", unshare.GetRootlessUID()), "containers/storage") |
There was a problem hiding this comment.
[1] …Isolated had the (rootless, UID) parameters so that this test succeeds in all environments, even when run as root.
That would no longer be the case with these changes, but I also don’t know how much that matters. Maybe an explicit test skip would be enough. (Ideally I’d like the config logic to have good unit test coverage, but that’s clearly not this PR.)
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
f45dd60
to
3737810
Compare
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
3737810
to
b70af11
Compare
|
tests pass both in Podman and Buildah: |
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
b70af11
to
42cc08f
Compare
drop the rootless argument from DefaultStoreOptions and UpdateStoreOptions since this can be retrieved internally through the unshare package. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
giuseppe
force-pushed
the
consolidate-xdg-runtime-code
branch
from
42cc08f
to
b0885df
Compare
|
can we merge now? |
|
@mtrmac PTAL |
|
I’d like the I don’t feel that strongly about that; if anyone else merges this, I won’t object. |
|
/lgtm |
Closes: https://issues.redhat.com/browse/RUN-1169