Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Podman Mounts Symlinks as Root #373

Closed
fogti opened this issue Feb 18, 2020 · 3 comments · Fixed by #947
Closed

Podman Mounts Symlinks as Root #373

fogti opened this issue Feb 18, 2020 · 3 comments · Fixed by #947
Assignees
@Alexhuszagh
Labels
bug enhancement

Comments

@fogti
Copy link

fogti commented Feb 18, 2020
edited by Alexhuszagh
Loading

Maintainers Note: The originally title and post contents are below. This has been modified since the current issue is related, but different, as described here.

When using Podman, if we have a symlink to our bind mount, we a permissions error, saying it cannot access the data within the volume. This only happens with paths we do not canonicalize. Here, we create an example with symlinks for our CARGO_HOME and XARGO_HOME. This probably also occurs for other bind mounts.

$ mkdir registry
$ export CARGO_HOME=$(realpath registry)/.cargo
$ export XARGO_HOME=$(realpath registry)/.xargo
$ ln -s ~/.cargo "${CARGO_HOME}"
$ ln -s ~/.xargo "${XARGO_HOME}"
$ git clone https://github.com/cross-rs/rust-cpp-hello-word
$ cd rust-cpp-hello-word
$ cargo build                                           # works
$  cross build --target aarch64-unknown-linux-gnu       # also just works

If we run in Podman, these directories are owned by root, not by the current user.

$ ls -la / | grep argo
drwxrwxr-x.   1 root   root     164 Jul  3 22:57 cargo
drwxrwxr-x.   1 root   root       6 Jun  2 03:36 xargo

Meanwhile, in Docker, they're mounted as the current user, and cross works fine:

ls -la / | grep argo
drwxrwxr-x.   1 1000 1000  164 Jul  3 22:57 cargo
drwxrwxr-x.   1 1000 1000    6 Jun  2 03:36 xargo

cross fails with "failed to create directory - file exists"

Steps to reproduce:

mkdir -p /tmp/.cargo
rm -rf ~/.cargo
ln -sT /tmp/.cargo ~/.cargo
git clone https://github.com/zserik/crulz-rs.git
cd crulz-rs
git checkout 754196bbbc4d99ed6634e83b8e3d2b7571ce7209
cross check --target armv7-unknown-linux-musleabihf

(working directory (should be rather irrelevant) is equivalent to: https://github.com/zserik/crulz-rs/tree/754196bbbc4d99ed6634e83b8e3d2b7571ce7209)

It happens when either $CARGO_HOME, $CARGO_HOME/registry, $CARGO_HOME/registry/cache or $CARGO_HOME/registry/index (or multiple of them) are symlinks.

I tried to run (with the same target):

  • cross check
  • cross clippy
  • cross build
  • cross build --release

I got the following error:

error: failed to create directory `/cargo/registry/cache/github.com-1ecc6299db9ec823`
error: failed to create directory `/cargo/registry/index/github.com-1ecc6299db9ec823`

Caused by:
  File exists (os error 17)
@fogti
Copy link
Author

fogti commented Feb 25, 2020

e.g. there should be an option to specify additional path mappings/mounts for docker.

@Alexhuszagh
Copy link
Contributor

Alexhuszagh commented May 30, 2022
edited
Loading

You can now use [build.env] or [target.(...).env] to specify additional bind mounts for the Docker container, as documented here. You can also use DOCKER_OPTS if absolutely needed to provide raw arguments to Docker, in case the configurations above (which uses the --volume keyword) isn't above. I'll see if I can find a workaround for mounting a cargo install that is a symlink. We might be able to canonicalize it prior to mounting to avoid these issues as well.

@Alexhuszagh
Copy link
Contributor

This doesn't reproduce anymore, but there are other issues: if there isn't various different binaries available, then it will fail. A simple example that works is:

$ mkdir registry
$ export CARGO_HOME=$(realpath registry)/.cargo
$ export XARGO_HOME=$(realpath registry)/.xargo
$ ln -s ~/.cargo "${CARGO_HOME}"
$ ln -s ~/.xargo "${XARGO_HOME}"
$ git clone https://github.com/cross-rs/rust-cpp-hello-word
$ cd rust-cpp-hello-word
$ cargo build                                           # works
$  cross build --target aarch64-unknown-linux-gnu       # also just works

There is, however, an unrelated issue with podman, which has permissions errors. Entering the container using the build command, we can see that they're mounted with root permissions.

$ ls -la / | grep argo
drwxrwxr-x.   1 root   root     164 Jul  3 22:57 cargo
drwxrwxr-x.   1 root   root       6 Jun  2 03:36 xargo

Meanwhile, in Docker, they're mounted as the current user:

ls -la / | grep argo
drwxrwxr-x.   1 1000 1000  164 Jul  3 22:57 cargo
drwxrwxr-x.   1 1000 1000    6 Jun  2 03:36 xargo

@Alexhuszagh Alexhuszagh added the bug label Jul 3, 2022
@Alexhuszagh Alexhuszagh changed the title cross fails with "failed to create directory - file exists" Podman Mounts Symlinks as Root Jul 3, 2022
@Alexhuszagh Alexhuszagh mentioned this issue Jul 14, 2022
Merged
bors bot added a commit that referenced this issue Jul 14, 2022
@bors @Alexhuszagh
Merge #947
a954a40 
947: Resolve symlinks for cargo and xargo home. r=Emilgardis a=Alexhuszagh

Resolve symlinks for the xargo and cargo home (as well as the Nix store) prior to mounting, since they are mounted at a fixed location anyway. This is because podman mounts symlinks as root by default.

Closes #373.
Doesn't interfere with #920 and #942, although #942 might need work to ensure non-canonical paths are mounted with normal permissions.

Co-authored-by: Alex Huszagh <ahuszagh@gmail.com>
@bors bors bot closed this as completed in 77252cc Jul 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Alexhuszagh Alexhuszagh

Labels
bug enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Resolve symlinks for cargo and xargo home. Alexhuszagh/cross
2 participants
@fogti @Alexhuszagh