Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

There is a problem with the default location used by runsc when the --root flag is not set #6849

Closed
unknowndevQwQ opened this issue Nov 10, 2021 · 3 comments · Fixed by #6901
Closed

There is a problem with the default location used by runsc when the --root flag is not set #6849

unknowndevQwQ opened this issue Nov 10, 2021 · 3 comments · Fixed by #6901
Assignees
@fvoznika
Labels
type: bug Something isn't working

Comments

@unknowndevQwQ
Copy link

unknowndevQwQ commented Nov 10, 2021
edited

Description

The --root flag is not specified by default when running runsc with podman, and the default location in https://github.com/google/gvisor/blob/master/runsc/config/flags.go#L126-L132 is found to be /var/run/runsc, but it actually uses the runsc folder under the relative path (the folder specified by the path of the --bundle flag when checked with sysdig)
This problem still exists in the latest version (20211101)

As a side note, it is now recommended to use /run instead of /var/run

Steps to reproduce

sudo podman --cgroup-manager cgroupfs --runtime runsc --runtime-flag debug --runtime-flag debug-log=/tmp/runsc.log run --rm hello-world; grep RootDir /tmp/runsc.log

output:

I1110 1xxx   47873 main.go:226]              RootDir: runsc
I1110 1xxx   47880 main.go:226]              RootDir: runsc

runsc version

runsc version release-20211011.0

runsc debug logs (if available)

https://fars.ee/C6cG
@unknowndevQwQ unknowndevQwQ added the type: bug Something isn't working label Nov 10, 2021
@unknowndevQwQ unknowndevQwQ mentioned this issue Nov 10, 2021
Closed
@fvoznika
Copy link
Member

Hmm, this can only happen if XDG_RUNTIME_DIR is set. Can you check if env | grep XDG_RUNTIME_DIR is set? Or is Podman setting it before calling the runtime by any chance?

$ ./runsc --debug --alsologtostderr 2>&1 | grep RootDir
I1111 10:21:48.247946  2448312 main.go:226]             RootDir: /var/run/runsc

$ XDG_RUNTIME_DIR="" ./runsc --debug --alsologtostderr 2>&1 | grep RootDir
I1111 10:22:01.988431  2448423 main.go:226]             RootDir: runsc

@fvoznika fvoznika self-assigned this Nov 11, 2021
@unknowndevQwQ unknowndevQwQ mentioned this issue Nov 12, 2021
Closed
@unknowndevQwQ
Copy link
Author

Hmm, this can only happen if XDG_RUNTIME_DIR is set. Can you check if env | grep XDG_RUNTIME_DIR is set? Or is Podman setting it before calling the runtime by any chance?

$ ./runsc --debug --alsologtostderr 2>&1 | grep RootDir
I1111 10:21:48.247946  2448312 main.go:226]             RootDir: /var/run/runsc

$ XDG_RUNTIME_DIR="" ./runsc --debug --alsologtostderr 2>&1 | grep RootDir
I1111 10:22:01.988431  2448423 main.go:226]             RootDir: runsc

XDG_RUNTIME_DIR environment variable with a null value in the environment variable passed to runsc by podman found by frun

/tmp/frun.out: https://fars.ee/q6ii

@ianlewis
Copy link
Contributor

ianlewis commented Nov 30, 2021
edited

I suppose we should ignore it if the value is empty. Currently we use the bool returned by LookupEnv when we probably should just do Getenv and check if it's an empty string.

Containerd checks for empty values for example:
https://github.com/containerd/containerd/search?q=XDG_RUNTIME_DIR

@copybara-service copybara-service bot mentioned this issue Nov 30, 2021
Merged
copybara-service bot pushed a commit that referenced this issue Nov 30, 2021
@ianlewis @gvisor-bot
Handle emtpy values for XDG_RUNTIME_DIR properly.
8af4320 
Fixes #6849

PiperOrigin-RevId: 413053788
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fvoznika fvoznika

Labels
type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Handle empty values for XDG_RUNTIME_DIR properly. google/gvisor
3 participants
@ianlewis @fvoznika @unknowndevQwQ