Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gcplogs: forcibly set HOME on static UNIX binary #29478

Merged
merged 1 commit into from
Dec 29, 2016
Merged

gcplogs: forcibly set HOME on static UNIX binary #29478

merged 1 commit into from
Dec 29, 2016

Conversation

AkihiroSuda
Copy link
Member

@AkihiroSuda AkihiroSuda commented Dec 16, 2016
edited
Loading

- What I did
Fix #29344

The PR consists of 3 commits, but the first and the second one are dupe of #29475 for vendoring golang/oauth2@96382aa .
Please review the latest commit in this PR. (I will rebase this PR when #29475 is merged)
EDIT: rebased

- How I did it

If HOME is not set, the gcplogs logging driver will call os/user.Current() via oauth2/google.
However, in static binary, os/user.Current() leads to segfault due to a glibc issue that won't be fixed
in a short term. (golang/go#13470, https://sourceware.org/bugzilla/show_bug.cgi?id=19341)

So this PR forcibly sets HOME so as to avoid call to os/user/Current().

- How to verify it

  • Build the static daemon binary (make binary)
  • Start the daemon without HOME (typically, just starting the daemon via systemd is enough)
  • Make sure the daemon prints a warning log: level=warning msg="gcplogs requires HOME to be set for static daemon binary. Forcibly setting HOME to /root."
  • Do docker run --rm --log-driver=gcplogs busybox echo hello many times and make sure all of them succeeds without SEGV

- Description for the changelog

gcplogs: forcibly set HOME on static UNIX binary

- A picture of a cute animal (not mandatory but encouraged)

image

@AkihiroSuda AkihiroSuda mentioned this pull request Dec 16, 2016
Merged
@AkihiroSuda
Copy link
Member Author

windowsRS1 failing because go-autogen.ps1 does not add IAmStatic

00:08:18.526 # github.com/docker/docker/daemon/logger/gcplogs
00:08:18.527 daemon\logger\gcplogs\gcplogging.go:126: undefined: dockerversion.IAmStatic

I'll fix later

@thaJeztah
Copy link
Member

Is this something to integrate into https://github.com/docker/docker/blob/master/pkg/homedir/homedir.go, or better kept separate?

@AkihiroSuda
Copy link
Member Author

@thaJeztah
Ah, I didn't notice the homedir pkg.
I'm ok to move the function to the homedir pkg, but it will be a separate function.

Existing homedir.Get():

  • calls os/user.Current()
  • Should work with non-file database (e.g. LDAP)

The function I'll add to homedir (I could not come up with a good function name.. Maybe GetStatic?)

  • directly read /etc/passwd
  • Should not work with LDAP

@AkihiroSuda AkihiroSuda mentioned this pull request Dec 16, 2016
Closed
@ehazlett ehazlett added the status/failing-ci Indicates that the PR in its current state fails the test suite label Dec 19, 2016
justincormack
justincormack reviewed Dec 23, 2016
View reviewed changes
daemon/logger/gcplogs/gcplogging.go
// However, in static binary, os/user.Current() leads to segfault due to a glibc issue that won't be fixed
// in a short term. (golang/go#13470, https://sourceware.org/bugzilla/show_bug.cgi?id=19341)
// So we forcibly set HOME so as to avoid call to os/user/Current()
if dockerversion.IAmStatic == "true" && runtime.GOOS != "windows" && os.Getenv("HOME") == "" {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This only really needs to be runtime.GOOS == "linux" as it is a glibc bug...

justincormack
justincormack reviewed Dec 23, 2016
View reviewed changes
pkg/idtools/idtools_windows.go
// LookupCurrentHome returns the home directory for the current user.
// The current implementation for UNIX does not call os/user.Current(), because a call to os/user.Current()
// in a static binary leads to segfault due to a glibc issue that won't be fixed in a short term.
// (#29344, golang/go#13470, https://sourceware.org/bugzilla/show_bug.cgi?id=19341)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do not need this comment on Windows

@justincormack
Copy link
Contributor

Windows CI out of disk space.

@justincormack
Copy link
Contributor

@AkihiroSuda ok windows running again but the test failure is real:

12:17:01 # github.com/docker/docker/daemon/logger/gcplogs
12:17:01 daemon\logger\gcplogs\gcplogging.go:126: undefined: dockerversion.IAmStatic

@AkihiroSuda AkihiroSuda removed the status/failing-ci Indicates that the PR in its current state fails the test suite label Dec 26, 2016
@AkihiroSuda
Copy link
Member Author

@thaJeztah @justincormack
Updated PR and now CI green

thaJeztah
thaJeztah reviewed Dec 27, 2016
View reviewed changes
pkg/homedir/homedir_linux.go
// system, because a call to os/user.Current() in a static binary leads to
// segfault due to a glibc issue that won't be fixed in a short term.
// (#29344, golang/go#13470, https://sourceware.org/bugzilla/show_bug.cgi?id=19341)
func GetStatic() (string, error) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wondering; should we have a dummy GetStatic() in non-linux files? What's the general approach in this situation?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since the issue is specific to glibc's TLS handling, I think we do not need dummies for non-linux files, but I can add them if needed.

(I'm not sure this is an issue for non-Linux glibc-based systems. e.g. Debian GNU/kFreeBSD(?) 😅 )

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It was more that GetStatic() is an exported function, so I was wondering if it's common practice to have an exported function only available on some platforms/architectures.

Change itself looks good to me

@cpuguy83
Copy link
Member

Needs a rebase.

@justincormack
Copy link
Contributor

It needs the first two commits removing as #29475 is merged

@AkihiroSuda
gcplogs: forcibly set HOME on static UNIX binary
b86e3be 
Fix moby#29344

If HOME is not set, the gcplogs logging driver will call os/user.Current() via oauth2/google.
However, in static binary, os/user.Current() leads to segfault due to a glibc issue that won't be fixed
in a short term. (golang/go#13470, https://sourceware.org/bugzilla/show_bug.cgi?id=19341)
So we forcibly set HOME so as to avoid call to os/user/Current().

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
@AkihiroSuda
Copy link
Member Author

@thaJeztah @cpuguy83 @justincormack Rebased and added dummy pkg/homedir/homedir_others.go

thaJeztah
thaJeztah approved these changes Dec 29, 2016
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@thaJeztah thaJeztah merged commit f635cf0 into moby:master Dec 29, 2016
@GordonTheTurtle GordonTheTurtle added this to the 1.14.0 milestone Dec 29, 2016
@clnperez clnperez mentioned this pull request Jan 10, 2017
Closed
6 tasks
@yongtang yongtang mentioned this pull request Aug 30, 2017
Closed
@yongtang yongtang mentioned this pull request Aug 30, 2017
Merged
@AkihiroSuda AkihiroSuda mentioned this pull request Dec 1, 2017
Merged
@stevvooe
Copy link
Contributor

stevvooe commented Dec 1, 2017

At this point, the bug doesn't seem to exist anymore. What are the plans to back out this code?

@AkihiroSuda
Copy link
Member Author

@stevvooe

How was this fixed?
The status of https://sourceware.org/bugzilla/show_bug.cgi?id=19341 is still SUSPENDED.

@stevvooe
Copy link
Contributor

stevvooe commented Dec 1, 2017

Impossible to tell. I guess not, as I was able to reproduce.

Why do we continue to use broken glibc? What a constant piece of junk...

AkihiroSuda added a commit to AkihiroSuda/ttrpc that referenced this pull request Dec 1, 2017
@AkihiroSuda
unixcreds: use euid instead of uid
a841b83 
This commit also eliminates call for `os/user.Current()`,
which segfaults when glibc is statically linkedin.
(moby/moby#29478)

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
@AkihiroSuda AkihiroSuda mentioned this pull request Dec 1, 2017
Merged
This was referenced Dec 31, 2022
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justincormack justincormack justincormack approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

Assignees
No one assigned
Labels
impact/changelog status/2-code-review
Projects
None yet
Milestone
17.04.0
Development

Successfully merging this pull request may close these issues.

gcplogs logging driver segfaults (static binary only)
7 participants
@AkihiroSuda @thaJeztah @justincormack @cpuguy83 @stevvooe @ehazlett @GordonTheTurtle