Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chroot rootfs path usage fix #2237

Closed
wants to merge 3 commits into from
Closed

Chroot rootfs path usage fix #2237

wants to merge 3 commits into from

Conversation

Zyqsempai
Copy link
Contributor

Fixes: #2214

In order to avoid misunderstanding, it's better to use path parameter in chroot() func.

Signed-off-by: Boris Popovschi zyqsempai@mail.ru

@Zyqsempai
Copy link
Contributor Author

@cyphar PTAL

@Zyqsempai
Chroot rootfs path usage fix
d9b1831 
Signed-off-by: Boris Popovschi <zyqsempai@mail.ru>
AkihiroSuda
AkihiroSuda reviewed Mar 4, 2020
View reviewed changes
libcontainer/rootfs_linux.go Outdated
@@ -867,7 +867,7 @@ func msMoveRoot(rootfs string) error {
}

func chroot(rootfs string) error {
if err := unix.Chroot("."); err != nil {
if err := unix.Chroot(rootfs); err != nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs validation?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should error out if rootfs != "." ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@AkihiroSuda Do you mean something like this?(check last commit)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if filepath.Clean(rootfs) != os.Getwd(){ return errors.New(..) }? (Make sure to test it, ideally in CI)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

os.Getwd() returns absolute wd path, on other hand rootfs path here can be relative and we will get error even if they are point at same dir.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if filepath.Abs(rootfs) != os.Getwd(){ return errors.New(..) }. The argument of Chroot() should remain ".".

@Zyqsempai
empty rootfs path check
05050a6 
Signed-off-by: Boris Popovschi <zyqsempai@mail.ru>
@Zyqsempai
rootfs path check
29b1f04 
Signed-off-by: Boris Popovschi <zyqsempai@mail.ru>
AkihiroSuda
AkihiroSuda requested changes Mar 22, 2020
View reviewed changes
Copy link
Member

@AkihiroSuda AkihiroSuda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As commented above, Chroot(".") should be kept as-is.

@kolyshkin
Copy link
Contributor

so, should we close this one?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AkihiroSuda AkihiroSuda AkihiroSuda requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

chroot() function appears to ignore its parameter
3 participants
@Zyqsempai @kolyshkin @AkihiroSuda