-
Notifications
You must be signed in to change notification settings - Fork 882
stage1: Ensure ptmx device usable by non-root for all flavours. #3484
Conversation
Can one of the admins verify this patch? |
@Reviewer lucab |
Fix tested with
|
@rktbot ok to test |
Hi @jonboulle, @lucab - I don't have permission to view the Jenkins errors above. Are they real errors, or maybe an infrastructure issue (since F24 fly seems to be working)? |
@jodh-intel looks like a legit failure to me - can you see the console output from one of the runs here? https://jenkins-rkt-public.prod.coreos.systems/job/rkt-github-ci/1757/os_type=fedora-24,stage1_flavor=coreos/consoleFull - I can access that unauthed |
@jodh-intel our Jenkins also has an anonymous endpoint (the first entry in the list), logs for your PR are at https://jenkins-rkt-public.prod.coreos.systems/job/rkt-github-ci/1757/. |
Hi @lucab - I'm having trouble trying to work out why this PR fails under the Jenkins environment. The logs above suggest an |
Not really, but it may actually be a sum of different failures instead of a single issue. Also, jenkins tests are probably run without a controlling terminal while you are probably running it from an interactive terminal. |
a2ce62d
to
e22c5e2
Compare
@lucab - Hi - I think the Jenkins failure might be caused by #3539, but I don't know what the umask is set to in your Jenkins environment to know for sure. Certainly, if I set my umask to Idea Since there are so many stage1 flavours, operating systems and test environments, for debugging issues like this it would be really useful to see full details of the environment before the build/test starts. Jenkins and Semaphore do display some basic details, but not really enough. You could maybe re-purpose |
As discused OOB with @lucab let's bump this one release further for a more thorough review. |
e22c5e2
to
fe9f80c
Compare
/cc @mxinden for a look on the test-infra changes. |
I re-triggered the semaphore as it stalled mid-way. I think I'm fine with the technical changes in here (and thanks for the test!), my only doubt is why we actually have this discrepancies between kvm and systemd-nspawn. Is there something we are doing fundamentally wrong when setting up either one, or something we should tweak in the stage1 environment? @jodh-intel as you did the investigation and fixing of the whole story, do you have some more insights to add? |
@jodh-intel FYI this needs a rebase. |
fe9f80c
to
49d1c61
Compare
@lucab - I could simplify the change so that
Thanks for the notification - branch now rebased. |
49d1c61
to
980c340
Compare
kvm-based stage1 flavours previously used a sym-link from /dev/ptmx to /dev/pts/ptmx. However, the VM-based stage1's /dev/pts/ptmx device has perms 000 meaning that non-root users could not access the device. Determine if /dev/ptmx (or it's link target) is usable by all users and if not recreate the device. Fixes rkt#3252. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Added an extra parameter to runRktAsUidGidAndCheckOutput() to specify whether the expected string provided is a literal or a regular expression. Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
The new test supports the fix for rkt#3252 by making assertions about the pseudoterminal devices. Change required renaming TestPathsStat() to TestProcPathsStat(). Also added helper functions runRktAsGidAndCheckREOutput() and runRktAndCheckREOutput(). Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
980c340
to
79df37d
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
kvm-based stage1 flavours previously used a sym-link from /dev/ptmx to
/dev/pts/ptmx. However, the /dev/pts/ptmx device has perms 000 meaning
that non-root users could not access the device. Creating /dev/ptmx
unconditionally works with all flavours and matches behaviour on current
distributions.
Fixes #3252.
Signed-off-by: James O. D. Hunt james.o.hunt@intel.com