From: "Zac Medico" <zmedico@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/portage:master commit in: lib/portage/
Date: Sat, 24 Feb 2024 20:10:55 +0000 (UTC) [thread overview]
Message-ID: <1708805259.3f4250dc7d32e9915224b1c9c4bc04c2740abcda.zmedico@gentoo> (raw)
commit: 3f4250dc7d32e9915224b1c9c4bc04c2740abcda
Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Fri Feb 23 20:35:04 2024 +0000
Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Sat Feb 24 20:07:39 2024 +0000
URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=3f4250dc
process.spawn: Fix logic for missing libc.unshare on musl
Fix unshare_* variables to be False when the libc is missing,
libc.unshare is missing, or libc.unshare fails.
Also, if socket.sethostname is missing then _exec2 needs
libc for the network-sandbox sethostname call which is wrapped
by a blanket Exception handler.
Fixes: 419cce79f908 ("process._exec: Use _start_fork for os.fork() error handling")
Bug: https://bugs.gentoo.org/925311
Signed-off-by: Zac Medico <zmedico <AT> gentoo.org>
lib/portage/process.py | 213 +++++++++++++++++++++++++------------------------
1 file changed, 110 insertions(+), 103 deletions(-)
diff --git a/lib/portage/process.py b/lib/portage/process.py
index f4758c824c..d16262e75a 100644
--- a/lib/portage/process.py
+++ b/lib/portage/process.py
@@ -956,114 +956,119 @@ def _exec(
signal.signal(signal.SIGQUIT, signal.SIG_DFL)
# Unshare (while still uid==0)
+ have_unshare = False
+ libc = None
if unshare_net or unshare_ipc or unshare_mount or unshare_pid:
filename = find_library("c")
if filename is not None:
libc = LoadLibrary(filename)
if libc is not None:
- # unshare() may not be supported by libc
- if not hasattr(libc, "unshare"):
- unshare_net = False
- unshare_ipc = False
- unshare_mount = False
- unshare_pid = False
- else:
- # Since a failed unshare call could corrupt process
- # state, first validate that the call can succeed.
- # The parent process should call _unshare_validate
- # before it forks, so that all child processes can
- # reuse _unshare_validate results that have been
- # cached by the parent process.
- errno_value = _unshare_validate(unshare_flags)
- if errno_value == 0 and libc.unshare(unshare_flags) != 0:
- errno_value = ctypes.get_errno()
- if errno_value != 0:
- involved_features = []
- if unshare_ipc:
- involved_features.append("ipc-sandbox")
- if unshare_mount:
- involved_features.append("mount-sandbox")
- if unshare_net:
- involved_features.append("network-sandbox")
- if unshare_pid:
- involved_features.append("pid-sandbox")
-
- writemsg(
- 'Unable to unshare: %s (for FEATURES="%s")\n'
- % (
- errno.errorcode.get(errno_value, "?"),
- " ".join(involved_features),
- ),
- noiselevel=-1,
- )
- else:
- if unshare_pid:
- # pid namespace requires us to become init
- binary, myargs = (
- portage._python_interpreter,
- [
- portage._python_interpreter,
- os.path.join(portage._bin_path, "pid-ns-init"),
- _unicode_encode("" if uid is None else str(uid)),
- _unicode_encode("" if gid is None else str(gid)),
- _unicode_encode(
- ""
- if groups is None
- else ",".join(str(group) for group in groups)
- ),
- _unicode_encode(
- "" if umask is None else str(umask)
- ),
- _unicode_encode(
- ",".join(str(fd) for fd in fd_pipes)
- ),
- binary,
- ]
- + myargs,
- )
- uid = None
- gid = None
- groups = None
- umask = None
-
- # Use _start_fork for os.fork() error handling, ensuring
- # that if exec fails then the child process will display
- # a traceback before it exits via os._exit to suppress any
- # finally blocks from parent's call stack (bug 345289).
- main_child_pid = _start_fork(
- _exec2,
- args=(
- binary,
- myargs,
- env,
- gid,
- groups,
- uid,
- umask,
- cwd,
- pre_exec,
- unshare_net,
- unshare_ipc,
- unshare_mount,
- unshare_pid,
- ),
- fd_pipes=None,
- close_fds=False,
- )
-
- # Execute a supervisor process which will forward
- # signals to init and forward exit status to the
- # parent process. The supervisor process runs in
- # the global pid namespace, so skip /proc remount
- # and other setup that's intended only for the
- # init process.
- binary, myargs = portage._python_interpreter, [
- portage._python_interpreter,
- os.path.join(portage._bin_path, "pid-ns-init"),
- str(main_child_pid),
- ]
-
- os.execve(binary, myargs, env)
+ have_unshare = hasattr(libc, "unshare")
+
+ if not have_unshare:
+ # unshare() may not be supported by libc
+ unshare_net = False
+ unshare_ipc = False
+ unshare_mount = False
+ unshare_pid = False
+
+ if unshare_net or unshare_ipc or unshare_mount or unshare_pid:
+ # Since a failed unshare call could corrupt process
+ # state, first validate that the call can succeed.
+ # The parent process should call _unshare_validate
+ # before it forks, so that all child processes can
+ # reuse _unshare_validate results that have been
+ # cached by the parent process.
+ errno_value = _unshare_validate(unshare_flags)
+ if errno_value == 0 and libc.unshare(unshare_flags) != 0:
+ errno_value = ctypes.get_errno()
+ if errno_value != 0:
+ involved_features = []
+ if unshare_ipc:
+ involved_features.append("ipc-sandbox")
+ if unshare_mount:
+ involved_features.append("mount-sandbox")
+ if unshare_net:
+ involved_features.append("network-sandbox")
+ if unshare_pid:
+ involved_features.append("pid-sandbox")
+
+ writemsg(
+ 'Unable to unshare: %s (for FEATURES="%s")\n'
+ % (
+ errno.errorcode.get(errno_value, "?"),
+ " ".join(involved_features),
+ ),
+ noiselevel=-1,
+ )
+
+ unshare_net = False
+ unshare_ipc = False
+ unshare_mount = False
+ unshare_pid = False
+
+ if unshare_pid:
+ # pid namespace requires us to become init
+ binary, myargs = (
+ portage._python_interpreter,
+ [
+ portage._python_interpreter,
+ os.path.join(portage._bin_path, "pid-ns-init"),
+ _unicode_encode("" if uid is None else str(uid)),
+ _unicode_encode("" if gid is None else str(gid)),
+ _unicode_encode(
+ "" if groups is None else ",".join(str(group) for group in groups)
+ ),
+ _unicode_encode("" if umask is None else str(umask)),
+ _unicode_encode(",".join(str(fd) for fd in fd_pipes)),
+ binary,
+ ]
+ + myargs,
+ )
+ uid = None
+ gid = None
+ groups = None
+ umask = None
+
+ # Use _start_fork for os.fork() error handling, ensuring
+ # that if exec fails then the child process will display
+ # a traceback before it exits via os._exit to suppress any
+ # finally blocks from parent's call stack (bug 345289).
+ main_child_pid = _start_fork(
+ _exec2,
+ args=(
+ binary,
+ myargs,
+ env,
+ gid,
+ groups,
+ uid,
+ umask,
+ cwd,
+ pre_exec,
+ unshare_net,
+ unshare_ipc,
+ unshare_mount,
+ unshare_pid,
+ libc,
+ ),
+ fd_pipes=None,
+ close_fds=False,
+ )
+
+ # Execute a supervisor process which will forward
+ # signals to init and forward exit status to the
+ # parent process. The supervisor process runs in
+ # the global pid namespace, so skip /proc remount
+ # and other setup that's intended only for the
+ # init process.
+ binary, myargs = portage._python_interpreter, [
+ portage._python_interpreter,
+ os.path.join(portage._bin_path, "pid-ns-init"),
+ str(main_child_pid),
+ ]
+
+ os.execve(binary, myargs, env)
# Reachable only if unshare_pid is False.
_exec2(
@@ -1080,6 +1085,7 @@ def _exec(
unshare_ipc,
unshare_mount,
unshare_pid,
+ libc,
)
@@ -1097,6 +1103,7 @@ def _exec2(
unshare_ipc,
unshare_mount,
unshare_pid,
+ libc,
):
if unshare_mount:
# mark the whole filesystem as slave to avoid
next reply other threads:[~2024-02-24 20:10 UTC|newest]
Thread overview: 148+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-24 20:10 Zac Medico [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-01-21 21:14 [gentoo-commits] proj/portage:master commit in: lib/portage/ Sam James
2025-01-11 16:01 Mike Gilbert
2025-01-11 16:01 Mike Gilbert
2025-01-01 0:33 Zac Medico
2024-11-02 22:12 Zac Medico
2024-11-02 15:48 Zac Medico
2024-11-02 15:48 Zac Medico
2024-09-09 18:08 Ulrich Müller
2024-09-09 18:08 Ulrich Müller
2024-08-14 15:22 Zac Medico
2024-06-09 17:54 Zac Medico
2024-06-02 18:28 Zac Medico
2024-04-26 22:06 Sam James
2024-04-26 22:06 Sam James
2024-02-28 16:01 Sam James
2024-02-28 15:52 Sam James
2024-02-28 15:49 Sam James
2024-02-25 8:25 Sam James
2024-02-21 2:08 Sam James
2024-02-21 2:08 Sam James
2024-02-12 7:58 Zac Medico
2024-02-11 19:57 Zac Medico
2024-02-10 6:09 Zac Medico
2024-02-10 6:06 Zac Medico
2024-02-09 8:51 Sam James
2024-02-09 7:08 Sam James
2024-02-07 2:35 Zac Medico
2024-02-07 2:35 Zac Medico
2024-02-05 1:03 Zac Medico
2024-02-05 1:03 Zac Medico
2024-01-29 17:49 Zac Medico
2024-01-29 16:09 Zac Medico
2023-12-26 23:15 Zac Medico
2023-11-02 14:58 Zac Medico
2023-10-24 21:26 Zac Medico
2023-10-24 1:48 Zac Medico
2023-10-03 15:07 Zac Medico
2023-10-02 2:10 Zac Medico
2023-09-26 5:53 Zac Medico
2023-09-08 20:36 Sam James
2023-09-08 19:49 Sam James
2023-08-24 18:23 Mike Gilbert
2023-08-02 6:31 Sam James
2023-07-29 3:57 Sam James
2023-06-29 8:22 Sam James
2023-03-21 2:30 Sam James
2023-03-21 2:30 Sam James
2023-03-21 2:30 Sam James
2023-03-21 2:30 Sam James
2023-03-21 2:30 Sam James
2023-03-21 2:30 Sam James
2023-02-27 6:15 Sam James
2023-02-17 1:23 Sam James
2023-01-02 5:25 Sam James
2022-11-02 22:58 Sam James
2022-11-02 22:58 Sam James
2022-09-29 21:37 Sam James
2022-09-29 20:45 Sam James
2022-09-28 23:56 Sam James
2022-09-26 17:52 Zac Medico
2022-09-20 19:45 Sam James
2022-09-20 3:39 Sam James
2022-09-18 18:30 Mike Gilbert
2022-08-01 22:39 Sam James
2022-08-01 17:34 Mike Gilbert
2022-07-19 21:39 Sam James
2022-07-18 18:47 Sam James
2022-07-11 23:02 Sam James
2022-07-10 15:07 Mike Gilbert
2022-07-05 22:56 Sam James
2022-06-05 20:25 Zac Medico
2022-04-11 12:11 Mike Gilbert
2022-04-11 12:11 Mike Gilbert
2022-04-09 4:32 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-04 19:04 Sam James
2022-04-01 20:30 Matt Turner
2022-03-30 23:11 Sam James
2022-03-28 1:10 Sam James
2022-03-27 23:07 Sam James
2022-03-27 23:07 Sam James
2022-03-27 23:07 Sam James
2022-03-27 23:07 Sam James
2022-03-27 23:07 Sam James
2022-03-15 2:52 Matt Turner
2022-02-09 11:13 Sam James
2021-09-20 20:06 Zac Medico
2021-09-20 19:55 Mike Gilbert
2021-09-07 7:04 Michał Górny
2021-09-04 11:53 Michał Górny
2021-05-24 6:08 Zac Medico
2021-05-24 4:55 Zac Medico
2021-03-28 3:33 Zac Medico
2021-03-11 12:32 Zac Medico
2021-03-07 14:03 Zac Medico
2021-03-06 9:18 Zac Medico
2021-03-06 9:05 Zac Medico
2021-03-06 9:05 Zac Medico
2021-03-06 8:20 Zac Medico
2021-03-06 6:16 Zac Medico
2021-02-08 4:55 Zac Medico
2020-09-11 19:02 Zac Medico
2020-08-04 1:39 Zac Medico
2020-08-03 23:28 Zac Medico
2020-08-03 23:28 Zac Medico
2020-08-03 19:30 Zac Medico
2020-08-03 19:30 Zac Medico
2020-08-03 19:30 Zac Medico
2020-08-03 19:30 Zac Medico
2020-06-27 19:46 Zac Medico
2020-06-09 0:58 Zac Medico
2020-05-17 9:37 Michał Górny
2020-05-07 20:35 Zac Medico
2020-04-20 21:16 Mike Gilbert
2020-03-28 18:57 Michał Górny
2020-03-25 19:18 Zac Medico
2020-03-25 7:57 Zac Medico
2020-03-25 7:57 Zac Medico
2020-02-04 6:43 Zac Medico
2020-02-02 9:00 Zac Medico
2019-12-15 23:04 Zac Medico
2019-11-12 22:25 Zac Medico
2019-09-17 2:59 Zac Medico
2019-09-07 6:40 Zac Medico
2019-08-18 22:15 Zac Medico
2019-08-04 18:03 Zac Medico
2019-08-02 20:03 Mike Gilbert
2019-08-01 19:02 Mike Gilbert
2019-05-28 1:49 Zac Medico
2019-04-27 19:20 Zac Medico
2019-02-20 0:58 Zac Medico
2019-02-20 0:58 Zac Medico
2019-02-20 0:58 Zac Medico
2019-02-18 1:01 Zac Medico
2019-02-11 19:46 Zac Medico
2019-01-04 3:49 Zac Medico
2018-12-31 5:27 Zac Medico
2018-12-04 1:35 Zac Medico
2018-11-25 0:03 Zac Medico
2018-11-24 21:34 Zac Medico
2018-08-07 18:36 Zac Medico
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1708805259.3f4250dc7d32e9915224b1c9c4bc04c2740abcda.zmedico@gentoo \
--to=zmedico@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox