From a1247bc0bb6f9880e9848e085245da147c5c85f9 Mon Sep 17 00:00:00 2001 From: Manabu Sugimoto Date: Thu, 10 Jun 2021 16:58:51 +0900 Subject: [PATCH] agent: Conform to the latest nix version (0.21.0) We need to fix some agent's code to conform to the latest nix crate to be able to use new features of the nix. Fixes: #1987 Signed-off-by: Manabu Sugimoto --- src/agent/Cargo.lock | 43 +++++++++++++++++------------ src/agent/Cargo.toml | 2 +- src/agent/rustjail/Cargo.toml | 2 +- src/agent/rustjail/src/container.rs | 7 ++--- src/agent/src/console.rs | 5 ++-- 5 files changed, 34 insertions(+), 25 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 0824a2973..63a806d2d 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -518,7 +518,7 @@ dependencies = [ "logging", "netlink-packet-utils 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "netlink-sys 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)", - "nix 0.17.0", + "nix 0.21.0", "oci", "opentelemetry", "procfs", @@ -552,9 +552,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.94" +version = "0.2.96" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18794a8ad5b29321f790b55d93dfba91e125cb1a9edbd4f8e3150acc771c1a5e" +checksum = "5600b4e6efc5421841a2138a6b082e07fe12f9aaa12783d50e5d13325b26b4fc" [[package]] name = "libflate" @@ -620,6 +620,15 @@ version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b16bd47d9e329435e309c58469fe0791c2d0d1ba96ec0954152a5ae2b04387dc" +[[package]] +name = "memoffset" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59accc507f1338036a0477ef61afdae33cde60840f4dfe481319ce3ad116ddf9" +dependencies = [ + "autocfg", +] + [[package]] name = "miniz_oxide" version = "0.4.4" @@ -755,19 +764,6 @@ dependencies = [ "void", ] -[[package]] -name = "nix" -version = "0.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50e4785f2c3b7589a0d0c1dd60285e1188adac4006e8abd6dd578e1567027363" -dependencies = [ - "bitflags", - "cc", - "cfg-if 0.1.10", - "libc", - "void", -] - [[package]] name = "nix" version = "0.19.1" @@ -792,6 +788,19 @@ dependencies = [ "libc", ] +[[package]] +name = "nix" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c3728fec49d363a50a8828a190b379a446cc5cf085c06259bbbeb34447e4ec7" +dependencies = [ + "bitflags", + "cc", + "cfg-if 1.0.0", + "libc", + "memoffset", +] + [[package]] name = "ntapi" version = "0.3.6" @@ -1273,7 +1282,7 @@ dependencies = [ "inotify", "lazy_static", "libc", - "nix 0.17.0", + "nix 0.21.0", "oci", "path-absolutize", "protobuf", diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index e5e6e8dec..170034660 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -13,7 +13,7 @@ lazy_static = "1.3.0" ttrpc = { version = "0.5.0", features = ["async", "protobuf-codec"], default-features = false } protobuf = "=2.14.0" libc = "0.2.58" -nix = "0.17.0" +nix = "0.21.0" capctl = "0.2.0" serde_json = "1.0.39" scan_fmt = "0.2.3" diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 5b66b043a..e350b2f06 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -11,7 +11,7 @@ serde_derive = "1.0.91" oci = { path = "../oci" } protocols = { path ="../protocols" } caps = "0.5.0" -nix = "0.17.0" +nix = "0.21.0" scopeguard = "1.0.0" capctl = "0.2.0" lazy_static = "1.3.0" diff --git a/src/agent/rustjail/src/container.rs b/src/agent/rustjail/src/container.rs index 2c3c23d4d..fd2da708a 100644 --- a/src/agent/rustjail/src/container.rs +++ b/src/agent/rustjail/src/container.rs @@ -8,7 +8,7 @@ use libc::pid_t; use oci::{ContainerState, LinuxDevice, LinuxIdMapping}; use oci::{Hook, Linux, LinuxNamespace, LinuxResources, Spec}; use std::clone::Clone; -use std::ffi::{CStr, CString}; +use std::ffi::CString; use std::fmt::Display; use std::fs; use std::os::unix::io::RawFd; @@ -346,7 +346,7 @@ fn do_init_child(cwfd: RawFd) -> Result<()> { Err(_e) => sched::unshare(CloneFlags::CLONE_NEWPID)?, } - match fork() { + match unsafe { fork() } { Ok(ForkResult::Parent { child, .. }) => { log_child!( cfd_log, @@ -1079,9 +1079,8 @@ fn do_exec(args: &[String]) -> ! { .iter() .map(|s| CString::new(s.to_string()).unwrap_or_default()) .collect(); - let a: Vec<&CStr> = sa.iter().map(|s| s.as_c_str()).collect(); - let _ = unistd::execvp(p.as_c_str(), a.as_slice()).map_err(|e| match e { + let _ = unistd::execvp(p.as_c_str(), &sa).map_err(|e| match e { nix::Error::Sys(errno) => { std::process::exit(errno as i32); } diff --git a/src/agent/src/console.rs b/src/agent/src/console.rs index 97aa95d4e..a8a9d0f82 100644 --- a/src/agent/src/console.rs +++ b/src/agent/src/console.rs @@ -145,9 +145,10 @@ fn run_in_child(slave_fd: libc::c_int, shell: String) -> Result<()> { } let cmd = CString::new(shell).unwrap(); + let args: Vec = Vec::new(); // run shell - let _ = unistd::execvp(cmd.as_c_str(), &[]).map_err(|e| match e { + let _ = unistd::execvp(cmd.as_c_str(), &args).map_err(|e| match e { nix::Error::Sys(errno) => { std::process::exit(errno as i32); } @@ -205,7 +206,7 @@ async fn run_debug_console_vsock( let slave_fd = pseudo.slave; - match fork() { + match unsafe { fork() } { Ok(ForkResult::Child) => run_in_child(slave_fd, shell), Ok(ForkResult::Parent { child: child_pid }) => { run_in_parent(logger.clone(), stream, pseudo, child_pid).await