From a1247bc0bb6f9880e9848e085245da147c5c85f9 Mon Sep 17 00:00:00 2001 From: Manabu Sugimoto Date: Thu, 10 Jun 2021 16:58:51 +0900 Subject: [PATCH] agent: Conform to the latest nix version (0.21.0) We need to fix some agent's code to conform to the latest nix crate to be able to use new features of the nix. Fixes: #1987 Signed-off-by: Manabu Sugimoto --- src/agent/Cargo.lock | 43 +++++++++++++++++------------ src/agent/Cargo.toml | 2 +- src/agent/rustjail/Cargo.toml | 2 +- src/agent/rustjail/src/container.rs | 7 ++--- src/agent/src/console.rs | 5 ++-- 5 files changed, 34 insertions(+), 25 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 0824a29738..63a806d2de 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -518,7 +518,7 @@ dependencies = [ "logging", "netlink-packet-utils 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)", "netlink-sys 0.6.0 (registry+https://github.com/rust-lang/crates.io-index)", - "nix 0.17.0", + "nix 0.21.0", "oci", "opentelemetry", "procfs", @@ -552,9 +552,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.94" +version = "0.2.96" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18794a8ad5b29321f790b55d93dfba91e125cb1a9edbd4f8e3150acc771c1a5e" +checksum = "5600b4e6efc5421841a2138a6b082e07fe12f9aaa12783d50e5d13325b26b4fc" [[package]] name = "libflate" @@ -620,6 +620,15 @@ version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b16bd47d9e329435e309c58469fe0791c2d0d1ba96ec0954152a5ae2b04387dc" +[[package]] +name = "memoffset" +version = "0.6.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59accc507f1338036a0477ef61afdae33cde60840f4dfe481319ce3ad116ddf9" +dependencies = [ + "autocfg", +] + [[package]] name = "miniz_oxide" version = "0.4.4" @@ -755,19 +764,6 @@ dependencies = [ "void", ] -[[package]] -name = "nix" -version = "0.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50e4785f2c3b7589a0d0c1dd60285e1188adac4006e8abd6dd578e1567027363" -dependencies = [ - "bitflags", - "cc", - "cfg-if 0.1.10", - "libc", - "void", -] - [[package]] name = "nix" version = "0.19.1" @@ -792,6 +788,19 @@ dependencies = [ "libc", ] +[[package]] +name = "nix" +version = "0.21.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c3728fec49d363a50a8828a190b379a446cc5cf085c06259bbbeb34447e4ec7" +dependencies = [ + "bitflags", + "cc", + "cfg-if 1.0.0", + "libc", + "memoffset", +] + [[package]] name = "ntapi" version = "0.3.6" @@ -1273,7 +1282,7 @@ dependencies = [ "inotify", "lazy_static", "libc", - "nix 0.17.0", + "nix 0.21.0", "oci", "path-absolutize", "protobuf", diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index e5e6e8decd..1700346602 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -13,7 +13,7 @@ lazy_static = "1.3.0" ttrpc = { version = "0.5.0", features = ["async", "protobuf-codec"], default-features = false } protobuf = "=2.14.0" libc = "0.2.58" -nix = "0.17.0" +nix = "0.21.0" capctl = "0.2.0" serde_json = "1.0.39" scan_fmt = "0.2.3" diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 5b66b043a8..e350b2f069 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -11,7 +11,7 @@ serde_derive = "1.0.91" oci = { path = "../oci" } protocols = { path ="../protocols" } caps = "0.5.0" -nix = "0.17.0" +nix = "0.21.0" scopeguard = "1.0.0" capctl = "0.2.0" lazy_static = "1.3.0" diff --git a/src/agent/rustjail/src/container.rs b/src/agent/rustjail/src/container.rs index 2c3c23d4d8..fd2da708a9 100644 --- a/src/agent/rustjail/src/container.rs +++ b/src/agent/rustjail/src/container.rs @@ -8,7 +8,7 @@ use libc::pid_t; use oci::{ContainerState, LinuxDevice, LinuxIdMapping}; use oci::{Hook, Linux, LinuxNamespace, LinuxResources, Spec}; use std::clone::Clone; -use std::ffi::{CStr, CString}; +use std::ffi::CString; use std::fmt::Display; use std::fs; use std::os::unix::io::RawFd; @@ -346,7 +346,7 @@ fn do_init_child(cwfd: RawFd) -> Result<()> { Err(_e) => sched::unshare(CloneFlags::CLONE_NEWPID)?, } - match fork() { + match unsafe { fork() } { Ok(ForkResult::Parent { child, .. }) => { log_child!( cfd_log, @@ -1079,9 +1079,8 @@ fn do_exec(args: &[String]) -> ! { .iter() .map(|s| CString::new(s.to_string()).unwrap_or_default()) .collect(); - let a: Vec<&CStr> = sa.iter().map(|s| s.as_c_str()).collect(); - let _ = unistd::execvp(p.as_c_str(), a.as_slice()).map_err(|e| match e { + let _ = unistd::execvp(p.as_c_str(), &sa).map_err(|e| match e { nix::Error::Sys(errno) => { std::process::exit(errno as i32); } diff --git a/src/agent/src/console.rs b/src/agent/src/console.rs index 97aa95d4e2..a8a9d0f82c 100644 --- a/src/agent/src/console.rs +++ b/src/agent/src/console.rs @@ -145,9 +145,10 @@ fn run_in_child(slave_fd: libc::c_int, shell: String) -> Result<()> { } let cmd = CString::new(shell).unwrap(); + let args: Vec = Vec::new(); // run shell - let _ = unistd::execvp(cmd.as_c_str(), &[]).map_err(|e| match e { + let _ = unistd::execvp(cmd.as_c_str(), &args).map_err(|e| match e { nix::Error::Sys(errno) => { std::process::exit(errno as i32); } @@ -205,7 +206,7 @@ async fn run_debug_console_vsock( let slave_fd = pseudo.slave; - match fork() { + match unsafe { fork() } { Ok(ForkResult::Child) => run_in_child(slave_fd, shell), Ok(ForkResult::Parent { child: child_pid }) => { run_in_parent(logger.clone(), stream, pseudo, child_pid).await