JohnHammond
/
buildkit
mirror of https://github.com/JohnHammond/buildkit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Standard user umask for git process 

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
master
CrazyMax 2021-09-27 20:10:14 +02:00
parent e07f3883e3
commit 3f1152f657
No known key found for this signature in database
GPG Key ID: 3248E46B6BB8C7F7
3 changed files with 76 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/buildkitd/main.go
View File

@ -74,7 +74,9 @@ func init() {
stack.SetVersionInfo(version.Version, version.Revision) stack.SetVersionInfo(version.Version, version.Revision)
seed.WithTimeAndRand() seed.WithTimeAndRand()
reexec.Init() if reexec.Init() {
os.Exit(0)
}
// overwrites containerd/log.G // overwrites containerd/log.G
log.G = bklog.GetLogger log.G = bklog.GetLogger

7
source/git/gitsource_test.go
View File

@ -15,6 +15,7 @@ import (
"github.com/containerd/containerd/namespaces" "github.com/containerd/containerd/namespaces"
"github.com/containerd/containerd/snapshots" "github.com/containerd/containerd/snapshots"
"github.com/containerd/containerd/snapshots/native" "github.com/containerd/containerd/snapshots/native"
"github.com/docker/docker/pkg/reexec"
"github.com/moby/buildkit/cache" "github.com/moby/buildkit/cache"
"github.com/moby/buildkit/cache/metadata" "github.com/moby/buildkit/cache/metadata"
"github.com/moby/buildkit/snapshot" "github.com/moby/buildkit/snapshot"
@ -27,6 +28,12 @@ import (
bolt "go.etcd.io/bbolt" bolt "go.etcd.io/bbolt"
) )
func init() {
if reexec.Init() {
os.Exit(0)
}
}
func TestRepeatedFetch(t *testing.T) { func TestRepeatedFetch(t *testing.T) {
testRepeatedFetch(t, false) testRepeatedFetch(t, false)
} }

70
source/git/gitsource_unix.go
View File

@ -4,13 +4,75 @@ package git
import ( import (
"context" "context"
"os"
"os/exec" "os/exec"
"syscall" "os/signal"
"time" "time"
"github.com/docker/docker/pkg/reexec"
"golang.org/x/sys/unix"
) )
const (
gitCmd = "umask-git"
)
func init() {
reexec.Register(gitCmd, gitMain)
}
func gitMain() {
// Need standard user umask for git process.
unix.Umask(0022)
// Reexec git command
cmd := exec.Command(os.Args[1], os.Args[2:]...)
cmd.SysProcAttr = &unix.SysProcAttr{
Setpgid: true,
Pdeathsig: unix.SIGTERM,
}
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
cmd.Stdin = os.Stdin
// Forward all signals
sigc := make(chan os.Signal, 1)
done := make(chan struct{})
signal.Notify(sigc)
go func() {
for {
select {
case sig := <-sigc:
if cmd.Process == nil {
continue
}
switch sig {
case unix.SIGINT, unix.SIGTERM, unix.SIGKILL:
_ = unix.Kill(-cmd.Process.Pid, sig.(unix.Signal))
default:
_ = cmd.Process.Signal(sig)
}
case <-done:
return
}
}
}()
err := cmd.Run()
close(done)
if err != nil {
if exiterr, ok := err.(*exec.ExitError); ok {
status := exiterr.Sys().(unix.WaitStatus)
os.Exit(status.ExitStatus())
}
os.Exit(1)
}
os.Exit(0)
}
func runProcessGroup(ctx context.Context, cmd *exec.Cmd) error { func runProcessGroup(ctx context.Context, cmd *exec.Cmd) error {
cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true} cmd.Path = reexec.Self()
cmd.Args = append([]string{gitCmd}, cmd.Args...)
if err := cmd.Start(); err != nil { if err := cmd.Start(); err != nil {
return err return err
} }
@ -18,12 +80,12 @@ func runProcessGroup(ctx context.Context, cmd *exec.Cmd) error {
go func() { go func() {
select { select {
case <-ctx.Done(): case <-ctx.Done():
syscall.Kill(-cmd.Process.Pid, syscall.SIGTERM) _ = unix.Kill(-cmd.Process.Pid, unix.SIGTERM)
go func() { go func() {
select { select {
case <-waitDone: case <-waitDone:
case <-time.After(10 * time.Second): case <-time.After(10 * time.Second):
syscall.Kill(-cmd.Process.Pid, syscall.SIGKILL) _ = unix.Kill(-cmd.Process.Pid, unix.SIGKILL)
} }
}() }()
case <-waitDone: case <-waitDone: