Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: ignore EBADF on lgetxattr #3291

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

lionello
Copy link
Contributor

@lionello lionello commented Aug 16, 2024

Relates to #2201, but it's not exactly the same issue, since this PR addresses the error during reading of the extended attributes, not the writing:

INFO[2024-08-15T17:28:26Z] Taking snapshot of full filesystem...        
error building image: error building stage: failed to take snapshot: failed to read "security.capability" attribute from "/etc/alternatives/c++": lgetxattr security.capability /etc/alternatives/c++: bad file descriptor

This happened on DigitalOcean App Platform, where Kaniko was running with minimal capabilities (and this cannot be relaxed.)

Output of capsh --print

Current: cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap=ep
Bounding set =cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap
Ambient set = <unsupported>
Current IAB: !cap_dac_read_search,!cap_linux_immutable,!cap_net_broadcast,!cap_net_admin,!cap_net_raw,!cap_ipc_lock,!cap_ipc_owner,!cap_sys_module,!cap_sys_rawio,!cap_sys_ptrace,!cap_sys_pacct,!cap_sys_admin,!cap_sys_boot,!cap_sys_nice,!cap_sys_resource,!cap_sys_time,!cap_sys_tty_config,!cap_lease,!cap_audit_control,!cap_mac_override,!cap_mac_admin,!cap_syslog,!cap_wake_alarm,!cap_block_suspend,!cap_audit_read,!cap_perfmon,!cap_bpf,!cap_checkpoint_restore
Securebits: 037777777777/0xffffffff/32'b11111111111111111111111111111111 (no-new-privs=1)
 secure-noroot: yes (locked)
 secure-no-suid-fixup: yes (locked)
 secure-keep-caps: yes (locked)
uid=0(root) euid=0(root)
gid=0(root)
groups=0(root)
Guessed mode: PURE1E_INIT (2)

Description

This PR checks EBADF errno when the call to lgetxattr fails. This seems to fail in some environments with missing capabilities. Ignoring the error (and skipping the xattr) is better than aborting or ignoring the file completely (which is the workaround posted in #2201)

This is not easy to test in unit/integration tests, but I've verified the fix works with a project that kept failing with the error mentioned in #2201: trying run Kaniko in a Digital Ocean App building this project: https://github.com/DefangLabs/samples/tree/main/samples/flask

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Includes unit tests
  • Adds integration tests if needed.

See the contribution guide for more details.

Reviewer Notes

  • The code flow looks good.
  • Unit tests and or integration tests added.

Release Notes

Describe any changes here so maintainer can include it in the release notes, or delete this block.

- ignore "bad file descriptor" (EBADF) while trying to read xattrs

@lionello lionello changed the title fix: ignore lgetxattr on EBADF fix: ignore EBADF on lgetxattr Aug 16, 2024
@lionello
Copy link
Contributor Author

lionello commented Oct 4, 2024

@hypnoce @imjasonh can one of you have a look please? It's been open for quite a while now.

@lionello
Copy link
Contributor Author

@QuanZhang-William @JeromeJu any chance you could have a look?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant