mirror of
https://github.com/containers/youki
synced 2024-05-12 10:36:14 +02:00
do not log error in the syscall crate (#1973)
* do not log error for mount in specific cases * clean up the logs in the syscall module * update toolchain to rust 1.70 --------- Signed-off-by: yihuaf <yihuaf@unkies.org>
This commit is contained in:
parent
53ba8d41d3
commit
d09c984567
|
@ -216,7 +216,6 @@ fn masked_path(path: &Path, mount_label: &Option<String>, syscall: &dyn Syscall)
|
|||
match err {
|
||||
SyscallError::Nix(nix::errno::Errno::ENOENT) => {
|
||||
// ignore error if path is not exist.
|
||||
tracing::warn!("masked path {:?} not exist", path);
|
||||
}
|
||||
SyscallError::Nix(nix::errno::Errno::ENOTDIR) => {
|
||||
let label = match mount_label {
|
||||
|
|
|
@ -96,7 +96,10 @@ pub fn container_intermediate_process(
|
|||
let proc = spec.process().as_ref().ok_or(MissingSpecError::Process)?;
|
||||
if let Some(rlimits) = proc.rlimits() {
|
||||
for rlimit in rlimits {
|
||||
command.set_rlimit(rlimit)?;
|
||||
command.set_rlimit(rlimit).map_err(|err| {
|
||||
tracing::error!(?err, ?rlimit, "failed to set rlimit");
|
||||
err
|
||||
})?;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -102,9 +102,9 @@ impl Device {
|
|||
)
|
||||
.map_err(|err| {
|
||||
tracing::error!(
|
||||
"failed to mount bind dev {:?}: {}",
|
||||
full_container_path,
|
||||
err
|
||||
?err,
|
||||
path = ?full_container_path,
|
||||
"failed to mount bind dev",
|
||||
);
|
||||
err
|
||||
})?;
|
||||
|
@ -122,17 +122,41 @@ impl Device {
|
|||
|
||||
let full_container_path = create_container_dev_path(rootfs, dev)?;
|
||||
|
||||
self.syscall.mknod(
|
||||
&full_container_path,
|
||||
to_sflag(dev.typ()),
|
||||
Mode::from_bits_truncate(dev.file_mode().unwrap_or(0)),
|
||||
makedev(dev.major(), dev.minor()),
|
||||
)?;
|
||||
self.syscall.chown(
|
||||
&full_container_path,
|
||||
dev.uid().map(Uid::from_raw),
|
||||
dev.gid().map(Gid::from_raw),
|
||||
)?;
|
||||
self.syscall
|
||||
.mknod(
|
||||
&full_container_path,
|
||||
to_sflag(dev.typ()),
|
||||
Mode::from_bits_truncate(dev.file_mode().unwrap_or(0)),
|
||||
makedev(dev.major(), dev.minor()),
|
||||
)
|
||||
.map_err(|err| {
|
||||
tracing::error!(
|
||||
?err,
|
||||
path = ?full_container_path,
|
||||
major = ?dev.major(),
|
||||
minor = ?dev.minor(),
|
||||
"failed to mknod device"
|
||||
);
|
||||
|
||||
err
|
||||
})?;
|
||||
self.syscall
|
||||
.chown(
|
||||
&full_container_path,
|
||||
dev.uid().map(Uid::from_raw),
|
||||
dev.gid().map(Gid::from_raw),
|
||||
)
|
||||
.map_err(|err| {
|
||||
tracing::error!(
|
||||
path = ?full_container_path,
|
||||
?err,
|
||||
uid = ?dev.uid(),
|
||||
gid = ?dev.gid(),
|
||||
"failed to chown device"
|
||||
);
|
||||
|
||||
err
|
||||
})?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
|
|
@ -38,7 +38,7 @@ impl RootFS {
|
|||
bind_devices: bool,
|
||||
cgroup_ns: bool,
|
||||
) -> Result<()> {
|
||||
tracing::debug!("Prepare rootfs: {:?}", rootfs);
|
||||
tracing::debug!(?rootfs, "prepare rootfs");
|
||||
let mut flags = MsFlags::MS_REC;
|
||||
let linux = spec.linux().as_ref().ok_or(MissingSpecError::Linux)?;
|
||||
|
||||
|
@ -52,20 +52,34 @@ impl RootFS {
|
|||
}
|
||||
|
||||
self.syscall
|
||||
.mount(None, Path::new("/"), None, flags, None)?;
|
||||
.mount(None, Path::new("/"), None, flags, None)
|
||||
.map_err(|err| {
|
||||
tracing::error!(
|
||||
?err,
|
||||
?flags,
|
||||
"failed to change the mount propagation type of the root"
|
||||
);
|
||||
|
||||
err
|
||||
})?;
|
||||
|
||||
let mounter = Mount::new();
|
||||
|
||||
mounter.make_parent_mount_private(rootfs)?;
|
||||
|
||||
tracing::debug!("mount root fs {:?}", rootfs);
|
||||
self.syscall.mount(
|
||||
Some(rootfs),
|
||||
rootfs,
|
||||
None,
|
||||
MsFlags::MS_BIND | MsFlags::MS_REC,
|
||||
None,
|
||||
)?;
|
||||
self.syscall
|
||||
.mount(
|
||||
Some(rootfs),
|
||||
rootfs,
|
||||
None,
|
||||
MsFlags::MS_BIND | MsFlags::MS_REC,
|
||||
None,
|
||||
)
|
||||
.map_err(|err| {
|
||||
tracing::error!(?rootfs, ?err, "failed to bind mount rootfs");
|
||||
err
|
||||
})?;
|
||||
|
||||
let global_options = MountOptions {
|
||||
root: rootfs,
|
||||
|
@ -108,9 +122,16 @@ impl RootFS {
|
|||
};
|
||||
|
||||
if let Some(flags) = flags {
|
||||
tracing::debug!("make root mount {:?}", flags);
|
||||
self.syscall
|
||||
.mount(None, Path::new("/"), None, flags, None)?;
|
||||
.mount(None, Path::new("/"), None, flags, None)
|
||||
.map_err(|err| {
|
||||
tracing::error!(
|
||||
?err,
|
||||
?flags,
|
||||
"failed to adjust the mount propagation type of the root"
|
||||
);
|
||||
err
|
||||
})?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
|
|
|
@ -349,14 +349,10 @@ impl Syscall for LinuxSyscall {
|
|||
/// Disassociate parts of execution context
|
||||
// see https://man7.org/linux/man-pages/man2/unshare.2.html for more information
|
||||
fn unshare(&self, flags: CloneFlags) -> Result<()> {
|
||||
unshare(flags).map_err(|err| {
|
||||
tracing::error!(?err, ?flags, "failed to unshare");
|
||||
err
|
||||
})?;
|
||||
unshare(flags)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
/// Set capabilities for container process
|
||||
fn set_capability(&self, cset: CapSet, value: &CapsHashSet) -> Result<()> {
|
||||
match cset {
|
||||
|
@ -382,10 +378,7 @@ impl Syscall for LinuxSyscall {
|
|||
|
||||
/// Sets hostname for process
|
||||
fn set_hostname(&self, hostname: &str) -> Result<()> {
|
||||
sethostname(hostname).map_err(|err| {
|
||||
tracing::error!(?hostname, "failed to set hostname");
|
||||
err
|
||||
})?;
|
||||
sethostname(hostname)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
|
@ -396,15 +389,9 @@ impl Syscall for LinuxSyscall {
|
|||
let len = domainname.len();
|
||||
match unsafe { setdomainname(ptr, len) } {
|
||||
0 => Ok(()),
|
||||
-1 => {
|
||||
tracing::error!(?domainname, "failed to set domainname");
|
||||
Err(nix::Error::last())
|
||||
}
|
||||
-1 => Err(nix::Error::last()),
|
||||
|
||||
_ => {
|
||||
tracing::error!(?domainname, "failed to set domainname for unknown reason");
|
||||
Err(nix::Error::UnknownErrno)
|
||||
}
|
||||
_ => Err(nix::Error::UnknownErrno),
|
||||
}?;
|
||||
|
||||
Ok(())
|
||||
|
@ -425,14 +412,8 @@ impl Syscall for LinuxSyscall {
|
|||
|
||||
match res {
|
||||
0 => Ok(()),
|
||||
-1 => {
|
||||
tracing::error!(?res, rlimit = ?rlimit.typ(), "failed to set rlimit");
|
||||
Err(SyscallError::Nix(nix::Error::last()))
|
||||
}
|
||||
_ => {
|
||||
tracing::error!(?res, rlimit = ?rlimit.typ(), "failed to set rlimit for unknown reason");
|
||||
Err(SyscallError::Nix(nix::Error::UnknownErrno))
|
||||
}
|
||||
-1 => Err(SyscallError::Nix(nix::Error::last())),
|
||||
_ => Err(SyscallError::Nix(nix::Error::UnknownErrno)),
|
||||
}?;
|
||||
|
||||
Ok(())
|
||||
|
@ -473,10 +454,7 @@ impl Syscall for LinuxSyscall {
|
|||
}
|
||||
|
||||
fn chroot(&self, path: &Path) -> Result<()> {
|
||||
unistd::chroot(path).map_err(|err| {
|
||||
tracing::error!(?err, ?path, "failed to chroot");
|
||||
err
|
||||
})?;
|
||||
unistd::chroot(path)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
@ -489,41 +467,24 @@ impl Syscall for LinuxSyscall {
|
|||
flags: MsFlags,
|
||||
data: Option<&str>,
|
||||
) -> Result<()> {
|
||||
mount(source, target, fstype, flags, data).map_err(|err| {
|
||||
tracing::error!(
|
||||
"failed to mount {source:?} to {target:?} with fstype {fstype:?}, flags {flags:?}, data {data:?}: {err}",
|
||||
);
|
||||
err
|
||||
})?;
|
||||
|
||||
mount(source, target, fstype, flags, data)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn symlink(&self, original: &Path, link: &Path) -> Result<()> {
|
||||
symlink(original, link).map_err(|err| {
|
||||
tracing::error!("failed to create symlink from {original:?} to {link:?}: {err}");
|
||||
err
|
||||
})?;
|
||||
symlink(original, link)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn mknod(&self, path: &Path, kind: SFlag, perm: Mode, dev: u64) -> Result<()> {
|
||||
mknod(path, kind, perm, dev).map_err(|errno| {
|
||||
tracing::error!(
|
||||
"failed to mknod {path:?}, kind {kind:?}, perm {perm:?}, dev {dev:?}: {errno}"
|
||||
);
|
||||
errno
|
||||
})?;
|
||||
mknod(path, kind, perm, dev)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn chown(&self, path: &Path, owner: Option<Uid>, group: Option<Gid>) -> Result<()> {
|
||||
chown(path, owner, group).map_err(|errno| {
|
||||
tracing::error!("failed to chown {path:?} to {owner:?}:{group:?}: {errno}");
|
||||
errno
|
||||
})?;
|
||||
chown(path, owner, group)?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
@ -552,16 +513,10 @@ impl Syscall for LinuxSyscall {
|
|||
// kernel 5.11. If the kernel is older we emulate close_range in userspace.
|
||||
Self::emulate_close_range(preserve_fds)
|
||||
}
|
||||
e => {
|
||||
tracing::error!(errno = ?e, "failed to close_range");
|
||||
Err(SyscallError::Nix(e))
|
||||
}
|
||||
e => Err(SyscallError::Nix(e)),
|
||||
}
|
||||
}
|
||||
_ => {
|
||||
tracing::error!("failed to close_range unknown failure");
|
||||
Err(SyscallError::Nix(nix::errno::Errno::UnknownErrno))
|
||||
}
|
||||
_ => Err(SyscallError::Nix(nix::errno::Errno::UnknownErrno)),
|
||||
}?;
|
||||
|
||||
Ok(())
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
[toolchain]
|
||||
profile="default"
|
||||
channel="1.69.0"
|
||||
channel="1.70.0"
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
///! Contains utility functions for testing
|
||||
///! Similar to https://github.com/opencontainers/runtime-tools/blob/master/validation/util/test.go
|
||||
//! Contains utility functions for testing
|
||||
//! Similar to https://github.com/opencontainers/runtime-tools/blob/master/validation/util/test.go
|
||||
use super::{generate_uuid, prepare_bundle, set_config};
|
||||
use super::{get_runtime_path, get_runtimetest_path};
|
||||
use anyhow::{anyhow, bail, Context, Result};
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
///! Contains definition for a tests which should be conditionally run
|
||||
//! Contains definition for a tests which should be conditionally run
|
||||
use crate::testable::{TestResult, Testable};
|
||||
|
||||
// type aliases for test function signature
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
///! Contains definition for a simple and commonly usable test structure
|
||||
//! Contains definition for a simple and commonly usable test structure
|
||||
use crate::testable::{TestResult, Testable};
|
||||
|
||||
// type alias for the test function
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
///! Contains structure for a test group
|
||||
//! Contains structure for a test group
|
||||
use crate::testable::{TestResult, Testable, TestableGroup};
|
||||
use crossbeam::thread;
|
||||
use std::collections::BTreeMap;
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
///! This exposes the main control wrapper to control the tests
|
||||
//! This exposes the main control wrapper to control the tests
|
||||
use crate::testable::{TestResult, TestableGroup};
|
||||
use anyhow::Result;
|
||||
use crossbeam::thread;
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
//! Contains Basic setup for testing, testable trait and its result type
|
||||
use std::fmt::Debug;
|
||||
|
||||
///! Contains Basic setup for testing, testable trait and its result type
|
||||
use anyhow::{bail, Error, Result};
|
||||
|
||||
#[derive(Debug)]
|
||||
|
|
Loading…
Reference in New Issue