From 47186a4811f3e3c4c76478db473342f4ef0f372f Mon Sep 17 00:00:00 2001 From: izuku-sds Date: Sat, 7 Dec 2024 12:57:43 +0530 Subject: [PATCH 1/2] Fix unlinkat error in make tools Modules installed using go in /tmp had elevated privileges, causing unlinkat errors when deleting them. Changed permissions before removal to avoid errors and ensure make tools runs smoothly. --- scripts/build/install_fresh.sh | 1 + scripts/build/install_golint.sh | 1 + 2 files changed, 2 insertions(+) diff --git a/scripts/build/install_fresh.sh b/scripts/build/install_fresh.sh index 5f42766c..9cc3e7af 100755 --- a/scripts/build/install_fresh.sh +++ b/scripts/build/install_fresh.sh @@ -12,6 +12,7 @@ mkdir -p bin tmp_dir=$(mktemp -d -t ci-XXXXXXXXXX) cd $tmp_dir GOPATH=$tmp_dir go install github.com/pilu/fresh@latest +chmod -R u+rw $tmp_dir cp $tmp_dir/bin/fresh $project_dir/bin/fresh rm -rf $tmp_dir diff --git a/scripts/build/install_golint.sh b/scripts/build/install_golint.sh index 302eefda..76be0d23 100755 --- a/scripts/build/install_golint.sh +++ b/scripts/build/install_golint.sh @@ -12,6 +12,7 @@ mkdir -p bin tmp_dir=$(mktemp -d -t ci-XXXXXXXXXX) cd $tmp_dir GOPATH=$tmp_dir go install golang.org/x/lint/golint@latest +chmod -R u+rw $tmp_dir cp $tmp_dir/bin/golint $project_dir/bin/golint rm -rf $tmp_dir From 804f628fbd937bb0068e1f7c3e0e666b3bda16d7 Mon Sep 17 00:00:00 2001 From: izuku-sds Date: Sat, 7 Dec 2024 13:24:28 +0530 Subject: [PATCH 2/2] Fix unlinkat error in storage cleanup **Error Reason**: Elevated privileges on bind mounts caused unlinkat errors during deletion. **Fixes**: 1. Explicitly create bind mounts to avoid elevated privileges. 2. During container deletion, first remove all contents inside the working directory, then kill the container. 3. In DiskCleanup, perform ContainerCleanup before StorageCleanup. --- lib/docker/container.go | 16 ++++++++++++++++ lib/docker/delete.go | 34 +++++++++++++++++++++++++++++++++- services/appmaker/helper.go | 17 +++++++++++------ 3 files changed, 60 insertions(+), 7 deletions(-) diff --git a/lib/docker/container.go b/lib/docker/container.go index b57fbb3f..966007c7 100644 --- a/lib/docker/container.go +++ b/lib/docker/container.go @@ -5,6 +5,7 @@ import ( "fmt" "io/ioutil" "time" + "os" dockerTypes "github.com/docker/docker/api/types" "github.com/docker/docker/api/types/container" @@ -19,6 +20,21 @@ func CreateApplicationContainer(containerCfg types.ApplicationContainer) (string ctx := context.Background() volume := fmt.Sprintf("%s:%s", containerCfg.StoreDir, containerCfg.WorkDir) + // Create the host directory for bind mount with appropriate permissions + err := os.MkdirAll(containerCfg.StoreDir, 0755) + if err != nil { + return "", fmt.Errorf("failed to create directory: %w", err) + } + // Set proper permissions for the host directory + err = os.Chown(containerCfg.StoreDir, os.Getuid(), os.Getgid()) + if err != nil { + return "", fmt.Errorf("failed to set ownership: %w", err) + } + err = os.Chmod(containerCfg.StoreDir, 0755) + if err != nil { + return "", fmt.Errorf("failed to set permissions: %w", err) + } + // convert map to list of strings envArr := []string{} for key, value := range containerCfg.Env { diff --git a/lib/docker/delete.go b/lib/docker/delete.go index f989bdf6..bc5f9f7f 100644 --- a/lib/docker/delete.go +++ b/lib/docker/delete.go @@ -1,6 +1,8 @@ package docker import ( + "fmt" + "github.com/sdslabs/gasper/lib/utils" "github.com/docker/docker/api/types" "golang.org/x/net/context" ) @@ -8,8 +10,38 @@ import ( // DeleteContainer deletes a docker container func DeleteContainer(containerID string) error { ctx := context.Background() - err := StopContainer(containerID) + // Inspect the container to get its working directory + containerJSON, err := cli.ContainerInspect(ctx, containerID) + if err != nil { + utils.LogError("Docker-DeleteContainer-1", err) + return err + } + workingDir := containerJSON.Config.WorkingDir + if workingDir != "" { + // Clear the working directory inside the container, including hidden files and directories + cmd := []string{"sh", "-c", fmt.Sprintf("rm -rf %s/* %s/.*", workingDir, workingDir)} + execConfig := types.ExecConfig{ + Cmd: cmd, + AttachStdout: true, + AttachStderr: true, + Privileged: true, + } + + execIDResp, err := cli.ContainerExecCreate(ctx, containerID, execConfig) + if err != nil { + utils.LogError("Docker-DeleteContainer-2", err) + return err + } + + err = cli.ContainerExecStart(ctx, execIDResp.ID, types.ExecStartCheck{}) + if err != nil { + utils.LogError("Docker-DeleteContainer-3", err) + return err + } + } + + err = StopContainer(containerID) if err != nil { return err } diff --git a/services/appmaker/helper.go b/services/appmaker/helper.go index 7c925e77..bbeaa9c1 100644 --- a/services/appmaker/helper.go +++ b/services/appmaker/helper.go @@ -34,13 +34,18 @@ func containerCleanup(appName string) error { // diskCleanup cleans the specified application's container and local storage func diskCleanup(appName string) { + err := containerCleanup(appName) + if err != nil { + utils.LogError("AppMaker-Helper-5", fmt.Errorf("container cleanup failed for %s: %w", appName, err)) + return + } + appDir := filepath.Join(path, fmt.Sprintf("storage/%s", appName)) - storeCleanupChan := make(chan error) - go func() { - storeCleanupChan <- storageCleanup(appDir) - }() - containerCleanup(appName) - <-storeCleanupChan + err = storageCleanup(appDir) + if err != nil { + utils.LogError("AppMaker-Helper-6", fmt.Errorf("storage cleanup failed for %s: %w", appName, err)) + return + } } // stateCleanup removes the application's data from MongoDB and Redis