wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-08 15:13:55 +02:00
Code Activity

Prevent a deadlock when user namespace setup fails

Browse source 
Observed on Centos 7 when user namespaces are disabled:
DerivationGoal::startBuilder() throws an exception, ~DerivationGoal()
waits for the child process to exit, but the child process hangs
forever in drainFD(userNamespaceSync.readSide.get()) in
DerivationGoal::runChild(). Not sure why the SIGKILL doesn't get
through.

Issue #4092.

(cherry picked from commit d761485010)
This commit is contained in:
Eelco Dolstra 2020-10-06 18:52:46 +02:00
parent 682694e03a
commit f09b375837
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/libstore/build.cc
View file

@ -2388,6 +2388,12 @@ void DerivationGoal::startBuilder()
userNamespaceSync.readSide = -1; userNamespaceSync.readSide = -1;
/* Close the write side to prevent runChild() from hanging
reading from this. */
Finally cleanup([&]() {
userNamespaceSync.writeSide = -1;
});
pid_t tmp; pid_t tmp;
if (!string2Int<pid_t>(readLine(builderOut.readSide.get()), tmp)) abort(); if (!string2Int<pid_t>(readLine(builderOut.readSide.get()), tmp)) abort();
pid = tmp; pid = tmp;
@ -2409,7 +2415,6 @@ void DerivationGoal::startBuilder()
/* Signal the builder that we've updated its user /* Signal the builder that we've updated its user
namespace. */ namespace. */
writeFull(userNamespaceSync.writeSide.get(), "1"); writeFull(userNamespaceSync.writeSide.get(), "1");
userNamespaceSync.writeSide = -1;
} else } else
#endif #endif