[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #61621] unshare -Upf no longer works on make unless --disable-posix
From: |
anonymous |
Subject: |
[bug #61621] unshare -Upf no longer works on make unless --disable-posix-spawn is given |
Date: |
Sat, 4 Dec 2021 20:51:57 -0500 (EST) |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0 |
URL:
<https://savannah.gnu.org/bugs/?61621>
Summary: unshare -Upf no longer works on make unless
--disable-posix-spawn is given
Project: make
Submitted by: None
Submitted on: Sun 05 Dec 2021 01:51:55 AM UTC
Severity: 3 - Normal
Item Group: Bug
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Component Version: 4.3
Operating System: POSIX-Based
Fixed Release: None
Triage Status: None
_______________________________________________________
Details:
Dear maintainer,
a common way to use `make` on Continuous Integration systems like Jenkins, and
some other batch processing systems, is to wrap it in the `unshare` program
from `util-linux`, enabling process namespaces.
Example:
unshare -Upf --kill-child -- make runMyCI
The reason for doing so is so that when you kill `unshare`, it ensures that
all recursive child processes are reliably killed, and no zombie processes are
left, no matter if they misbehave (e.g. backgrounding by double-forking) due
to bugs or bad practices (which is especially annoying for cron jobs, CI
servers, or other types of setup where process zombies/reparenting needs to be
avoided).
This worked great up to including gnumake 4.2.1, but it stopped working with
4.3
A workaround is to configure gnumake with `--disable-posix-spawn`.
Concretely, the observed error is:
unshare -Ufp --kill-child make
make: sh: Invalid argument
make: *** [Makefile:6: help] Error 127
`strace -fy` on the above command reveals that this `Invalid argument` comes
from the `setresuid()` syscall, which is invoked by the first forked child of
the `make` main process:
[pid 6545] getuid() = 65534
[pid 6545] setresuid(-1, 65534, -1) = -1 EINVAL (Invalid argument)
It would be great to know whether make 4.3 could be made work under `unshare`
in general, or if not, if the switch to disable poxix-spawn could be made
available at run-time, so that users can use continue to use their
distribution packages while still having guaranteed child killing via
`unshare`.
Thank you!
nh2
_______________________________________________________
Reply to this item at:
<https://savannah.gnu.org/bugs/?61621>
_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
- [bug #61621] unshare -Upf no longer works on make unless --disable-posix-spawn is given,
anonymous <=