[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #61621] unshare -Upf no longer works on make unless --disable-posix

From: anonymous
Subject: [bug #61621] unshare -Upf no longer works on make unless --disable-posix-spawn is given
Date: Sat, 4 Dec 2021 20:51:57 -0500 (EST)
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0


                 Summary: unshare -Upf no longer works on make unless
--disable-posix-spawn is given
                 Project: make
            Submitted by: None
            Submitted on: Sun 05 Dec 2021 01:51:55 AM UTC
                Severity: 3 - Normal
              Item Group: Bug
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
       Component Version: 4.3
        Operating System: POSIX-Based
           Fixed Release: None
           Triage Status: None



Dear maintainer,

a common way to use `make` on Continuous Integration systems like Jenkins, and
some other batch processing systems, is to wrap it in the `unshare` program
from `util-linux`, enabling process namespaces.


    unshare -Upf --kill-child -- make runMyCI

The reason for doing so is so that when you kill `unshare`, it ensures that
all recursive child processes are reliably killed, and no zombie processes are
left, no matter if they misbehave (e.g. backgrounding by double-forking) due
to bugs or bad practices (which is especially annoying for cron jobs, CI
servers, or other types of setup where process zombies/reparenting needs to be

This worked great up to including gnumake 4.2.1, but it stopped working with

A workaround is to configure gnumake with `--disable-posix-spawn`.

Concretely, the observed error is:

    unshare -Ufp --kill-child make
    make: sh: Invalid argument
    make: *** [Makefile:6: help] Error 127

`strace -fy` on the above command reveals that this `Invalid argument` comes
from the `setresuid()` syscall, which is invoked by the first forked child of
the `make` main process:

    [pid  6545] getuid()                    = 65534
    [pid  6545] setresuid(-1, 65534, -1)    = -1 EINVAL (Invalid argument)

It would be great to know whether make 4.3 could be made work under `unshare`
in general, or if not, if the switch to disable poxix-spawn could be made
available at run-time, so that users can use continue to use their
distribution packages while still having guaranteed child killing via

Thank you!



Reply to this item at:


  Message sent via Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]