storage icon indicating copy to clipboard operation
storage copied to clipboard

Published 20 hours ago verified publisher icon containers

chrootarchive: Pass root via fd

Open cgwalters opened this issue 1 year ago • 7 comments

I'd like to support passing a file descriptor root for the container storage, and not an absolute path.

In the bootc codebase (partially a philosophy inherited from ostree) we've heavily invested in fd-relative accesses, primarily because it's common for us to operate in different namespaces/roots, and fd-relative access avoids a lot of possible footguns when dealing with absolute paths. It's also more efficient, avoiding the need for the kernel to traverse full paths a lot.

This is just one of a few preparatory changes necessary in making it work to do:

podman --root=/proc/self/fd/3 --runroot=... pull busybox

Note that as part of doing this, I refactored code here to move the "split root and dest" logic into the caller... there was some logically dead code here because

cgwalters avatar Jul 29 '24 12:07 cgwalters

See https://github.com/containers/bootc/pull/731 particularly https://github.com/containers/bootc/pull/724/files#diff-30bb05ef4e35724331b84e50edacf12aaf7eb21e3a5576a341d556accb0d1400R75 which is doing a complex dance right now to bridge from our internal fds to the absolute paths this package currently requires.

cgwalters avatar Jul 29 '24 12:07 cgwalters

Fixed up the cross-compilation issues.

cgwalters avatar Jul 29 '24 17:07 cgwalters

Actually...is this macos/windows code ever used?

cgwalters avatar Jul 29 '24 17:07 cgwalters

Most likely not.

rhatdan avatar Jul 30 '24 15:07 rhatdan

This triggered a memory for me that we also ship oc image extract...I went to look at what it does, and it forked from moby.

I am not sure if oc image extract is currently load bearing on windows/macos? Not much happening there but it looks like it compiles...

cgwalters avatar Jul 30 '24 21:07 cgwalters

Tossed up https://github.com/containers/storage/pull/2051

cgwalters avatar Jul 30 '24 22:07 cgwalters

OK I reworked this in a way which works on Linux (tested) and FreeBSD (not tested, but in theory), and leaves other platforms unchanged (not tested).

cgwalters avatar Jul 31 '24 17:07 cgwalters

A note: If we take this out farther, what would make sense is for c/storage to hold a fd (not an absolute path) for its storage root, then this code would need more refactoring as dest wouldn't necessarily be prepended with the root by default. That'd probably be a distinct new API calling into the shared bits, we just wouldn't need to do the "strip off the root" on the Unix paths in that case.

cgwalters avatar Jul 31 '24 19:07 cgwalters

@giuseppe @nalind PTAL

rhatdan avatar Aug 01 '24 15:08 rhatdan

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cgwalters, giuseppe

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci[bot] avatar Aug 06 '24 10:08 openshift-ci[bot]

/lgtm

rhatdan avatar Aug 12 '24 18:08 rhatdan