rlenferink opened a new issue, #658: URL: https://github.com/apache/celix/issues/658
The pubsub_zmq tests fail (SEGV) when running within a container. This is due to the user in the container possibly being the root user (`uid` = 0), which makes this check succeed: https://github.com/apache/celix/blob/e7aee1259a4c61463be8fcfa5dd4612a3a756192/bundles/pubsub/pubsub_admin_zmq/src/pubsub_zmq_topic_receiver.c#L643-L649 The `gotPermission` is later on used to determine whether the scheduling priority can be set: https://github.com/apache/celix/blob/e7aee1259a4c61463be8fcfa5dd4612a3a756192/bundles/pubsub/pubsub_admin_zmq/src/pubsub_zmq_topic_receiver.c#L655 When this is called with the user `root` within a container (`uid` 0), but the user outside the container being a rootless user, the tests segfault (unable to call `pthread_setschedparam`). This is the line where libzmq in the end crashes: https://github.com/zeromq/libzmq/blob/4097855ddaaa65ed7b5e8cb86d143842a594eebd/src/thread.cpp#L345 libzmq doesn't handle this too nicely and I am not sure whether this can be solved. I tried with the suggest `libcap` and after that simply falling back to using the `capsh` command, but there the `cap_sys_nice` can be set: ```bash root@fedora:/home/rlenferink/workspace/asf/celix/celix-container# capsh --print Current: =ep Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read,cap_perfmon,cap_bpf,cap_checkpoint_restore ``` Any suggestions to solve this? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@celix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
