Hello community, here is the log from the commit of package conmon for openSUSE:Factory checked in at 2020-07-30 09:58:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/conmon (Old) and /work/SRC/openSUSE:Factory/.conmon.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "conmon" Thu Jul 30 09:58:51 2020 rev:15 rq:823376 version:2.0.20 Changes: -------- --- /work/SRC/openSUSE:Factory/conmon/conmon.changes 2020-06-11 14:37:11.556001056 +0200 +++ /work/SRC/openSUSE:Factory/.conmon.new.3592/conmon.changes 2020-07-30 09:59:43.407204998 +0200 @@ -1,0 +2,20 @@ +Wed Jul 29 10:20:58 UTC 2020 - Sascha Grunert <sgrun...@suse.com> + +- Update to v2.0.20 + - journald: fix logging container name + - container logging: Implement none driver - "off", "null" or + "none" all work. + - ctrl: warn if we fail to unlink + - Drop fsync calls + - Reap PIDs before running exit command + - Fix log path parsing + - Add --sync option to prevent conmon from double forking + - Add --no-sync-log option to instruct conmon to not sync the + logs of the containers upon shutting down. This feature fixes a + regression where we unconditionally dropped the log sync. It is + possible the container logs could be corrupted on a sudden + power-off. If you need container logs to remain in consistent + state after a sudden shutdown, please update from v2.0.19 to + v2.0.20 + +------------------------------------------------------------------- Old: ---- conmon-2.0.17.tar.xz New: ---- conmon-2.0.20.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ conmon.spec ++++++ --- /var/tmp/diff_new_pack.dq1JXl/_old 2020-07-30 09:59:44.311205809 +0200 +++ /var/tmp/diff_new_pack.dq1JXl/_new 2020-07-30 09:59:44.311205809 +0200 @@ -17,7 +17,7 @@ Name: conmon -Version: 2.0.17 +Version: 2.0.20 Release: 0 Summary: An OCI container runtime monitor License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.dq1JXl/_old 2020-07-30 09:59:44.339205835 +0200 +++ /var/tmp/diff_new_pack.dq1JXl/_new 2020-07-30 09:59:44.343205838 +0200 @@ -2,8 +2,8 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/containers/conmon</param> <param name="scm">git</param> -<param name="versionformat">2.0.17</param> -<param name="revision">v2.0.17</param> +<param name="versionformat">2.0.20</param> +<param name="revision">v2.0.20</param> </service> <service name="recompress" mode="disabled"> <param name="file">conmon-*.tar</param> ++++++ conmon-2.0.17.tar.xz -> conmon-2.0.20.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/.cirrus.yml new/conmon-2.0.20/.cirrus.yml --- old/conmon-2.0.17/.cirrus.yml 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/.cirrus.yml 2020-07-28 15:57:21.000000000 +0200 @@ -230,12 +230,18 @@ - 'config' - 'fmt' gce_instance: - image_name: "${FEDORA_BASE_IMAGE}" - cpu: 4 - memory: 4 + image_name: "${FEDORA_CACHE_IMAGE_NAME}" + cpu: 8 + memory: 12 disk: 200 - script: - - dnf install -y podman make git gcc - - make containerized + script: | + set -ex + setenforce 0 + growpart /dev/sda 1 || true + resize2fs /dev/sda1 || true + yum -y install podman + mkdir -p /nix + podman run --rm --privileged -ti -v /:/mnt nixos/nix cp -rfT /nix /mnt/nix + podman run --rm --privileged -ti -v /nix:/nix -v ${PWD}:${PWD} -w ${PWD} nixos/nix nix --print-build-logs --option cores 8 --option max-jobs 8 build --file nix/ binaries_artifacts: - path: "bin/conmon" + path: "result/bin/conmon" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/Makefile new/conmon-2.0.20/Makefile --- old/conmon-2.0.17/Makefile 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/Makefile 2020-07-28 15:57:21.000000000 +0200 @@ -45,24 +45,18 @@ override CFLAGS += $(shell $(PKG_CONFIG) --cflags libsystemd) -D USE_JOURNALD=0 endif -define DOCKERFILE - FROM alpine:latest - RUN apk add --update --no-cache bash make git gcc pkgconf libc-dev glib-dev glib-static - COPY . /go/src/$(PROJECT) - WORKDIR /go/src/$(PROJECT) - RUN make static -endef -export DOCKERFILE - -containerized: bin - $(eval PODMAN ?= $(if $(shell podman -v),podman,docker)) - echo "$$DOCKERFILE" | $(PODMAN) build --force-rm -t conmon-build -f - . - CTR=`$(PODMAN) create conmon-build` \ - && $(PODMAN) cp $$CTR:/go/src/$(PROJECT)/bin/conmon bin/conmon \ - && $(PODMAN) rm $$CTR +# Update nix/nixpkgs.json its latest stable commit +.PHONY: nixpkgs +nixpkgs: + @nix run -f channel:nixos-20.03 nix-prefetch-git -c nix-prefetch-git \ + --no-deepClone https://github.com/nixos/nixpkgs > nix/nixpkgs.json +# Build statically linked binary +.PHONY: static static: - $(MAKE) git-vars bin/conmon PKG_CONFIG='$(PKG_CONFIG) --static' CFLAGS='-static' LDFLAGS='$(LDFLAGS) -s -w -static' LIBS='$(LIBS)' + @nix build -f nix/ + mkdir -p ./bin + cp -rfp ./result/bin/* ./bin/ bin/conmon: $(OBJS) | bin $(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(LIBS) @@ -80,13 +74,11 @@ bin: mkdir -p bin -vendor: - export GO111MODULE=on \ - $(GO) mod tidy && \ - $(GO) mod vendor && \ - $(GO) mod verify - .PHONY: vendor +vendor: + GO111MODULE=on $(GO) mod tidy + GO111MODULE=on $(GO) mod vendor + GO111MODULE=on $(GO) mod verify .PHONY: clean clean: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/README.md new/conmon-2.0.20/README.md --- old/conmon-2.0.17/README.md 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/README.md 2020-07-28 15:57:21.000000000 +0200 @@ -4,14 +4,119 @@ An OCI container runtime monitor. -Conmon is a monitoring program and communication tool between a container manager (like [podman](https://podman.io/) or [CRI-O](https://cri-o.io/)) and an OCI runtime (like [runc](https://github.com/opencontainers/runc) or [crun](https://github.com/giuseppe/crun)) for a single container. - -Upon being launched, it double-forks to daemonize and detach from the parent that launched it. It then launches the runtime as its child. This allows managing processes to die in the foreground, but still be able to watch over and connect to the child process (the container). +Conmon is a monitoring program and communication tool between a +container manager (like [Podman](https://podman.io/) or +[CRI-O](https://cri-o.io/)) and an OCI runtime (like +[runc](https://github.com/opencontainers/runc) or +[crun](https://github.com/containers/crun)) for a single container. + +Upon being launched, conmon (usually) double-forks to daemonize and detach from the +parent that launched it. It then launches the runtime as its child. This +allows managing processes to die in the foreground, but still be able to +watch over and connect to the child process (the container). While the container runs, conmon does two things: -* Provides a socket for attaching to the container, holding open the container's standard streams and forwarding them over the socket. -* Writes the contents of the container's streams to a log file (or to the systemd journal) so they can be read after the container's death. - -Finally, upon the containers death, conmon will record its exit time and code to be read by the managing programs. -Written in C and designed to have a low memory footprint, conmon is intended to be run by a container managing library. Essentially, conmon is the smallest daemon a container can have. + - Provides a socket for attaching to the container, holding open the + container's standard streams and forwarding them over the socket. + - Writes the contents of the container's streams to a log file (or to + the systemd journal) so they can be read after the container's + death. + +Finally, upon the containers death, conmon will record its exit time and +code to be read by the managing programs. + +Written in C and designed to have a low memory footprint, conmon is +intended to be run by a container managing library. Essentially, conmon +is the smallest daemon a container can have. + +In most cases, conmon should be packaged with your favorite container +manager. However, if you'd like to try building it from source, follow +the steps below. + +## Depedencies + +These dependencies are required for the build: + +### Fedora, CentOS, RHEL, and related distributions: + +``` shell +sudo yum install -y \ + gcc \ + git \ + glib2-devel \ + glibc-devel \ + make \ + pkgconfig \ + runc +``` + +### Debian, Ubuntu, and related distributions: + +``` shell +sudo apt-get install \ + gcc \ + git \ + libc6-dev \ + libglib2.0-dev \ + pkg-config \ + make \ + runc +``` + +## Build + +Once all the dependencies are installed: + +``` shell +make +``` + +There are three options for installation, depending on your environment. +Each can have the PREFIX overridden. The PREFIX defaults to `/usr/local` +for most Linux distributions. + + - `make install` installs to `$PREFIX/bin`, for adding conmon to the + path. + - `make podman` installs to `$PREFIX/libexec/podman`, which is used to + override the conmon version that Podman uses. + - `make crio` installs to `$PREFIX/libexec/crio`, which is used to + override the conmon version that CRI-O uses. + +Note, to run conmon, you'll also need to have an OCI compliant runtime +installed, like [runc](https://github.com/opencontainers/runc) or +[crun](https://github.com/containers/crun). + +## Static build + +It is possible to build a statically linked binary of conmon by using +the officially provided +[nix](https://nixos.org/nixos/packages.html?attr=conmon&channel=nixpkgs-unstable&query=conmon) +package and the derivation of it [within this repository](nix/). The +builds are completely reproducible and will create a x86\_64/amd64 +stripped ELF binary for [glibc](https://www.gnu.org/software/libc). + +### Nix + +To build the binaries by locally installing the nix package manager: + +``` shell +nix build -f nix/ +``` + +### Ansible + +An [Ansible Role](https://github.com/alvistack/ansible-role-conmon) is +also available to automate the installation of the above statically +linked binary on its supported OS: + +``` shell +sudo su - +mkdir -p ~/.ansible/roles +cd ~/.ansible/roles +git clone https://github.com/alvistack/ansible-role-conmon.git conmon +cd ~/.ansible/roles/conmon +pip3 install --upgrade --ignore-installed --requirement requirements.txt +molecule converge +molecule verify +``` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/VERSION new/conmon-2.0.20/VERSION --- old/conmon-2.0.17/VERSION 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/VERSION 2020-07-28 15:57:21.000000000 +0200 @@ -1 +1 @@ -2.0.17 +2.0.20 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/install.md new/conmon-2.0.20/install.md --- old/conmon-2.0.17/install.md 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/install.md 1970-01-01 01:00:00.000000000 +0100 @@ -1,63 +0,0 @@ -# conmon Installation Instructions - -In most cases, conmon should be packaged with your favorite container manager. -However, if you'd like to try building it from source, follow the steps below. - -## Fedora, CentOS, RHEL, and related distributions: - -```bash -sudo yum install -y \ - gcc \ - git \ - glib2-devel \ - glibc-devel \ - make \ - pkgconfig \ - runc -``` - -## Debian, Ubuntu, and related distributions: - -```bash -sudo apt-get install \ - gcc \ - git \ - libc6-dev \ - libglib2.0-dev \ - pkg-config \ - make \ - runc -``` - -## Clone the repository and compile: - -``` bash -git clone https://github.com/containers/conmon.git -cd conmon -make -``` - -## Install with Ansible - -An [Ansible Role](https://github.com/alvistack/ansible-role-conmon) is also available to automate the above steps: - -``` bash -sudo su - -mkdir -p ~/.ansible/roles -cd ~/.ansible/roles -git clone https://github.com/alvistack/ansible-role-conmon.git conmon -cd ~/.ansible/roles/conmon -pip3 install --upgrade --ignore-installed --requirement requirements.txt -molecule converge -molecule verify -``` - -## Install to the directory you want: -There are three options for installation, depending on your environment. Each can have the PREFIX overridden. The PREFIX defaults to `/usr/local` for most Linux distributions. - -- `make install` installs to `$PREFIX/bin`, for adding conmon to the path. -- `make podman` installs to `$PREFIX/libexec/podman`, which is used to override the conmon version that Podman uses. -- `make crio` installs to `$PREFIX/libexec/crio`, which is used to override the conmon version that CRI-O uses. - - -* Note, to run conmon, you'll also need to have an OCI compliant runtime installed, like [runc](https://github.com/opencontainers/runc) or [crun](https://github.com/giuseppe/crun). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/nix/default.nix new/conmon-2.0.20/nix/default.nix --- old/conmon-2.0.17/nix/default.nix 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-2.0.20/nix/default.nix 2020-07-28 15:57:21.000000000 +0200 @@ -0,0 +1,78 @@ +{ system ? builtins.currentSystem }: +let + pkgs = (import ./nixpkgs.nix { + overlays = [(final: pkg: { + pcre = (static pkg.pcre).overrideAttrs(x: { + configureFlags = x.configureFlags ++ [ + "--enable-static" + ]; + }); + })]; + config = { + packageOverrides = pkg: { + autogen = (static pkg.autogen); + glib = (static pkg.glib).overrideAttrs(x: { + outputs = [ "bin" "out" "dev" ]; + mesonFlags = [ + "-Ddefault_library=static" + "-Ddevbindir=${placeholder ''dev''}/bin" + "-Dgtk_doc=false" + "-Dnls=disabled" + ]; + }); + gnutls = (static pkg.gnutls).overrideAttrs(x: { + configureFlags = (x.configureFlags or []) ++ [ + "--disable-non-suiteb-curves" + "--disable-openssl-compatibility" + "--disable-rpath" + "--enable-local-libopts" + "--without-p11-kit" + ]; + }); + systemd = (static pkg.systemd).overrideAttrs(x: { + mesonFlags = x.mesonFlags ++ [ + "-Dstatic-libsystemd=true" + ]; + postFixup = '' + ${x.postFixup} + sed -ri "s;$out/(.*);$nukedRef/\1;g" $lib/lib/libsystemd.a + ''; + }); + }; + }; + }); + + static = pkg: pkg.overrideAttrs(x: { + doCheck = false; + configureFlags = (x.configureFlags or []) ++ [ + "--without-shared" + "--disable-shared" + ]; + dontDisableStatic = true; + enableSharedExecutables = false; + enableStatic = true; + }); + + self = with pkgs; stdenv.mkDerivation rec { + name = "conmon"; + src = ./..; + vendorSha256 = null; + doCheck = false; + enableParallelBuilding = true; + outputs = [ "out" ]; + nativeBuildInputs = [ bash git pcre pkg-config which ]; + buildInputs = [ glibc glibc.static glib ]; + prePatch = '' + export CFLAGS='-static' + export LDFLAGS='-s -w -static-libgcc -static' + export EXTRA_LDFLAGS='-s -w -linkmode external -extldflags "-static -lm"' + ''; + buildPhase = '' + patchShebangs . + make + ''; + installPhase = '' + install -Dm755 bin/conmon $out/bin/conmon + ''; + }; +in self diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/nix/nixpkgs.json new/conmon-2.0.20/nix/nixpkgs.json --- old/conmon-2.0.17/nix/nixpkgs.json 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-2.0.20/nix/nixpkgs.json 2020-07-28 15:57:21.000000000 +0200 @@ -0,0 +1,7 @@ +{ + "url": "https://github.com/nixos/nixpkgs";, + "rev": "02591d02a910b3b92092153c5f3419a8d696aa1d", + "date": "2020-07-09T03:52:28+02:00", + "sha256": "1pp9v4rqmgx1b298gxix8b79m8pvxy1rcf8l25rxxxxnkr5ls1ng", + "fetchSubmodules": false +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/nix/nixpkgs.nix new/conmon-2.0.20/nix/nixpkgs.nix --- old/conmon-2.0.17/nix/nixpkgs.nix 1970-01-01 01:00:00.000000000 +0100 +++ new/conmon-2.0.20/nix/nixpkgs.nix 2020-07-28 15:57:21.000000000 +0200 @@ -0,0 +1,8 @@ +let + json = builtins.fromJSON (builtins.readFile ./nixpkgs.json); + nixpkgs = import (builtins.fetchTarball { + name = "nixos-unstable"; + url = "${json.url}/archive/${json.rev}.tar.gz"; + inherit (json) sha256; + }); +in nixpkgs diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/runner/conmon/options.go new/conmon-2.0.20/runner/conmon/options.go --- old/conmon-2.0.17/runner/conmon/options.go 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/runner/conmon/options.go 2020-07-28 15:57:21.000000000 +0200 @@ -52,6 +52,12 @@ } } +func WithLogLevel(path string) ConmonOption { + return func(ci *ConmonInstance) error { + return ci.addArgs("--log-level", path) + } +} + func WithLogDriver(driver, path string) ConmonOption { return func(ci *ConmonInstance) error { fullDriver := path @@ -62,6 +68,12 @@ } } +func WithLogPath(path string) ConmonOption { + return func(ci *ConmonInstance) error { + return ci.addArgs("--log-path", path) + } +} + func (ci *ConmonInstance) addArgs(args ...string) error { ci.args = append(ci.args, args...) return nil diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/runner/conmon_test/conmon_test.go new/conmon-2.0.20/runner/conmon_test/conmon_test.go --- old/conmon-2.0.17/runner/conmon_test/conmon_test.go 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/runner/conmon_test/conmon_test.go 2020-07-28 15:57:21.000000000 +0200 @@ -83,14 +83,19 @@ Describe("ctr logs", func() { var tmpDir string var tmpLogPath string + var origCwd string BeforeEach(func() { d, err := ioutil.TempDir(os.TempDir(), "conmon-") Expect(err).To(BeNil()) tmpDir = d tmpLogPath = filepath.Join(tmpDir, "log") + origCwd, err = os.Getwd() + Expect(err).To(BeNil()) }) AfterEach(func() { Expect(os.RemoveAll(tmpDir)).To(BeNil()) + err := os.Chdir(origCwd) + Expect(err).To(BeNil()) }) It("no log driver should fail", func() { _, stderr := getConmonOutputGivenOptions( @@ -101,6 +106,46 @@ ) Expect(stderr).To(ContainSubstring("Log driver not provided. Use --log-path")) }) + It("empty log driver should fail", func() { + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogPath(""), + ) + Expect(stderr).To(ContainSubstring("log-path must not be empty")) + }) + It("empty log driver and path should fail", func() { + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogPath(":"), + ) + Expect(stderr).To(ContainSubstring("log-path must not be empty")) + }) + It("k8s-file requires a filename", func() { + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogPath("k8s-file"), + ) + Expect(stderr).To(ContainSubstring("k8s-file requires a filename")) + }) + It("k8s-file: requires a filename", func() { + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogPath("k8s-file:"), + ) + Expect(stderr).To(ContainSubstring("k8s-file requires a filename")) + }) It("log driver as path should pass", func() { _, stderr := getConmonOutputGivenOptions( conmon.WithPath(conmonPath), @@ -114,7 +159,84 @@ _, err := os.Stat(tmpLogPath) Expect(err).To(BeNil()) }) + It("log driver as k8s-file:path should pass", func() { + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogDriver("k8s-file", tmpLogPath), + ) + Expect(stderr).To(BeEmpty()) + + _, err := os.Stat(tmpLogPath) + Expect(err).To(BeNil()) + }) + It("log driver as :path should pass", func() { + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogPath(":"+tmpLogPath), + ) + Expect(stderr).To(BeEmpty()) + + _, err := os.Stat(tmpLogPath) + Expect(err).To(BeNil()) + }) + It("log driver as none should pass", func() { + direrr := os.Chdir(tmpDir) + Expect(direrr).To(BeNil()) + + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogDriver("none", ""), + ) + Expect(stderr).To(BeEmpty()) + + _, err := os.Stat("none") + Expect(err).NotTo(BeNil()) + }) + It("log driver as off should pass", func() { + direrr := os.Chdir(tmpDir) + Expect(direrr).To(BeNil()) + + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogDriver("off", ""), + ) + Expect(stderr).To(BeEmpty()) + + _, err := os.Stat("off") + Expect(err).NotTo(BeNil()) + }) + It("log driver as null should pass", func() { + direrr := os.Chdir(tmpDir) + Expect(direrr).To(BeNil()) + + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogDriver("null", ""), + ) + Expect(stderr).To(BeEmpty()) + + _, err := os.Stat("none") + Expect(err).NotTo(BeNil()) + }) It("log driver as journald should pass", func() { + direrr := os.Chdir(tmpDir) + Expect(direrr).To(BeNil()) + _, stderr := getConmonOutputGivenOptions( conmon.WithPath(conmonPath), conmon.WithContainerID(ctrID), @@ -123,6 +245,25 @@ conmon.WithLogDriver("journald", ""), ) Expect(stderr).To(BeEmpty()) + + _, err := os.Stat("journald") + Expect(err).NotTo(BeNil()) + }) + It("log driver as :journald should pass", func() { + direrr := os.Chdir(tmpDir) + Expect(direrr).To(BeNil()) + + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogPath(":journald"), + ) + Expect(stderr).To(BeEmpty()) + + _, err := os.Stat("journald") + Expect(err).To(BeNil()) }) It("log driver as journald with short cid should fail", func() { // conmon requires a cid of len > 12 @@ -166,7 +307,18 @@ conmon.WithContainerID(ctrID), conmon.WithContainerUUID(ctrID), conmon.WithRuntimePath(validPath), - conmon.WithLogDriver("invalid", tmpLogPath), + conmon.WithLogDriver(invalidLogDriver, tmpLogPath), + ) + Expect(stderr).To(ContainSubstring("No such log driver " + invalidLogDriver)) + }) + It("log driver as invalid driver with a blank path should fail", func() { + invalidLogDriver := "invalid" + _, stderr := getConmonOutputGivenOptions( + conmon.WithPath(conmonPath), + conmon.WithContainerID(ctrID), + conmon.WithContainerUUID(ctrID), + conmon.WithRuntimePath(validPath), + conmon.WithLogDriver(invalidLogDriver, ""), ) Expect(stderr).To(ContainSubstring("No such log driver " + invalidLogDriver)) }) @@ -192,7 +344,7 @@ conmon.WithContainerUUID(ctrID), conmon.WithRuntimePath(validPath), conmon.WithLogDriver("k8s-file", tmpLogPath), - conmon.WithLogDriver("invalid", tmpLogPath), + conmon.WithLogDriver(invalidLogDriver, tmpLogPath), ) Expect(stderr).To(ContainSubstring("No such log driver " + invalidLogDriver)) }) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/cli.c new/conmon-2.0.20/src/cli.c --- old/conmon-2.0.17/src/cli.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/cli.c 2020-07-28 15:57:21.000000000 +0200 @@ -46,6 +46,8 @@ gboolean opt_replace_listen_pid = FALSE; char *opt_log_level = NULL; char *opt_log_tag = NULL; +gboolean opt_sync = FALSE; +gboolean opt_no_sync_log = FALSE; GOptionEntry opt_entries[] = { {"terminal", 't', 0, G_OPTION_ARG_NONE, &opt_terminal, "Terminal", NULL}, {"stdin", 'i', 0, G_OPTION_ARG_NONE, &opt_stdin, "Stdin", NULL}, @@ -89,6 +91,9 @@ {"syslog", 0, 0, G_OPTION_ARG_NONE, &opt_syslog, "Log to syslog (use with cgroupfs cgroup manager)", NULL}, {"log-level", 0, 0, G_OPTION_ARG_STRING, &opt_log_level, "Print debug logs based on log level", NULL}, {"log-tag", 0, 0, G_OPTION_ARG_STRING, &opt_log_tag, "Additional tag to use for logging", NULL}, + {"no-sync-log", 0, 0, G_OPTION_ARG_NONE, &opt_no_sync_log, "Do not manually call sync on logs after container shutdown", NULL}, + {"sync", 0, 0, G_OPTION_ARG_NONE, &opt_sync, "Allowing caller to keep the main conmon process as its child by only forking once", + NULL}, {NULL, 0, 0, 0, NULL, NULL, NULL}}; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/cli.h new/conmon-2.0.20/src/cli.h --- old/conmon-2.0.17/src/cli.h 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/cli.h 2020-07-28 15:57:21.000000000 +0200 @@ -1,7 +1,8 @@ #if !defined(CLI_H) #define CLI_H -#include <glib.h> /* gboolean and GOptionEntry */ +#include <glib.h> /* gboolean and GOptionEntry */ +#include <stdint.h> /* int64_t */ extern gboolean opt_version; extern gboolean opt_terminal; @@ -39,6 +40,8 @@ extern gboolean opt_replace_listen_pid; extern char *opt_log_level; extern char *opt_log_tag; +extern gboolean opt_no_sync_log; +extern gboolean opt_sync; extern GOptionEntry opt_entries[]; int initialize_cli(int argc, char *argv[]); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/conmon.c new/conmon-2.0.20/src/conmon.c --- old/conmon-2.0.17/src/conmon.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/conmon.c 2020-07-28 15:57:21.000000000 +0200 @@ -66,24 +66,29 @@ if (dev_null_w < 0) pexit("Failed to open /dev/null"); - /* In the create-container case we double-fork in - order to disconnect from the parent, as we want to - continue in a daemon-like way */ - pid_t main_pid = fork(); - if (main_pid < 0) { - pexit("Failed to fork the create command"); - } else if (main_pid != 0) { - if (opt_conmon_pid_file) { - char content[12]; - sprintf(content, "%i", main_pid); + /* In the non-sync case, we double-fork in + * order to disconnect from the parent, as we want to + * continue in a daemon-like way */ + if (!opt_sync) { + pid_t main_pid = fork(); + if (main_pid < 0) { + pexit("Failed to fork the create command"); + } else if (main_pid != 0) { + if (opt_conmon_pid_file) { + char content[12]; + sprintf(content, "%i", main_pid); - if (!g_file_set_contents(opt_conmon_pid_file, content, strlen(content), &err)) { - nexitf("Failed to write conmon pidfile: %s", err->message); + if (!g_file_set_contents(opt_conmon_pid_file, content, strlen(content), &err)) { + _pexitf("Failed to write conmon pidfile: %s", err->message); + } } + _exit(0); } - exit(0); } + /* before we fork, ensure our children will be reaped */ + atexit(reap_children); + /* Environment variables */ sync_pipe_fd = get_pipe_fd_from_env("_OCI_SYNCPIPE"); @@ -119,17 +124,17 @@ } _cleanup_free_ char *csname = NULL; - int slavefd_stdin = -1; - int slavefd_stdout = -1; - int slavefd_stderr = -1; + int workerfd_stdin = -1; + int workerfd_stdout = -1; + int workerfd_stderr = -1; int fds[2]; if (opt_terminal) { csname = setup_console_socket(); } else { /* - * Create a "fake" master fd so that we can use the same epoll code in - * both cases. The slavefd_*s will be closed after we dup over + * Create a "fake" main fd so that we can use the same epoll code in + * both cases. The workerfd_*s will be closed after we dup over * everything. * * We use pipes here because open(/dev/std{out,err}) will fail if we @@ -141,20 +146,20 @@ if (pipe2(fds, O_CLOEXEC) < 0) pexit("Failed to create !terminal stdin pipe"); - masterfd_stdin = fds[1]; - slavefd_stdin = fds[0]; + mainfd_stdin = fds[1]; + workerfd_stdin = fds[0]; - if (g_unix_set_fd_nonblocking(masterfd_stdin, TRUE, NULL) == FALSE) - nwarn("Failed to set masterfd_stdin to non blocking"); + if (g_unix_set_fd_nonblocking(mainfd_stdin, TRUE, NULL) == FALSE) + nwarn("Failed to set mainfd_stdin to non blocking"); } if (pipe2(fds, O_CLOEXEC) < 0) pexit("Failed to create !terminal stdout pipe"); - masterfd_stdout = fds[0]; - slavefd_stdout = fds[1]; + mainfd_stdout = fds[0]; + workerfd_stdout = fds[1]; - /* now that we've set masterfd_stdout, we can register the ctrl_winsz_cb + /* now that we've set mainfd_stdout, we can register the ctrl_winsz_cb * if we didn't set it here, we'd risk attempting to run ioctl on * a negative fd, and fail to resize the window */ g_unix_fd_add(winsz_fd_r, G_IO_IN, ctrl_winsz_cb, NULL); @@ -165,8 +170,8 @@ if (pipe2(fds, O_CLOEXEC) < 0) pexit("Failed to create stderr pipe"); - masterfd_stderr = fds[0]; - slavefd_stderr = fds[1]; + mainfd_stderr = fds[0]; + workerfd_stderr = fds[1]; GPtrArray *runtime_argv = configure_runtime_args(csname); @@ -202,28 +207,28 @@ pexit("Failed to fork the create command"); } else if (!create_pid) { if (prctl(PR_SET_PDEATHSIG, SIGKILL) < 0) - pexit("Failed to set PDEATHSIG"); + _pexit("Failed to set PDEATHSIG"); if (sigprocmask(SIG_SETMASK, &oldmask, NULL) < 0) - pexit("Failed to unblock signals"); + _pexit("Failed to unblock signals"); - if (slavefd_stdin < 0) - slavefd_stdin = dev_null_r; - if (dup2(slavefd_stdin, STDIN_FILENO) < 0) - pexit("Failed to dup over stdin"); + if (workerfd_stdin < 0) + workerfd_stdin = dev_null_r; + if (dup2(workerfd_stdin, STDIN_FILENO) < 0) + _pexit("Failed to dup over stdin"); if (fchmod(STDIN_FILENO, 0777) < 0) nwarn("Failed to chown stdin"); - if (slavefd_stdout < 0) - slavefd_stdout = dev_null_w; - if (dup2(slavefd_stdout, STDOUT_FILENO) < 0) - pexit("Failed to dup over stdout"); + if (workerfd_stdout < 0) + workerfd_stdout = dev_null_w; + if (dup2(workerfd_stdout, STDOUT_FILENO) < 0) + _pexit("Failed to dup over stdout"); if (fchmod(STDOUT_FILENO, 0777) < 0) nwarn("Failed to chown stdout"); - if (slavefd_stderr < 0) - slavefd_stderr = slavefd_stdout; - if (dup2(slavefd_stderr, STDERR_FILENO) < 0) - pexit("Failed to dup over stderr"); + if (workerfd_stderr < 0) + workerfd_stderr = workerfd_stdout; + if (dup2(workerfd_stderr, STDERR_FILENO) < 0) + _pexit("Failed to dup over stderr"); if (fchmod(STDERR_FILENO, 0777) < 0) nwarn("Failed to chown stderr"); @@ -234,13 +239,13 @@ errno = 0; int lpid = strtol(listenpid, NULL, 10); if (errno != 0 || lpid <= 0) - pexitf("Invalid LISTEN_PID %.10s", listenpid); + _pexitf("Invalid LISTEN_PID %.10s", listenpid); if (opt_replace_listen_pid || lpid == getppid()) { gchar *pidstr = g_strdup_printf("%d", getpid()); if (!pidstr) - pexit("Failed to g_strdup_sprintf pid"); + _pexit("Failed to g_strdup_sprintf pid"); if (setenv("LISTEN_PID", pidstr, true) < 0) - pexit("Failed to setenv LISTEN_PID"); + _pexit("Failed to setenv LISTEN_PID"); free(pidstr); } } @@ -254,7 +259,7 @@ num_read = read(start_pipe_fd, buf, BUF_SIZE); ndebug("exec with attach got start message from parent"); if (num_read < 0) { - pexit("start-pipe read failed"); + _pexit("start-pipe read failed"); } close(start_pipe_fd); } @@ -295,12 +300,12 @@ g_ptr_array_free(runtime_argv, TRUE); /* The runtime has that fd now. We don't need to touch it anymore. */ - if (slavefd_stdin > -1) - close(slavefd_stdin); - if (slavefd_stdout > -1) - close(slavefd_stdout); - if (slavefd_stderr > -1) - close(slavefd_stderr); + if (workerfd_stdin > -1) + close(workerfd_stdin); + if (workerfd_stdout > -1) + close(workerfd_stdout); + if (workerfd_stderr > -1) + close(workerfd_stderr); if (csname != NULL) { g_unix_fd_add(console_socket_fd, G_IO_IN, terminal_accept_cb, csname); @@ -333,7 +338,7 @@ * Read from container stderr for any error and send it to parent * We send -1 as pid to signal to parent that create container has failed. */ - num_read = read(masterfd_stderr, buf, BUF_SIZE - 1); + num_read = read(mainfd_stderr, buf, BUF_SIZE - 1); if (num_read > 0) { buf[num_read] = '\0'; int to_report = -1; @@ -347,7 +352,7 @@ nexitf("Failed to create container: exit status %d", get_exit_status(runtime_status)); } - if (opt_terminal && masterfd_stdout == -1) + if (opt_terminal && mainfd_stdout == -1) nexit("Runtime did not set up terminal"); /* Read the pid so we can wait for the process to exit */ @@ -372,11 +377,11 @@ setup_oom_handling(container_pid); - if (masterfd_stdout >= 0) { - g_unix_fd_add(masterfd_stdout, G_IO_IN, stdio_cb, GINT_TO_POINTER(STDOUT_PIPE)); + if (mainfd_stdout >= 0) { + g_unix_fd_add(mainfd_stdout, G_IO_IN, stdio_cb, GINT_TO_POINTER(STDOUT_PIPE)); } - if (masterfd_stderr >= 0) { - g_unix_fd_add(masterfd_stderr, G_IO_IN, stdio_cb, GINT_TO_POINTER(STDERR_PIPE)); + if (mainfd_stderr >= 0) { + g_unix_fd_add(mainfd_stderr, G_IO_IN, stdio_cb, GINT_TO_POINTER(STDERR_PIPE)); } if (opt_timeout > 0) { @@ -426,7 +431,8 @@ if (!timed_out) drain_stdio(); - sync_logs(); + if (!opt_no_sync_log) + sync_logs(); int exit_status = -1; const char *exit_message = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/conn_sock.c new/conmon-2.0.20/src/conn_sock.c --- old/conmon-2.0.17/src/conn_sock.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/conn_sock.c 2020-07-28 15:57:21.000000000 +0200 @@ -18,8 +18,8 @@ static gboolean read_conn_sock(struct conn_sock_s *sock); static gboolean terminate_conn_sock(struct conn_sock_s *sock); void conn_sock_shutdown(struct conn_sock_s *sock, int how); -static void sock_try_write_to_masterfd_stdin(struct conn_sock_s *sock); -static gboolean masterfd_write_cb(G_GNUC_UNUSED int fd, G_GNUC_UNUSED GIOCondition condition, G_GNUC_UNUSED gpointer user_data); +static void sock_try_write_to_mainfd_stdin(struct conn_sock_s *sock); +static gboolean mainfd_write_cb(G_GNUC_UNUSED int fd, G_GNUC_UNUSED GIOCondition condition, G_GNUC_UNUSED gpointer user_data); char *setup_console_socket(void) { @@ -176,21 +176,21 @@ sock->remaining = num_read; sock->off = 0; - sock_try_write_to_masterfd_stdin(sock); + sock_try_write_to_mainfd_stdin(sock); /* Not everything was written to stdin, let's wait for the fd to be ready. */ if (sock->remaining) - schedule_master_stdin_write(); + schedule_main_stdin_write(); return G_SOURCE_CONTINUE; } static gboolean terminate_conn_sock(struct conn_sock_s *sock) { conn_sock_shutdown(sock, SHUT_RD); - if (masterfd_stdin >= 0 && opt_stdin) { + if (mainfd_stdin >= 0 && opt_stdin) { if (!opt_leave_stdin_open) { - close(masterfd_stdin); - masterfd_stdin = -1; + close(mainfd_stdin); + mainfd_stdin = -1; } else { ninfo("Not closing input"); } @@ -222,12 +222,12 @@ } } -static void write_to_masterfd_stdin(gpointer data, gpointer user_data) +static void write_to_mainfd_stdin(gpointer data, gpointer user_data) { struct conn_sock_s *sock = (struct conn_sock_s *)data; bool *has_data = user_data; - sock_try_write_to_masterfd_stdin(sock); + sock_try_write_to_mainfd_stdin(sock); if (sock->remaining) *has_data = true; @@ -237,12 +237,12 @@ } } -static void sock_try_write_to_masterfd_stdin(struct conn_sock_s *sock) +static void sock_try_write_to_mainfd_stdin(struct conn_sock_s *sock) { - if (!sock->remaining || masterfd_stdin < 0) + if (!sock->remaining || mainfd_stdin < 0) return; - ssize_t w = write(masterfd_stdin, sock->buf + sock->off, sock->remaining); + ssize_t w = write(mainfd_stdin, sock->buf + sock->off, sock->remaining); if (w < 0) { nwarn("Failed to write to container stdin"); } else { @@ -251,20 +251,20 @@ } } -static gboolean masterfd_write_cb(G_GNUC_UNUSED int fd, G_GNUC_UNUSED GIOCondition condition, G_GNUC_UNUSED gpointer user_data) +static gboolean mainfd_write_cb(G_GNUC_UNUSED int fd, G_GNUC_UNUSED GIOCondition condition, G_GNUC_UNUSED gpointer user_data) { bool has_data = FALSE; - if (masterfd_stdin < 0) + if (mainfd_stdin < 0) return G_SOURCE_REMOVE; - g_ptr_array_foreach(conn_socks, write_to_masterfd_stdin, &has_data); + g_ptr_array_foreach(conn_socks, write_to_mainfd_stdin, &has_data); if (has_data) return G_SOURCE_CONTINUE; return G_SOURCE_REMOVE; } -void schedule_master_stdin_write() +void schedule_main_stdin_write() { - g_unix_fd_add(masterfd_stdin, G_IO_OUT, masterfd_write_cb, NULL); + g_unix_fd_add(mainfd_stdin, G_IO_OUT, mainfd_write_cb, NULL); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/conn_sock.h new/conmon-2.0.20/src/conn_sock.h --- old/conmon-2.0.17/src/conn_sock.h 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/conn_sock.h 2020-07-28 15:57:21.000000000 +0200 @@ -18,6 +18,6 @@ char *setup_console_socket(void); char *setup_attach_socket(void); void conn_sock_shutdown(struct conn_sock_s *sock, int how); -void schedule_master_stdin_write(); +void schedule_main_stdin_write(); #endif // CONN_SOCK_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/ctr_exit.c new/conmon-2.0.20/src/ctr_exit.c --- old/conmon-2.0.17/src/ctr_exit.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/ctr_exit.c 2020-07-28 15:57:21.000000000 +0200 @@ -133,6 +133,12 @@ void do_exit_command() { + /* even though we've already registered reap_children, + * atexit() runs functions in reverse, so we need to + * manually call here. Repeated calls will not cause trouble + */ + reap_children(); + if (sync_pipe_fd > 0) { close(sync_pipe_fd); sync_pipe_fd = -1; @@ -186,3 +192,11 @@ /* Should not happen, but better be safe. */ _exit(EXIT_FAILURE); } + +void reap_children() +{ + /* We need to reap any zombies (from an OCI runtime that errored) before + exiting */ + while (waitpid(-1, NULL, WNOHANG) > 0) + ; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/ctr_exit.h new/conmon-2.0.20/src/ctr_exit.h --- old/conmon-2.0.17/src/ctr_exit.h 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/ctr_exit.h 2020-07-28 15:57:21.000000000 +0200 @@ -23,5 +23,6 @@ void runtime_exit_cb(G_GNUC_UNUSED GPid pid, int status, G_GNUC_UNUSED gpointer user_data); void container_exit_cb(G_GNUC_UNUSED GPid pid, int status, G_GNUC_UNUSED gpointer user_data); void do_exit_command(); +void reap_children(); #endif // CTR_EXIT_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/ctr_logging.c new/conmon-2.0.20/src/ctr_logging.c --- old/conmon-2.0.17/src/ctr_logging.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/ctr_logging.c 2020-07-28 15:57:21.000000000 +0200 @@ -1,5 +1,6 @@ #define _GNU_SOURCE #include "ctr_logging.h" +#include "cli.h" #include <string.h> // if the systemd development files were found, we can log to systemd @@ -139,22 +140,49 @@ */ static void parse_log_path(char *log_config) { + const char *delim = strchr(log_config, ':'); char *driver = strtok(log_config, ":"); char *path = strtok(NULL, ":"); + + if (path == NULL && driver == NULL) { + nexitf("log-path must not be empty"); + } + + // :none is not the same as none, nor is :journald the same as journald + // we check the delim here though, because we DO want to match "none" as the none driver + if (path == NULL && delim == log_config) { + path = driver; + driver = (char *)K8S_FILE_STRING; + } + + if (!strcmp(driver, "off") || !strcmp(driver, "null") || !strcmp(driver, "none")) { + // no-op, this means things like --log-driver journald --log-driver none will still log to journald. + return; + } + if (!strcmp(driver, JOURNALD_FILE_STRING)) { use_journald_logging = TRUE; return; } - use_k8s_logging = TRUE; - // If no : was found, driver is the log path, and the driver is - // kubernetes-log-file, set variables appropriately - if (path == NULL) { - k8s_log_path = driver; - } else if (!strcmp(driver, K8S_FILE_STRING)) { + + // Driver is k8s-file or empty + if (!strcmp(driver, K8S_FILE_STRING)) { + if (path == NULL) { + nexitf("k8s-file requires a filename"); + } + use_k8s_logging = TRUE; k8s_log_path = path; - } else { - nexitf("No such log driver %s", driver); + return; + } + + // If no : was found, use the entire log-path as a filename to k8s-file. + if (path == NULL && delim == NULL) { + use_k8s_logging = TRUE; + k8s_log_path = driver; + return; } + + nexitf("No such log driver %s", driver); } /* write container output to all logs the user defined */ @@ -226,7 +254,7 @@ return -1; /* only print the name if we have a name to print */ - if (name && writev_buffer_append_segment(dev_null, &bufv, container_name, name_len + CID_FULL_EQ_LEN) < 0) + if (name && writev_buffer_append_segment(dev_null, &bufv, container_name, name_len + NAME_EQ_LEN) < 0) return -1; /* per docker journald logging format, CONTAINER_PARTIAL_MESSAGE is set to true if it's partial, but otherwise not set. */ @@ -486,7 +514,7 @@ _cleanup_free_ char *k8s_log_path_tmp = g_strdup_printf("%s.tmp", k8s_log_path); /* Sync the logs to disk */ - if (fsync(k8s_log_fd) < 0) { + if (!opt_no_sync_log && fsync(k8s_log_fd) < 0) { pwarn("Failed to sync log file on reopen"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/ctr_stdio.c new/conmon-2.0.20/src/ctr_stdio.c --- old/conmon-2.0.17/src/ctr_stdio.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/ctr_stdio.c 2020-07-28 15:57:21.000000000 +0200 @@ -35,8 +35,8 @@ } if (has_hup && opt_terminal && pipe == STDOUT_PIPE) { - /* We got a HUP from the terminal master this means there - are no open slaves ptys atm, and we will get a lot + /* We got a HUP from the terminal main this means there + are no open workers ptys atm, and we will get a lot of wakeups until we have one, switch to polling mode. */ @@ -64,14 +64,14 @@ * waiting for container_exit_cb that will never be called. */ if (pipe == STDOUT_PIPE) { - masterfd_stdout = -1; - if (container_status >= 0 && masterfd_stderr < 0) { + mainfd_stdout = -1; + if (container_status >= 0 && mainfd_stderr < 0) { g_main_loop_quit(main_loop); } } if (pipe == STDERR_PIPE) { - masterfd_stderr = -1; - if (container_status >= 0 && masterfd_stdout < 0) { + mainfd_stderr = -1; + if (container_status >= 0 && mainfd_stdout < 0) { g_main_loop_quit(main_loop); } } @@ -85,14 +85,14 @@ void drain_stdio() { - if (masterfd_stdout != -1) { - g_unix_set_fd_nonblocking(masterfd_stdout, TRUE, NULL); - while (read_stdio(masterfd_stdout, STDOUT_PIPE, NULL)) + if (mainfd_stdout != -1) { + g_unix_set_fd_nonblocking(mainfd_stdout, TRUE, NULL); + while (read_stdio(mainfd_stdout, STDOUT_PIPE, NULL)) ; } - if (masterfd_stderr != -1) { - g_unix_set_fd_nonblocking(masterfd_stderr, TRUE, NULL); - while (read_stdio(masterfd_stderr, STDERR_PIPE, NULL)) + if (mainfd_stderr != -1) { + g_unix_set_fd_nonblocking(mainfd_stderr, TRUE, NULL); + while (read_stdio(mainfd_stderr, STDERR_PIPE, NULL)) ; } return; @@ -149,6 +149,6 @@ static gboolean tty_hup_timeout_cb(G_GNUC_UNUSED gpointer user_data) { tty_hup_timeout_scheduled = false; - g_unix_fd_add(masterfd_stdout, G_IO_IN, stdio_cb, GINT_TO_POINTER(STDOUT_PIPE)); + g_unix_fd_add(mainfd_stdout, G_IO_IN, stdio_cb, GINT_TO_POINTER(STDOUT_PIPE)); return G_SOURCE_REMOVE; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/ctr_stdio.h new/conmon-2.0.20/src/ctr_stdio.h --- old/conmon-2.0.17/src/ctr_stdio.h 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/ctr_stdio.h 2020-07-28 15:57:21.000000000 +0200 @@ -1,7 +1,8 @@ #if !defined(CTR_STDIO_H) #define CTR_STDIO_H -#include <glib.h> /* GIOCondition and gpointer */ +#include <glib.h> /* GIOCondition and gpointer */ +#include <stdint.h> /* int64_t */ gboolean stdio_cb(int fd, GIOCondition condition, gpointer user_data); void drain_stdio(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/ctrl.c new/conmon-2.0.20/src/ctrl.c --- old/conmon-2.0.17/src/ctrl.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/ctrl.c 2020-07-28 15:57:21.000000000 +0200 @@ -32,7 +32,8 @@ /* Not accepting anything else. */ const char *csname = user_data; - unlink(csname); + if (unlink(csname) < 0) + nwarnf("failed to unlink %s", csname); close(fd); /* We exit if this fails. */ @@ -57,14 +58,14 @@ exit: /* We only have a single fd for both pipes, so we just treat it as * stdout. stderr is ignored. */ - masterfd_stdin = console.fd; - masterfd_stdout = console.fd; + mainfd_stdin = console.fd; + mainfd_stdout = console.fd; /* Now that we have a fd to the tty, make sure we handle any pending data * that was already buffered. */ - schedule_master_stdin_write(); + schedule_main_stdin_write(); - /* now that we've set masterfd_stdout, we can register the ctrl_winsz_cb + /* now that we've set mainfd_stdout, we can register the ctrl_winsz_cb * if we didn't set it here, we'd risk attempting to run ioctl on * a negative fd, and fail to resize the window */ g_unix_fd_add(winsz_fd_r, G_IO_IN, ctrl_winsz_cb, NULL); @@ -216,7 +217,7 @@ ws.ws_row = height; ws.ws_col = width; - int ret = ioctl(masterfd_stdout, TIOCSWINSZ, &ws); + int ret = ioctl(mainfd_stdout, TIOCSWINSZ, &ws); if (ret == -1) pwarn("Failed to set process pty terminal size"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/globals.c new/conmon-2.0.20/src/globals.c --- old/conmon-2.0.17/src/globals.c 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/globals.c 2020-07-28 15:57:21.000000000 +0200 @@ -3,9 +3,9 @@ int runtime_status = -1; int container_status = -1; -int masterfd_stdin = -1; -int masterfd_stdout = -1; -int masterfd_stderr = -1; +int mainfd_stdin = -1; +int mainfd_stdout = -1; +int mainfd_stderr = -1; GPtrArray *conn_socks = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/globals.h new/conmon-2.0.20/src/globals.h --- old/conmon-2.0.17/src/globals.h 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/globals.h 2020-07-28 15:57:21.000000000 +0200 @@ -8,9 +8,9 @@ extern int runtime_status; extern int container_status; -extern int masterfd_stdin; -extern int masterfd_stdout; -extern int masterfd_stderr; +extern int mainfd_stdin; +extern int mainfd_stdout; +extern int mainfd_stderr; extern GPtrArray *conn_socks; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.0.17/src/utils.h new/conmon-2.0.20/src/utils.h --- old/conmon-2.0.17/src/utils.h 2020-05-26 17:29:46.000000000 +0200 +++ new/conmon-2.0.20/src/utils.h 2020-07-28 15:57:21.000000000 +0200 @@ -43,6 +43,14 @@ _exit(EXIT_FAILURE); \ } while (0) +#define _pexitf(fmt, ...) \ + do { \ + fprintf(stderr, "[conmon:e]: " fmt " %s\n", ##__VA_ARGS__, strerror(errno)); \ + if (use_syslog) \ + syslog(LOG_ERR, "conmon %.20s <error>: " fmt ": %s\n", log_cid, ##__VA_ARGS__, strerror(errno)); \ + _exit(EXIT_FAILURE); \ + } while (0) + #define pexit(s) \ do { \ fprintf(stderr, "[conmon:e]: %s %s\n", s, strerror(errno)); \
