Fix logging for dropping capabilities#3436
Conversation
Signed-off-by: Stepan Koltsov <stepan.koltsov@gmail.com>
stepancheg
force-pushed
the
logging-capabilities
branch
from
307dfff to
ca29917
Compare
saku3
added
the
kind/cleanup
|
I think it’s still worth applying this fix. That said, to pinpoint the failure we’ll need a strace to see exactly which syscall returns an error. |
|
For the logs here, can we have pair of logs for each? one before the syscall saying @saku3 will this help in your point? we already have a log of that shows setcaps failed. |
It does not show which one, and what were the parameters. |
|
@YJDoc2 You're right — even without taking an strace, we can tell which syscall failed from the logs. And as you suggested, it would be even better if we could also see which capability set the failure occurred in. |
Maybe I was not clear in my last comment, what I meant was we need this PR, the changes here should be added, and I will also request you to change the logs to have one before and one after the syscall, as I mentioned. After that, we will have logs to show which caps youki was working on, and we already have a log for syscall failed, so after this PR we should have a better understanding of cap set failures. We don't need any log in the syscall related code itself, because there is already a syscall failed log. Personally I don't think we need another log to show just the syscall params along with changes in this pr. If you can make the changes to logging as suggested, I think this should be good to merge quickly, only logging changes, so as long as CI passes, we are good. |
|
@YJDoc2 I checked youki code, nowhere there's second log line after successful operation, except maybe some heavy high level operations. Separately, I think extensive logging might better be replaced with better error reporting. I would just introduce dependency on |
|
@stepancheg In the case of anyhow, will errors in forked processes be displayed properly? I am just curious. Please let me know if you happen to know. |
utam0k
left a comment
utam0k
left a comment
There was a problem hiding this comment.
There are other points to discuss, but this PR is worth merging.
YJDoc2
left a comment
YJDoc2
left a comment
There was a problem hiding this comment.
While I want to get these changes merged, I'd strongly prefer to have a success log after as well. For example, instead of just
tracing::debug!("dropping permitted capabilities to {:?}", permitted);
syscall.set_capability(CapSet::Permitted, &to_set(permitted))?;we should have
tracing::debug!("dropping permitted capabilities to {:?}", permitted);
syscall.set_capability(CapSet::Permitted, &to_set(permitted))?;
tracing::debug!("successfully dropped permitted capabilities");Current version is ok, I don't think above change should block the pr from merging, so approving, but would request this to be addressed in another pr.
This code is executed in forked process? OoO. I think there's a lot of things that may go wrong. No, anyhow is not safe: malloc is illegal in forked process, and anyhow error always allocates. Anyhow formatting per se is more or less safe (except backtrace formatting if backtrace capturing is enabled). But even |
|
Regardless of the changes in this PR, I suppose to use anyhow throughout the entire project. youki performs various tasks in the forked (cloned) process, but youki has a history of encountering all kinds of bugs in child processes. Determining how to provide user friendly errors is a difficult problem, and we still do not know what the correct approach is. |
|
@YJDoc2 If you don't mind, please merge this PR. |
Yes, my comment is not a blocker. Going ahead and merging :) |
4 participants
Description
Logging is incomplete. If syscall fails, logs does not show what failed.
Type of Change
Testing
Related Issues
Additional Context