Skip to content

Commit d2fac01

Browse files
ningmingxiaoningmingxiao
committed
fix runc's poststart behaviour doesn't match the runtime-spec
Signed-off-by: ningmingxiao <ning.mingxiao@zte.com.cn>
1 parent 3778ae6 commit d2fac01

File tree

1 file changed

+35
-15
lines changed

1 file changed

+35
-15
lines changed

libcontainer/container_linux.go

Lines changed: 35 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -236,7 +236,16 @@ func (c *Container) exec() error {
236236
for {
237237
select {
238238
case result := <-blockingFifoOpenCh:
239-
return handleFifoResult(result)
239+
err := handleFifoResult(result)
240+
if err != nil {
241+
return err
242+
}
243+
err = c.postStart()
244+
if err != nil {
245+
logrus.Warnf("postStart: %v", err)
246+
return c.signal(unix.SIGKILL)
247+
}
248+
return nil
240249

241250
case <-time.After(time.Millisecond * 100):
242251
stat, err := system.Stat(pid)
@@ -246,12 +255,30 @@ func (c *Container) exec() error {
246255
if err := handleFifoResult(fifoOpen(path, false)); err != nil {
247256
return errors.New("container process is already dead")
248257
}
258+
err := c.postStart()
259+
if err != nil {
260+
logrus.Warnf("postStart: %v", err)
261+
return c.signal(unix.SIGKILL)
262+
}
249263
return nil
250264
}
251265
}
252266
}
253267
}
254268

269+
func (c *Container) postStart() error {
270+
s, err := c.currentOCIState()
271+
if err != nil {
272+
return err
273+
}
274+
if c.config.Hooks != nil {
275+
if err := c.config.Hooks.Run(configs.Poststart, s); err != nil {
276+
return fmt.Errorf("run postStart hook: %w", err)
277+
}
278+
}
279+
return nil
280+
}
281+
255282
func readFromExecFifo(execFifo io.Reader) error {
256283
data, err := io.ReadAll(execFifo)
257284
if err != nil {
@@ -353,19 +380,6 @@ func (c *Container) start(process *Process) (retErr error) {
353380

354381
if process.Init {
355382
c.fifo.Close()
356-
if c.config.Hooks != nil {
357-
s, err := c.currentOCIState()
358-
if err != nil {
359-
return err
360-
}
361-
362-
if err := c.config.Hooks.Run(configs.Poststart, s); err != nil {
363-
if err := ignoreTerminateErrors(parent.terminate()); err != nil {
364-
logrus.Warn(fmt.Errorf("error running poststart hook: %w", err))
365-
}
366-
return err
367-
}
368-
}
369383
}
370384
return nil
371385
}
@@ -375,7 +389,13 @@ func (c *Container) start(process *Process) (retErr error) {
375389
// When s is SIGKILL and the container does not have its own PID namespace, all
376390
// the container's processes are killed. In this scenario, the libcontainer
377391
// user may be required to implement a proper child reaper.
378-
func (c *Container) Signal(s os.Signal) error {
392+
func (c *Container) Signal(s os.Signal, all bool) error {
393+
c.m.Lock()
394+
defer c.m.Unlock()
395+
return c.signal(s)
396+
}
397+
398+
func (c *Container) signal(s os.Signal) error {
379399
c.m.Lock()
380400
defer c.m.Unlock()
381401

0 commit comments

Comments
 (0)