openstack
/
openstack-ansible-plugins
Code Issues Proposed changes

Resolve nsenter fork exception 

with the consolidation of container attachment methods we've seen issues
where attaching to a container a container can result in the following
error.

> __libc_fork: Assertion `THREAD_GETMEM (self, tid) != ppid'

This error is being caused by a bug in glibc which has been resolved in
2.25+.

* https://sourceware.org/bugzilla/show_bug.cgi?id=15392

To resolve this issue the lxc-attach method has been put back when
interacting with lxc type containers. While this issue has been fixed it
is not something we can rely on being fixed in all supported distros at
this time. To resolve this across the board the old lxc-attach command
has been restored to the connection plugin which has worked around the
libc issues internally.

Change-Id: I97cb3f92ae67b2c5c098c8792a0793972ec0105a
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
This commit is contained in:
Kevin Carter 2018-03-09 14:19:06 -06:00
parent 9dc4ce2a04
commit d775e36e80
No known key found for this signature in database
GPG Key ID: 9443251A787B9FB3
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
connection/ssh.py
View File

@ -357,10 +357,13 @@ class Connection(SSH.Connection):
# to a command etc... It's somewhat ugly but maybe it can be
# improved somehow...
_pad = None
if self.container_tech in ['lxc', 'nspawn']:
if self.container_tech == 'lxc':
_pad = 'lxc-attach --clear-env --name %s' % self.container_name
elif self.container_tech == 'nspawn':
_, pid_path = self._pid_lookup(subdir='ns')
ns_cmd = 'nsenter ' + self.container_namespaces
_pad = ns_cmd.format(path=pid_path)
if _pad:
cmd = '%s -- su - %s -c %s' % (
_pad,