Comments (7)
Again, thanks for the detailed bug report and doing a lot of the debugging on our behalf. I am sending a fix.
from gvisor.
Small note: systemd
itself, even if it were installed successfully, would probably not run in gVisor. Last time this was attempted, gVisor was still missing the implementation of some syscalls and functionality (cgroups perhaps?) to make it work properly.
from gvisor.
@EtiennePerot thanks for the reply. I'm not too surprised to be honest. The install of systemd
was actually resulting from apt-get install npm
, and it's possible that npm
would work correctly if the systemd
dep succeeded.
from gvisor.
Hmm, open(2) says:
O_PATH (since Linux 2.6.39)
Obtain a file descriptor that can be used for two
purposes: to indicate a location in the filesystem tree
and to perform operations that act purely at the file
descriptor level. The file itself is not opened, and
other file operations (e.g., read(2), write(2), fchmod(2),
fchown(2), fgetxattr(2), ioctl(2), mmap(2)) fail with the
error EBADF.
But it seems like O_PATH FD is allowed to make fchown(2) with AT_EMPTY_PATH?
from gvisor.
O_PATH FD is allowed to make fchown(2) with AT_EMPTY_PATH?
Yes that's my interpretation of the open(2)
and fchownat(2)
docs.
AT_EMPTY_PATH (since Linux 2.6.39)
If pathname is an empty string, operate on the file referred to
by dirfd (which may have been obtained using the [open(2)](http://man.he.net/man2/open) O_PATH
flag).
....
from gvisor.
#9468 should be the right fix.
from gvisor.
Nice one!
from gvisor.
Related Issues (20)
- Support systemd IPAccounting or alternative HOT 1
- Unable to checkpoint containers started with `-nvproxy` HOT 7
- Running runsc with containerd and `--nvproxy=true` removes NVIDIA drivers from container in Kubernetes HOT 10
- 'nvproxy: unknown allocation class' running text-generation-inference on A100 HOT 2
- Runtime processes blocked on ppoll HOT 14
- nvproxy assumes GPU index == minor device ID, which isn't always true HOT 27
- sandbox networking doesn't work with rootless podman, hostinet does HOT 2
- runsc should use the last NVIDIA_VISIBLE_DEVICES value from `spec.Process.Env`
- Running nvproxy containers without Docker HOT 3
- Small (8 byte) /dev/urandom reads can be partial HOT 8
- ffmpeg with `h264_nvenc` fails to run on gVisor with `-nvproxy` HOT 2
- mips64 crash in checksum_noasm_unsafe.go HOT 6
- Unresolved Elements Exist HOT 4
- `docker update` command fails with runsc HOT 6
- Fail to build runsc from the go branch with standard go tooling
- gVisor fails to detect memory/cpu w/ systemd+cgroupsv2 HOT 11
- cudaMallocManaged() is unsupported in nvproxy
- text-embeddings-inference fails with error attempting to alloc NV_CONFIDENTIAL_COMPUTE object HOT 4
- gvisor panic: Invalid MmapLayout HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gvisor.