openstack/tripleo-heat-templates
Code Issues Proposed changes

Use '0' instead of root in container-puppet.py

Browse Source 
Even though the number of user lookups have been reduced from two to one
via https://github.com/containers/libpod/pull/1978, we still see the
following error from time to time:
time="2019-11-22T19:19:33Z" level=debug msg="ExitCode msg: \"unable to find user root: no matching entries in passwd file\""
time="2019-11-22T19:19:33Z" level=error msg="unable to find user root: no matching entries in passwd file"

The TLDR; is that podman/docker, when passed a --user=<name> parameter,
will parse the /etc/passwd file inside the container and detect the
uid/gid to switch to. The problem seems to be that sometimes this
/etc/passwd is either read as empty or non-existant when we try and
parse it (the root-cause of which is the real underlying bug).

Since it seems that root-causing this will take a rather large amount of
time, we can just pass the UID directly which will not fail when
the parsing code cannot find the specified user in /etc/passwd, as it
simply uses the provided UID:
https://github.com/containers/libpod/blob/master/vendor/github.com/opencontainers/runc/libcontainer/user/user.go#L333

Tested this by running a reproducer on three machines for a total
of ~800 runs and had 0 occurrences of this error. Previously I could
reproduce this issue in about 30 to 60 runs at most.

Related rhbz: 1776766
Related-Bug: #1803544

Change-Id: Ia9860107c35e543a05775596076873ea950b7400
This commit is contained in:
Michele Baldessari 2019-11-26 17:18:03 +01:00 committed by Alex Schultz
parent 9af663bc20
commit 393e96b5b9
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
common/container-puppet.py
View File

@ -200,7 +200,12 @@ def mp_puppet_config(*args):
CLI_CMD,
'run',
'--user',
'root',
# Using '0' and not 'root' because it seems podman is susceptible to a race condition
# https://bugzilla.redhat.com/show_bug.cgi?id=1776766 and
# https://bugs.launchpad.net/tripleo/+bug/1803544 which are still lurking
# by using a UID we skip the code that parses /etc/passwd entirely and basically
# paper over this issue
'0',
'--name',
uname,
'--env',