Skip to content

Initial set of patches for supporting CloudABI #16612

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
EdSchouten wants to merge 3 commits into from
Closed

Initial set of patches for supporting CloudABI #16612

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3a6b130
build: Add CloudABI as a POSIX-like runtime environment.
EdSchouten Oct 30, 2017
c715007
src: Disable use of pwd.h, grp.h and get*uid() on CloudABI.
EdSchouten Oct 30, 2017
dc2ae93
src: Explicitly include <netdb.h>.
EdSchouten Oct 30, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
src: Disable use of pwd.h, grp.h and get*uid() on CloudABI. 
As CloudABI is intended to run applications in cluster contexts (e.g.,
on Kubernetes), they are oblivious of UNIX credentials. Extend the
existing preprocessor checks to disable any use of these interfaces,
just like on Windows, Android, etc.
  • Loading branch information
@EdSchouten
EdSchouten committed Nov 1, 2017
commit c71500769318c1a1485ccadaf66ea52a4cebba3e
12 changes: 6 additions & 6 deletions src/node.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ typedef int mode_t;
#include <unistd.h> // setuid, getuid
#endif

#if defined(__POSIX__) && !defined(__ANDROID__)
#if defined(__POSIX__) && !defined(__ANDROID__) && !defined(__CloudABI__)
Copy link
Copy Markdown
Contributor

@refack refack Oct 31, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO since this is used in three places, it should be aliased to something like UNSANDBOXED_POSIX or defined(__POSIX__) && !SANDBOXED_POSIX

Copy link
Copy Markdown
Contributor Author

@EdSchouten EdSchouten Nov 1, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've just added a definition, HAVE_POSIX_CREDENTIALS, that is declared when building for systems that support <pwd.h>, <grp.h>, set*uid(), etc. Does that look all right?

Copy link
Copy Markdown
Contributor

@refack refack Nov 1, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I yield to @cjihrig.
Maybe revisit in the future if there are more usages.

Copy link
Copy Markdown
Contributor Author

@EdSchouten EdSchouten Nov 1, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All right. I've just rolled back the HAVE_POSIX_CREDENTIALS changes.

#include <pwd.h> // getpwnam()
#include <grp.h> // getgrnam()
#endif
Expand Down Expand Up @@ -998,7 +998,7 @@ Local<Value> UVException(Isolate* isolate,

// Look up environment variable unless running as setuid root.
bool SafeGetenv(const char* key, std::string* text) {
#ifndef _WIN32
#if !defined(__CloudABI__) && !defined(_WIN32)
if (linux_at_secure || getuid() != geteuid() || getgid() != getegid())
goto fail;
#endif
Expand Down Expand Up @@ -2082,7 +2082,7 @@ static void Umask(const FunctionCallbackInfo<Value>& args) {
}


#if defined(__POSIX__) && !defined(__ANDROID__)
#if defined(__POSIX__) && !defined(__ANDROID__) && !defined(__CloudABI__)

static const uid_t uid_not_found = static_cast<uid_t>(-1);
static const gid_t gid_not_found = static_cast<gid_t>(-1);
Expand Down Expand Up @@ -2401,7 +2401,7 @@ static void InitGroups(const FunctionCallbackInfo<Value>& args) {
}
}

#endif // __POSIX__ && !defined(__ANDROID__)
#endif // __POSIX__ && !defined(__ANDROID__) && !defined(__CloudABI__)


static void WaitForInspectorDisconnect(Environment* env) {
Expand Down Expand Up @@ -3610,7 +3610,7 @@ void SetupProcessObject(Environment* env,

env->SetMethod(process, "umask", Umask);

#if defined(__POSIX__) && !defined(__ANDROID__)
#if defined(__POSIX__) && !defined(__ANDROID__) && !defined(__CloudABI__)
env->SetMethod(process, "getuid", GetUid);
env->SetMethod(process, "geteuid", GetEUid);
env->SetMethod(process, "setuid", SetUid);
Expand All @@ -3624,7 +3624,7 @@ void SetupProcessObject(Environment* env,
env->SetMethod(process, "getgroups", GetGroups);
env->SetMethod(process, "setgroups", SetGroups);
env->SetMethod(process, "initgroups", InitGroups);
#endif // __POSIX__ && !defined(__ANDROID__)
#endif // __POSIX__ && !defined(__ANDROID__) && !defined(__CloudABI__)

env->SetMethod(process, "_kill", Kill);

Expand Down