Merge pull request #59 from dweomer/daemon/group-flag

daemon: add socket ownership flags
rancher · Jun 11, 2020 · 548be10 · 548be10
2 parents fca8597 + bfdc41d
commit 548be10
Show file tree

Hide file tree

Showing 3 changed files with 48 additions and 0 deletions.
diff --git a/cmd/daemon/daemon_linux.go b/cmd/daemon/daemon_linux.go
@@ -39,6 +39,7 @@ the backend to support the Docker work-alike frontend of k3c.`
 			if sf, ok := flag.(cliv1.StringFlag); ok {
 				sf.Value = filepath.Join(config.DefaultDaemonStateDir, "k3c.sock")
 				sf.EnvVar = "K3C_ADDRESS"
+				sf.Destination = &config.Socket.Address
 				app.Flags[i] = sf
 			} else {
 				logrus.Warnf("unexpected type for flag %q = %#v", flag.GetName(), flag)
@@ -144,6 +145,18 @@ the backend to support the Docker work-alike frontend of k3c.`
 			Usage:       "containerd-style image ref for sandboxes",
 			Destination: &cri.Config.SandboxImage,
 		},
+		cliv1.IntFlag{
+			Name:        "socket-gid,group",
+			EnvVar:      "K3C_SOCKET_GID",
+			Usage:       "gRPC socket gid",
+			Destination: &config.Socket.GID,
+		},
+		cliv1.IntFlag{
+			Name:        "socket-uid",
+			EnvVar:      "K3C_SOCKET_UID",
+			Usage:       "gRPC socket uid",
+			Destination: &config.Socket.UID,
+		},
 	}...)
 
 	app.Action = func(action interface{}) cliv1.ActionFunc {
@@ -162,6 +175,8 @@ the backend to support the Docker work-alike frontend of k3c.`
 					e = t.EnvVar
 				case cliv1.StringFlag:
 					e = t.EnvVar
+				case cliv1.IntFlag:
+					e = t.EnvVar
 				}
 				if e != "" {
 					if err := os.Setenv(e, clx.GlobalString(n)); err != nil {

diff --git a/pkg/daemon/config/config.go b/pkg/daemon/config/config.go
@@ -9,6 +9,7 @@ import (
 
 	"github.com/BurntSushi/toml"
 	"github.com/containerd/containerd/platforms"
+	"github.com/containerd/containerd/services/server/config"
 	buildkit "github.com/moby/buildkit/cmd/buildkitd/config"
 	"github.com/rancher/k3c/pkg/defaults"
 )
@@ -28,6 +29,10 @@ var (
 	DefaultVolumesDir   = filepath.Join(DefaultDaemonRootDir, "volumes")
 )
 
+var (
+	Socket config.GRPCConfig
+)
+
 type K3Config struct {
 	BootstrapSkip  bool   `toml:"bootstrap_skip"`
 	BootstrapImage string `toml:"bootstrap_image"`

diff --git a/pkg/daemon/plugins.go b/pkg/daemon/plugins.go
@@ -1,6 +1,9 @@
 package daemon
 
 import (
+	"os"
+	"time"
+
 	"github.com/containerd/containerd/log"
 	"github.com/containerd/containerd/platforms"
 	"github.com/containerd/containerd/plugin"
@@ -68,5 +71,30 @@ func PluginInitFunc(ic *plugin.InitContext) (interface{}, error) {
 	service := server.NewContainerService(daemon)
 	service.SetInitialized(true)
 	log.G(ic.Context).WithField("bridge", cfg.BridgeName).WithField("cidr", cfg.BridgeCIDR).Info("K3C daemon")
+	go func() {
+		var (
+			addr = config.Socket.Address
+			gid  = config.Socket.GID
+			uid  = config.Socket.UID
+		)
+		for {
+			select {
+			case <-time.After(100 * time.Millisecond):
+				err := os.Chown(addr, uid, gid)
+				if os.IsNotExist(err) {
+					continue
+				}
+				log := log.G(ic.Context).WithField("address", addr).WithField("gid", gid).WithField("uid", uid)
+				if err != nil {
+					log.WithError(err).Warn("K3C socket")
+				} else {
+					log.Debug("K3C socket")
+				}
+				return
+			case <-ic.Context.Done():
+				return
+			}
+		}
+	}()
 	return service, nil
 }