balena-supervisor

ExternalVendorCode/balena-supervisor

Fork 0

mirror of https://github.com/balena-os/balena-supervisor.git synced 2025-01-12 16:02:57 +00:00

Commit Graph

Author	SHA1	Message	Date
Christina Wang	cfd3f03e4a	Make lockfile cleanup multi-app aware When disposing of resources which include Supervisor-created lockfiles, only dispose of lockfiles for the specified user application. Signed-off-by: Christina Wang <christina@balena.io>	2022-04-12 12:02:28 -07:00
Christina Wang	e9738b5f78	Modify update lock module to use new lockfile binary and library Also uninstall lockfile NPM package as we're no longer using it Signed-off-by: Christina Wang <christina@balena.io>	2022-04-12 12:02:28 -07:00
Christina Wang	51e63ea22b	Add lockfile binary and internal lib for interfacing with it The linked issue describes the Supervisor not cleaning up locks it creates due to crashing at just the wrong time. After internal discussion we decided to differentiate Supervisor-created lockfiles from user-created lockfiles by using the `nobody` UID (65534) for Supervisor-created lockfiles. As the existing NPM lockfile lib does not allow creating lockfiles atomically with different UIDs, we move to using the lockfile binary, which is part of the procmail package. To allow nonroot users to write to lock directories, permissions are changed to allow write access by nonroot users. See: https://www.flowdock.com/app/rulemotion/r-resinos/threads/gWMgK5hmR26TzWGHux62NpgJtVl Change-type: minor Closes: #1758 Signed-off-by: Christina Wang <christina@balena.io>	2022-04-12 12:02:26 -07:00

Author

SHA1

Message

Date

Christina Wang

cfd3f03e4a

Make lockfile cleanup multi-app aware

When disposing of resources which include Supervisor-created lockfiles,
only dispose of lockfiles for the specified user application.

Signed-off-by: Christina Wang <christina@balena.io>

2022-04-12 12:02:28 -07:00

Christina Wang

e9738b5f78

Modify update lock module to use new lockfile binary and library

Also uninstall lockfile NPM package as we're no longer using it

Signed-off-by: Christina Wang <christina@balena.io>

2022-04-12 12:02:28 -07:00

Christina Wang

51e63ea22b

Add lockfile binary and internal lib for interfacing with it

The linked issue describes the Supervisor not cleaning up locks it creates due
to crashing at just the wrong time. After internal discussion we decided to
differentiate Supervisor-created lockfiles from user-created lockfiles by using
the `nobody` UID (65534) for Supervisor-created lockfiles.

As the existing NPM lockfile lib does not allow creating lockfiles atomically
with different UIDs, we move to using the lockfile binary, which is part of the
procmail package. To allow nonroot users to write to lock directories, permissions
are changed to allow write access by nonroot users.

See: https://www.flowdock.com/app/rulemotion/r-resinos/threads/gWMgK5hmR26TzWGHux62NpgJtVl
Change-type: minor
Closes: #1758
Signed-off-by: Christina Wang <christina@balena.io>

2022-04-12 12:02:26 -07:00

3 Commits