Fix #2131 Add preflight check for WSL2 #2323
Conversation
| func checkRunningInsideWSL2() error { | ||
| version, err := ioutil.ReadFile("/proc/version") | ||
| if err != nil { | ||
| return err |
There was a problem hiding this comment.
hopefully there are no 'hardened' setups where reading this fail will fail. Wondering if we should ignore this error instead of failing, but probably not.
There was a problem hiding this comment.
hopefully there are no 'hardened' setups where reading this fail will fail.
You can not run with selinux or apparmor on WSL2. Not sure about other setups... haven't tested. But reading this is a known hardened entry?
Note: There are a lot of limitations, like no systemd, no cgroupsv2 exclusive use, etc
There was a problem hiding this comment.
You can not run with selinux or apparmor on WSL2.
But this code will run on all linux systems, not just WSL2. I have no idea if it's really blocked in some places, just wondered while reading this code.
There was a problem hiding this comment.
Not sure about other setups... haven't tested. But reading this is a known hardened entry?
^^
|
And actually I'm not sure what this means exactly
Is this about a custom compiled kernel being run under WSL2, where |
When WSL2 is used, they already have access to Hyper-V. The issue is a multitude of things, like no way to configure networking, but also no way to properly check the memory assignment (as this is dynamic), performance hit, inability of the kernel to run nested setup (no virt enabled in public kernels).
Bingo |
Seems like nested virt is not the main worry here then, maybe add that list to the commit log? |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: gbraad The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
gbraad
force-pushed
the
issue2131
branch
2 times, most recently
from
3cfa040 to
b08c4c1
Compare
| @@ -220,6 +229,7 @@ func removeVsockCrcSettings() error { | |||
| func getAllPreflightChecks() []Check { | |||
| usingSystemdResolved := checkSystemdResolvedIsRunning() | |||
| checks := getPreflightChecksForDistro(distro(), network.SystemNetworkingMode, usingSystemdResolved == nil) | |||
| checks = append(checks, wsl2PreflightChecks) | |||
There was a problem hiding this comment.
You should also add this line in individuals getPreflightChecks.
getAllPreflightChecks is used for registering configuration and cleanup. It must includes your check but it won't be run in setup unless you add it in `getPreflightChecks
There was a problem hiding this comment.
Adding a preflight has become very messy and cumbersome. Too much complexity and variables with no clear meaning have been introduced.
This check looks at the kernel version string and determines if a Microsoft compiled kernel is used, as is the case with WSL2. This is to prevent a setup that uses Nested Virtualization.
Fixes: Issue #2131
Solution/Idea
This checks the kernel version for the pattern
Microsoftas is the case when the WSL2 provided kernel is used. Note: any custom compiled kernel is ignored,. but in that case we can assume a power-user is at work.Proposed changes
List main as well as consequential changes you introduced or had to introduce.
startcommand will fail when this is called from inside a WSL2 hosted distributionTesting
Use Windows 10 with WSL2
startfails with an error messageOn a regular Linux setup (or VM)
startwill check but succeed the test.