Skip to content

buildkitd: use default config file location when run as root in rootless #4368

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tonistiigi merged 1 commit into from
Oct 26, 2023
Merged

buildkitd: use default config file location when run as root in rootless #4368

tonistiigi merged 1 commit into from
Oct 26, 2023

Conversation

@jsternberg
Copy link
Collaborator

@jsternberg jsternberg commented Oct 23, 2023

When running buildkitd in a rootless environment but as root, buildkitd
misinterprets how it is being run and loads the config file from the
home directory instead of the global location in /etc/buildkitd.

This happens when buildkit is being run in docker and docker itself is
being run as rootless. The buildkit daemon sees the user remapping and
assumes that the remapping belongs to itself rather than to docker.

This causes it to load the wrong configuration file as buildkitd is
still being run as "root" but a remapped root that docker created.

Related to docker/buildx#2092.

@AkihiroSuda AkihiroSuda self-assigned this Oct 24, 2023
AkihiroSuda
AkihiroSuda approved these changes Oct 24, 2023
View reviewed changes
Copy link
Member

@AkihiroSuda AkihiroSuda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but probably we should have sync.Once

@jsternberg
buildkitd: use default config file location when run as root in rootless
bb8f9f7 
When running buildkitd in a rootless environment but as root, buildkitd
misinterprets how it is being run and loads the config file from the
home directory instead of the global location in `/etc/buildkitd`.

This happens when buildkit is being run in docker and docker itself is
being run as rootless. The buildkit daemon sees the user remapping and
assumes that the remapping belongs to itself rather than to docker.

This causes it to load the wrong configuration file as buildkitd is
still being run as "root" but a remapped root that docker created.

Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
@jsternberg jsternberg force-pushed the default-config-within-rootless-docker branch from 005c39c to bb8f9f7 Compare October 24, 2023 15:40
@jsternberg
Copy link
Collaborator Author

jsternberg commented Oct 24, 2023

@AkihiroSuda done.

@crazy-max
Copy link
Member

crazy-max commented Oct 25, 2023

This failure again https://github.com/moby/buildkit/actions/runs/6629234136/job/18008162650?pr=4368#step:5:47. 15min timeout still doesn't look enough 😣

@crazy-max crazy-max mentioned this pull request Oct 25, 2023
Merged
@tonistiigi tonistiigi merged commit 5707f24 into moby:master Oct 26, 2023
@jsternberg jsternberg deleted the default-config-within-rootless-docker branch November 6, 2023 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tonistiigi tonistiigi tonistiigi approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

@AkihiroSuda AkihiroSuda

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jsternberg @crazy-max @tonistiigi @AkihiroSuda