diff options
author | Laszlo Csomor <laszlocsomor@google.com> | 2018-01-11 04:36:48 -0800 |
---|---|---|
committer | Copybara-Service <copybara-piper@google.com> | 2018-01-11 04:39:17 -0800 |
commit | 2e631c99495f75270d2639542cefb531ec262d67 (patch) | |
tree | 245786846e7297f9b5d12fa55a2f6c8ee77a9970 | |
parent | 28221ff520ba753f8ea38dfe14fc90fff0605444 (diff) |
sandbox: properly add `tmpDir` to `writablePaths`
When Bazel creates the sandbox for an action,
Bazel collects a set of paths that the action may
write to.
The action needs write access to its temp
directory, so Bazel needs to add it to the
writable paths.
See https://github.com/bazelbuild/bazel/issues/4376
Change-Id: Ifd3c482aa67ff8a2070045356abad8b39c808db8
PiperOrigin-RevId: 181591520
-rw-r--r-- | src/main/java/com/google/devtools/build/lib/sandbox/AbstractSandboxSpawnRunner.java | 60 |
1 files changed, 34 insertions, 26 deletions
diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/AbstractSandboxSpawnRunner.java b/src/main/java/com/google/devtools/build/lib/sandbox/AbstractSandboxSpawnRunner.java index 6cead52294..8d7a3389a6 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/AbstractSandboxSpawnRunner.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/AbstractSandboxSpawnRunner.java @@ -229,37 +229,24 @@ abstract class AbstractSandboxSpawnRunner implements SpawnRunner { */ protected ImmutableSet<Path> getWritableDirs( Path sandboxExecRoot, Map<String, String> env, Path tmpDir) throws IOException { - FileSystem fileSystem = sandboxExecRoot.getFileSystem(); - // We have to make the TEST_TMPDIR directory writable if it is specified. ImmutableSet.Builder<Path> writablePaths = ImmutableSet.builder(); writablePaths.add(sandboxExecRoot); - String tmpDirString = env.get("TEST_TMPDIR"); - if (tmpDirString != null) { - Path p = sandboxExecRoot.getRelative(tmpDirString); - if (p.startsWith(sandboxExecRoot)) { - // We add this path even though it is below sandboxExecRoot (and thus already writable as a - // subpath) to take advantage of the side-effect that SymlinkedExecRoot also creates this - // needed directory if it doesn't exist yet. - writablePaths.add(p); - } else if (p.exists()) { - // If `p` itself is a symlink, then adding it to `writablePaths` would result in making the - // symlink itself writable, not what it points to. Therefore we need to resolve symlinks in - // `p`, however for that we need `p` to exist. - writablePaths.add(p.resolveSymbolicLinks()); - } else { - throw new IOException( - String.format( - "Cannot resolve symlinks in TEST_TMPDIR because it doesn't exist: \"%s\"", - p.getPathString())); - } + String testTmpdir = env.get("TEST_TMPDIR"); + if (testTmpdir != null) { + addWritablePath( + sandboxExecRoot, + writablePaths, + sandboxExecRoot.getRelative(testTmpdir), + "Cannot resolve symlinks in TEST_TMPDIR because it doesn't exist: \"%s\""); } + addWritablePath( + sandboxExecRoot, + writablePaths, + tmpDir, + "Cannot resolve symlinks in tmpDir because it doesn't exist: \"%s\""); - // TODO(laszlocsomor): Extract the logic that adds TEST_TMPDIR to writablePaths, and add tmpDir - // using the same method. Currently we don't resolve symlinks in tmpDir and so we might be - // adding a symlink to the writable paths, and not what the symlink points to. - writablePaths.add(tmpDir); - + FileSystem fileSystem = sandboxExecRoot.getFileSystem(); for (String writablePath : sandboxOptions.sandboxWritablePath) { Path path = fileSystem.getPath(writablePath); writablePaths.add(path); @@ -269,6 +256,27 @@ abstract class AbstractSandboxSpawnRunner implements SpawnRunner { return writablePaths.build(); } + private void addWritablePath( + Path sandboxExecRoot, + ImmutableSet.Builder<Path> writablePaths, + Path path, + String pathDoesNotExistErrorTemplate) + throws IOException { + if (path.startsWith(sandboxExecRoot)) { + // We add this path even though it is below sandboxExecRoot (and thus already writable as a + // subpath) to take advantage of the side-effect that SymlinkedExecRoot also creates this + // needed directory if it doesn't exist yet. + writablePaths.add(path); + } else if (path.exists()) { + // If `path` itself is a symlink, then adding it to `writablePaths` would result in making + // the symlink itself writable, not what it points to. Therefore we need to resolve symlinks + // in `path`, however for that we need `path` to exist. + writablePaths.add(path.resolveSymbolicLinks()); + } else { + throw new IOException(String.format(pathDoesNotExistErrorTemplate, path.getPathString())); + } + } + protected ImmutableSet<Path> getInaccessiblePaths() { return inaccessiblePaths; } |