diff options
Diffstat (limited to 'src/main/java/com/google/devtools/build/lib/sandbox')
4 files changed, 13 insertions, 9 deletions
diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java index f84b5b9e2b..7634e33af2 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/DarwinSandboxedStrategy.java @@ -176,8 +176,6 @@ public class DarwinSandboxedStrategy extends SandboxStrategy { ImmutableMap<String, String> spawnEnvironment = StandaloneSpawnStrategy.locallyDeterminedEnv(execRoot, productName, spawn.getEnvironment()); - Set<Path> writableDirs = getWritableDirs(sandboxExecRoot, spawn.getEnvironment()); - Path runUnderPath = getRunUnderPath(spawn); try { @@ -185,6 +183,7 @@ public class DarwinSandboxedStrategy extends SandboxStrategy { new HardlinkedExecRoot(execRoot, sandboxPath, sandboxExecRoot, errWriter); ImmutableSet<PathFragment> outputs = SandboxHelpers.getOutputFiles(spawn); + Set<Path> writableDirs = getWritableDirs(sandboxExecRoot, spawn.getEnvironment(), outputs); hardlinkedExecRoot.createFileSystem( getMounts(spawn, actionExecutionContext), outputs, writableDirs); @@ -197,7 +196,7 @@ public class DarwinSandboxedStrategy extends SandboxStrategy { new DarwinSandboxRunner( sandboxPath, sandboxExecRoot, - getWritableDirs(sandboxExecRoot, spawnEnvironment), + getWritableDirs(sandboxExecRoot, spawnEnvironment, outputs), getInaccessiblePaths(), runUnderPath, verboseFailures); @@ -221,11 +220,12 @@ public class DarwinSandboxedStrategy extends SandboxStrategy { } @Override - protected ImmutableSet<Path> getWritableDirs(Path sandboxExecRoot, Map<String, String> env) { + protected ImmutableSet<Path> getWritableDirs(Path sandboxExecRoot, Map<String, String> env, + ImmutableSet<PathFragment> outputs) { FileSystem fs = sandboxExecRoot.getFileSystem(); ImmutableSet.Builder<Path> writableDirs = ImmutableSet.builder(); - writableDirs.addAll(super.getWritableDirs(sandboxExecRoot, env)); + writableDirs.addAll(super.getWritableDirs(sandboxExecRoot, env, outputs)); writableDirs.add(fs.getPath("/dev")); String sysTmpDir = System.getenv("TMPDIR"); diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java index 48892132cb..be49446a82 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/LinuxSandboxedStrategy.java @@ -102,12 +102,12 @@ public class LinuxSandboxedStrategy extends SandboxStrategy { Path sandboxPath = SandboxHelpers.getSandboxRoot(blazeDirs, productName, uuid, execCounter); Path sandboxExecRoot = sandboxPath.getRelative("execroot").getRelative(execRoot.getBaseName()); - Set<Path> writableDirs = getWritableDirs(sandboxExecRoot, spawn.getEnvironment()); try { // Build the execRoot for the sandbox. SymlinkedExecRoot symlinkedExecRoot = new SymlinkedExecRoot(sandboxExecRoot); ImmutableSet<PathFragment> outputs = SandboxHelpers.getOutputFiles(spawn); + Set<Path> writableDirs = getWritableDirs(sandboxExecRoot, spawn.getEnvironment(), outputs); symlinkedExecRoot.createFileSystem( getMounts(spawn, actionExecutionContext), outputs, writableDirs); @@ -118,7 +118,7 @@ public class LinuxSandboxedStrategy extends SandboxStrategy { execRoot, sandboxPath, sandboxExecRoot, - getWritableDirs(sandboxExecRoot, spawn.getEnvironment()), + getWritableDirs(sandboxExecRoot, spawn.getEnvironment(), outputs), getInaccessiblePaths(), verboseFailures, sandboxOptions.sandboxDebug); diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/SandboxStrategy.java b/src/main/java/com/google/devtools/build/lib/sandbox/SandboxStrategy.java index 7a12e9b600..2b63527013 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/SandboxStrategy.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/SandboxStrategy.java @@ -44,12 +44,16 @@ abstract class SandboxStrategy implements SpawnActionContext { } /** Gets the list of directories that the spawn will assume to be writable. */ - protected ImmutableSet<Path> getWritableDirs(Path sandboxExecRoot, Map<String, String> env) { + protected ImmutableSet<Path> getWritableDirs(Path sandboxExecRoot, Map<String, String> env, + ImmutableSet<PathFragment> outputs) { Builder<Path> writableDirs = ImmutableSet.builder(); // We have to make the TEST_TMPDIR directory writable if it is specified. if (env.containsKey("TEST_TMPDIR")) { writableDirs.add(sandboxExecRoot.getRelative(env.get("TEST_TMPDIR"))); } + for (PathFragment output : outputs) { + writableDirs.add(sandboxExecRoot.getRelative(output).getParentDirectory()); + } return writableDirs.build(); } diff --git a/src/main/java/com/google/devtools/build/lib/sandbox/SymlinkedExecRoot.java b/src/main/java/com/google/devtools/build/lib/sandbox/SymlinkedExecRoot.java index 9efe7fcb45..17fe4217b0 100644 --- a/src/main/java/com/google/devtools/build/lib/sandbox/SymlinkedExecRoot.java +++ b/src/main/java/com/google/devtools/build/lib/sandbox/SymlinkedExecRoot.java @@ -66,7 +66,7 @@ final class SymlinkedExecRoot implements SandboxExecRoot { throws IOException { for (PathFragment inputPath : inputs) { Path dir = sandboxExecRoot.getRelative(inputPath).getParentDirectory(); - Preconditions.checkArgument(dir.startsWith(sandboxExecRoot)); + Preconditions.checkArgument(dir.startsWith(sandboxExecRoot.getParentDirectory())); FileSystemUtils.createDirectoryAndParentsWithCache(createdDirs, dir); } } |