-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Overlay handling with fuse-overlayfs #1062
Overlay handling with fuse-overlayfs #1062
Commits on Jul 2, 2024
-
feat: Implement FUSE-based overlay mount for containerexec and runexec
By preserving all capabilities granted in the parent user namespace for the child process, we successfully utilize fuse-overlayfs (fusermount) to perform overlay mounts. This enhancement is effective when using containerexec and runexec, as benchexec creates containers using unshare rather than cloning a new process. Support for benchexec is currently under development.
younghojan committedJul 2, 2024 Configuration menu - View commit details
-
Copy full SHA for be28a5f - Browse repository at this point
Copy the full SHA be28a5fView commit details -
feat: Support FUSE-based overlay mount for benchexec
By setting up the container's filesystem in the child process, bind mount-related errors in benchexec caused by fuse-overlayfs can be avoided. This change will not affect the normal operation of kernel overlayfs.
younghojan committedJul 2, 2024 Configuration menu - View commit details
-
Copy full SHA for 0facbcf - Browse repository at this point
Copy the full SHA 0facbcfView commit details
Commits on Jul 7, 2024
-
Only if the kernel overlay fails, try using fuse-overlayfs
younghojan committedJul 7, 2024 Configuration menu - View commit details
-
Copy full SHA for 85f02ca - Browse repository at this point
Copy the full SHA 85f02caView commit details
Commits on Jul 10, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 69e929e - Browse repository at this point
Copy the full SHA 69e929eView commit details
Commits on Aug 4, 2024
-
feat: Clear ambient capabilities in drop_capabilities() and add const…
…ants in libc.py
younghojan committedAug 4, 2024 Configuration menu - View commit details
-
Copy full SHA for 9818716 - Browse repository at this point
Copy the full SHA 9818716View commit details -
Configuration menu - View commit details
-
Copy full SHA for 3f69c41 - Browse repository at this point
Copy the full SHA 3f69c41View commit details
Commits on Aug 6, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 4ee99a3 - Browse repository at this point
Copy the full SHA 4ee99a3View commit details
Commits on Aug 11, 2024
-
chore: Fix bug in cap_permitted_to_ambient function
The cap_permitted_to_ambient function was not handling the case where the "/proc/sys/kernel/cap_last_cap" file could not be read. This commit fixes the bug by adding a fallback value of 0 when reading the file fails.
younghojan committedAug 11, 2024 Configuration menu - View commit details
-
Copy full SHA for a699b2f - Browse repository at this point
Copy the full SHA a699b2fView commit details -
fix: Use single fusermount for all fuse-based overlays, and avoid mix…
…ed usage of kernel and FUSE overlayfs.
younghojan committedAug 11, 2024 Configuration menu - View commit details
-
Copy full SHA for 8006c20 - Browse repository at this point
Copy the full SHA 8006c20View commit details
Commits on Aug 13, 2024
-
chore: Add functions and extracted some code into functions, add comm…
…ents, and made some logical refactoring.
younghojan committedAug 13, 2024 Configuration menu - View commit details
-
Copy full SHA for 195e4d0 - Browse repository at this point
Copy the full SHA 195e4d0View commit details -
chore: Refactor some functions related to fuse-based overlay mounts a…
…nd add comments.
younghojan committedAug 13, 2024 Configuration menu - View commit details
-
Copy full SHA for 00f9cb8 - Browse repository at this point
Copy the full SHA 00f9cb8View commit details -
chore: Refactor functions related to fuse-based overlay mounts and im…
…prove comments
younghojan committedAug 13, 2024 Configuration menu - View commit details
-
Copy full SHA for 328aad4 - Browse repository at this point
Copy the full SHA 328aad4View commit details
Commits on Aug 14, 2024
-
chore: Refactor functions related to fuse-based overlay mounts and im…
…prove comments
younghojan committedAug 14, 2024 Configuration menu - View commit details
-
Copy full SHA for de86749 - Browse repository at this point
Copy the full SHA de86749View commit details
Commits on Aug 15, 2024
-
chore: Replace f-string in logging.debug with %s formatting
younghojan committedAug 15, 2024 Configuration menu - View commit details
-
Copy full SHA for a308c46 - Browse repository at this point
Copy the full SHA a308c46View commit details
Commits on Aug 16, 2024
-
Configuration menu - View commit details
-
Copy full SHA for b941329 - Browse repository at this point
Copy the full SHA b941329View commit details -
Configuration menu - View commit details
-
Copy full SHA for 2529120 - Browse repository at this point
Copy the full SHA 2529120View commit details
Commits on Aug 17, 2024
-
test: Add tests for checking fuse-overlayfs functionality and triple-…
…nested containers.
Configuration menu - View commit details
-
Copy full SHA for dde34ea - Browse repository at this point
Copy the full SHA dde34eaView commit details
Commits on Aug 22, 2024
-
fix: Specify stdin=subprocess.DEVNULL when launching the fuse-overlay…
…fs subprocess to avoid pytest failures, along with some code changes.
younghojan committedAug 22, 2024 Configuration menu - View commit details
-
Copy full SHA for b1a02d6 - Browse repository at this point
Copy the full SHA b1a02d6View commit details
Commits on Aug 26, 2024
-
feat: Check if fuse-overlayfs meets the minimum version requirement, …
…verify the existence of /dev/fuse when running inside a container, and optimize error handling.
younghojan committedAug 26, 2024 Configuration menu - View commit details
-
Copy full SHA for 1f6d696 - Browse repository at this point
Copy the full SHA 1f6d696View commit details -
Configuration menu - View commit details
-
Copy full SHA for ba6bb91 - Browse repository at this point
Copy the full SHA ba6bb91View commit details
Commits on Aug 28, 2024
-
fix: fix issue of checking for fuse-overlayfs functionality outside o…
…f the path being overlaid and add a check before modifying TEST_TOKEN.
younghojan committedAug 28, 2024 Configuration menu - View commit details
-
Copy full SHA for dc482b2 - Browse repository at this point
Copy the full SHA dc482b2View commit details
Commits on Aug 29, 2024
-
chore: Refactor and improve test_triple_nested_runexec
younghojan committedAug 29, 2024 Configuration menu - View commit details
-
Copy full SHA for e0aec8c - Browse repository at this point
Copy the full SHA e0aec8cView commit details -
chore: Refactor fuse-overlayfs setup and error handling
younghojan committedAug 29, 2024 Configuration menu - View commit details
-
Copy full SHA for e0833b3 - Browse repository at this point
Copy the full SHA e0833b3View commit details
Commits on Sep 2, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 147b4e2 - Browse repository at this point
Copy the full SHA 147b4e2View commit details -
Refactor and improve fuse-overlay related tests
younghojan committedSep 2, 2024 Configuration menu - View commit details
-
Copy full SHA for b63db00 - Browse repository at this point
Copy the full SHA b63db00View commit details
Commits on Sep 4, 2024
-
Omit test_triple_nested_runexec when coverage testing
younghojan committedSep 4, 2024 Configuration menu - View commit details
-
Copy full SHA for 38a0508 - Browse repository at this point
Copy the full SHA 38a0508View commit details -
Refactor COV_CORE_SOURCE environment variable handling
younghojan committedSep 4, 2024 Configuration menu - View commit details
-
Copy full SHA for 5d2a349 - Browse repository at this point
Copy the full SHA 5d2a349View commit details
Commits on Sep 5, 2024
-
Safely encode string for fuse-overlayfs paths
younghojan committedSep 5, 2024 Configuration menu - View commit details
-
Copy full SHA for a8a3516 - Browse repository at this point
Copy the full SHA a8a3516View commit details -
Refactor determine_directory_mode function for fuse-overlayfs compati…
…bility
younghojan committedSep 5, 2024 Configuration menu - View commit details
-
Copy full SHA for 34f57f1 - Browse repository at this point
Copy the full SHA 34f57f1View commit details -
Refactor file handling in test_runexecutor.py for better readability
younghojan committedSep 5, 2024 Configuration menu - View commit details
-
Copy full SHA for 2fd26ff - Browse repository at this point
Copy the full SHA 2fd26ffView commit details -
Refactor overlay mount error handling for better compatibility
younghojan committedSep 5, 2024 Configuration menu - View commit details
-
Copy full SHA for 88db419 - Browse repository at this point
Copy the full SHA 88db419View commit details
Commits on Sep 15, 2024
-
younghojan committed
Sep 15, 2024 Configuration menu - View commit details
-
Copy full SHA for 2f9d52e - Browse repository at this point
Copy the full SHA 2f9d52eView commit details -
Refactor handling of COV_CORE_SOURCE environment variable in TestRunE…
…xecutorWithContainer
younghojan committedSep 15, 2024 Configuration menu - View commit details
-
Copy full SHA for 1c49af2 - Browse repository at this point
Copy the full SHA 1c49af2View commit details
Commits on Sep 19, 2024
-
Change internal paths used for fuse-overlayfs mounts
The temp_base directory (.../temp) is the one that BenchExec uses to store output files of the tool, and after a run we iterate through it and copy files from there to the output directory. Thus we should not use it for internal stuff. But the work_base directory is fine for that. So let's move the fuse mountpoint to work_base as well.
Configuration menu - View commit details
-
Copy full SHA for ea92000 - Browse repository at this point
Copy the full SHA ea92000View commit details -
Configuration menu - View commit details
-
Copy full SHA for ec11b7f - Browse repository at this point
Copy the full SHA ec11b7fView commit details -
Detect and error out if temp is not hidden and we use fuse-overlayfs
Somehow this causes deadlocks that we did not manage to solve even by making our own temp directory hidden. So let's at least avoid the deadlock and provide a proper error message. More background is in the discussions: #1062 (comment) #1062 (comment)
Configuration menu - View commit details
-
Copy full SHA for 33249f1 - Browse repository at this point
Copy the full SHA 33249f1View commit details