From 208143e6f2f8b18b4acb8ad0592217bc5c615eb4 Mon Sep 17 00:00:00 2001 From: diogo464 Date: Tue, 17 Mar 2026 11:30:31 +0000 Subject: fix: namespace tmp directory since the /tmp directory is shared by everyone then some left over files remain. when a different user attempts to remove or write to those files but does not have permission it causes failures. this commit just uses /tmp/$USER instead of using /tmp directly --- src/main.rs | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/main.rs b/src/main.rs index ec3f8f1..3ed115e 100644 --- a/src/main.rs +++ b/src/main.rs @@ -532,14 +532,14 @@ fn machine_containers_create_script(containers: &[ScheduledContainer]) -> String for (idx, container) in containers.iter().enumerate() { // remove the start signal file if it exists - script.push_str("mkdir -p /tmp/oar-p2p-signal\n"); - script.push_str("rm /tmp/oar-p2p-signal/start 2>/dev/null || true\n"); + script.push_str("mkdir -p /tmp/$USER/oar-p2p-signal\n"); + script.push_str("rm /tmp/$USER/oar-p2p-signal/start 2>/dev/null || true\n"); script.push_str("docker create \\\n"); script.push_str("\t--pull=never \\\n"); script.push_str("\t--network=host \\\n"); script.push_str("\t--restart=no \\\n"); - script.push_str("\t--volume /tmp/oar-p2p-signal:/oar-p2p\\\n"); + script.push_str("\t--volume /tmp/$USER/oar-p2p-signal:/oar-p2p\\\n"); script.push_str(&format!("\t--name {} \\\n", container.name)); for (key, val) in container.variables.iter() { script.push_str("\t-e "); @@ -603,7 +603,7 @@ async fn machine_signal_containers( machine_run_script( ctx, machine, - &format!("echo -n {timestamp} > /tmp/oar-p2p-signal/{signal}.tmp ; mv /tmp/oar-p2p-signal/{signal}.tmp /tmp/oar-p2p-signal/{signal}"), + &format!("echo -n {timestamp} > /tmp/$USER/oar-p2p-signal/{signal}.tmp ; mv /tmp/$USER/oar-p2p-signal/{signal}.tmp /tmp/$USER/oar-p2p-signal/{signal}"), ) .await?; tracing::info!("containers signaled"); @@ -664,11 +664,11 @@ async fn machine_containers_wait( fn machine_containers_save_logs_script(containers: &[ScheduledContainer]) -> String { let mut script = String::default(); script.push_str("set -e\n"); - script.push_str("mkdir -p /tmp/oar-p2p-logs\n"); - script.push_str("find /tmp/oar-p2p-logs -maxdepth 1 -type f -delete\n"); + script.push_str("mkdir -p /tmp/$USER/oar-p2p-logs\n"); + script.push_str("find /tmp/$USER/oar-p2p-logs -maxdepth 1 -type f -delete\n"); for container in containers { let name = &container.name; - script.push_str(&format!("docker logs {name} 1> /tmp/oar-p2p-logs/{name}.stdout 2> /tmp/oar-p2p-logs/{name}.stderr\n")); + script.push_str(&format!("docker logs {name} 1> /tmp/$USER/oar-p2p-logs/{name}.stdout 2> /tmp/$USER/oar-p2p-logs/{name}.stderr\n")); } script.push_str("exit 0\n"); script @@ -701,7 +701,7 @@ async fn machine_copy_logs_dir(ctx: &Context, machine: Machine, output_dir: &Pat let output = Command::new("rsync") .env("RSYNC_RSH", rsync_rsh) .arg("-avz") - .arg(format!("{}:/tmp/oar-p2p-logs/", machine.hostname())) + .arg(format!("{}:/tmp/$USER/oar-p2p-logs/", machine.hostname())) .arg(output_dir.display().to_string()) .output() .await?; @@ -921,7 +921,8 @@ async fn machine_net_container_build(ctx: &Context, machine: Machine) -> Result< tracing::info!("building network container..."); let script = r#" set -e -cat << EOF > /tmp/oar-p2p.containerfile +mkdir -p /tmp/$USER +cat << EOF > /tmp/$USER/oar-p2p.containerfile FROM alpine:latest RUN apk update && \ apk add --no-cache bash grep iproute2 iproute2-tc nftables && \ @@ -930,9 +931,9 @@ RUN apk update && \ WORKDIR /work EOF -rm -rf /tmp/oar-p2p || true -mkdir -p /tmp/oar-p2p -docker build -t local/oar-p2p-networking:latest -f /tmp/oar-p2p.containerfile /tmp/oar-p2p +rm -rf /tmp/$USER/oar-p2p || true +mkdir -p /tmp/$USER/oar-p2p +docker build -t local/oar-p2p-networking:latest -f /tmp/$USER/oar-p2p.containerfile /tmp/$USER/oar-p2p "#; machine_run_script(ctx, machine, script).await?; tracing::info!("network container built"); -- cgit