Skip to content

Commit

Permalink
fix: fail early during inject on noexec filesystems
Browse files Browse the repository at this point in the history
Signed-off-by: Luca Di Maio <[email protected]>
  • Loading branch information
89luca89 authored and pascalbreuninger committed Jan 15, 2024
1 parent e66b9b3 commit 4117ebb
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions pkg/inject/inject.sh
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,22 @@ is_arm() {
esac
}

# Detect if install_dir is noexec
# We use this method instead of findmnt, as that command might not be present
# on minimal images, like alpine
check_noexec() {
# Find mountpoint of the install path
mount_path="$(df "${INSTALL_DIR}" | tail -n +2 | rev | cut -d' ' -f1 | rev)"

# Check if mountpoint is noexec, fail early
if mount | grep "on ${mount_path} " | grep -q noexec; then
echo >&2 "ERROR: installation directory $INSTALL_DIR is noexec, please choose another location"
return 1
fi

return 0
}

inject() {
echo "ARM-$(is_arm && echo -n 'true' || echo -n 'false')"
$sh_c "cat > $INSTALL_PATH.$$"
Expand Down Expand Up @@ -110,6 +126,11 @@ if {{ .ExistsCheck }}; then
$sh_c "mkdir -p $INSTALL_DIR"
fi

if ! check_noexec; then
echo >&2 Error: failed to install devpod, noexec filesystem detected
exit 1
fi

$sh_c "rm -f $INSTALL_PATH 2>/dev/null || true"
if [ "$PREFER_DOWNLOAD" = "true" ]; then
download || inject
Expand Down

0 comments on commit 4117ebb

Please sign in to comment.