Skip to content

Commit

Permalink
Allow collect to chroot itself (#1658)
Browse files Browse the repository at this point in the history 
* Enable chroot

* typo

* platform specific chroot functions

* Add friendly chroot warning if running without elevated permissions
  • Loading branch information
@hedge-sparrow
hedge-sparrow authored Oct 22, 2024
1 parent 0fb0a07 commit c968fca
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 0 deletions.
21 changes: 21 additions & 0 deletions cmd/collect/cli/chroot_darwin.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package cli

import (
"errors"
"syscall"

"github.com/replicatedhq/troubleshoot/internal/util"
)

func checkAndSetChroot(newroot string) error {
if newroot == "" {
return nil
}
if !util.IsRunningAsRoot() {
return errors.New("Can only chroot when run as root")
}
if err := syscall.Chroot(newroot); err != nil {
return err
}
return nil
}
21 changes: 21 additions & 0 deletions cmd/collect/cli/chroot_linux.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
package cli

import (
"errors"
"syscall"

"github.com/replicatedhq/troubleshoot/internal/util"
)

func checkAndSetChroot(newroot string) error {
if newroot == "" {
return nil
}
if !util.IsRunningAsRoot() {
return errors.New("Can only chroot when run as root")
}
if err := syscall.Chroot(newroot); err != nil {
return err
}
return nil
}
9 changes: 9 additions & 0 deletions cmd/collect/cli/chroot_windows.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
package cli

import (
"errors"
)

func checkAndSetChroot(newroot string) error {
return errors.New("chroot is only implimented in linux/darwin")
}
5 changes: 5 additions & 0 deletions cmd/collect/cli/root.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,10 @@ func RootCmd() *cobra.Command {
RunE: func(cmd *cobra.Command, args []string) error {
v := viper.GetViper()

if err := checkAndSetChroot(v.GetString("chroot")); err != nil {
return err
}

return runCollect(v, args[0])
},
PostRun: func(cmd *cobra.Command, args []string) {
Expand All @@ -53,6 +57,7 @@ func RootCmd() *cobra.Command {
cmd.Flags().String("selector", "", "selector (label query) to filter remote collection nodes on.")
cmd.Flags().Bool("collect-without-permissions", false, "always generate a support bundle, even if it some require additional permissions")
cmd.Flags().Bool("debug", false, "enable debug logging")
cmd.Flags().String("chroot", "", "Chroot to path")

// hidden in favor of the `insecure-skip-tls-verify` flag
cmd.Flags().Bool("allow-insecure-connections", false, "when set, do not verify TLS certs when retrieving spec and reporting results")
Expand Down

0 comments on commit c968fca

Please sign in to comment.