fix: improve build --oci error for missing XDG_RUNTIME_DIR

The buildkit code that we call as a dependency uses XDG_RUNTIME_DIR in multiple locations, so we cannot handle it being unset. Add a specific error for rootless build --oci with XDG_RUNTIME_DIR unset, so it is clear that this env var must be set. I don't think we should be setting XDG_RUNTIME_DIR ourselves, to a tmpdir we create. There is a strong assumption that this value is a genuine session specific directory that is configured by systemd, or by the user manually. Fixes #3410
sylabs · Dec 20, 2024 · 984e272 · 984e272
1 parent 81609a4
commit 984e272
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,8 @@
   etc. in build from local image.
 - Fall back to `$TMPDIR` as singularity-buildkitd root directory if
   `~/.singularity` is on a filesystem that does not fully support overlay.
+- Add more intuitive error message for rootless `build --oci` when required
+  `XDG_RUNTIME_DIR` env var is not set.
 
 ## 4.2.1 \[2024-09-13\]
 

diff --git a/internal/pkg/build/buildkit/client/client.go b/internal/pkg/build/buildkit/client/client.go
@@ -48,6 +48,7 @@ import (
 	"github.com/sylabs/singularity/v4/internal/pkg/remote/credential/ociauth"
 	"github.com/sylabs/singularity/v4/internal/pkg/util/bin"
 	fsoverlay "github.com/sylabs/singularity/v4/internal/pkg/util/fs/overlay"
+	"github.com/sylabs/singularity/v4/internal/pkg/util/rootless"
 	"github.com/sylabs/singularity/v4/pkg/syfs"
 	"github.com/sylabs/singularity/v4/pkg/sylog"
 	"golang.org/x/sync/errgroup"
@@ -163,7 +164,10 @@ func startBuildkitd(ctx context.Context, opts *Opts) (bkSocket string, cleanup f
 		return "", nil, err
 	}
 
-	bkSocket = generateSocketAddress()
+	bkSocket, err = generateSocketAddress()
+	if err != nil {
+		return "", nil, err
+	}
 
 	args := []string{}
 	tmpRoot := ""
@@ -403,15 +407,22 @@ func writeDockerTar(r io.Reader, outputFile *os.File) error {
 	return err
 }
 
-func generateSocketAddress() string {
+func generateSocketAddress() (string, error) {
+	uid, err := rootless.Getuid()
+	if err != nil {
+		return "", err
+	}
+
 	socketPath := "/run/singularity-buildkitd"
+	if uid == 0 {
+		return "unix://" + filepath.Join(socketPath, fmt.Sprintf("singularity-buildkitd-%d.sock", os.Getpid())), nil
+	}
 
-	//  pam_systemd sets XDG_RUNTIME_DIR but not other dirs.
 	xdgRuntimeDir := os.Getenv("XDG_RUNTIME_DIR")
-	if xdgRuntimeDir != "" {
-		dirs := strings.Split(xdgRuntimeDir, ":")
-		socketPath = filepath.Join(dirs[0], "singularity-buildkitd")
+	if xdgRuntimeDir == "" {
+		return "", fmt.Errorf("rootless build --oci requires XDG_RUNTIME_DIR is set")
 	}
-
-	return "unix://" + filepath.Join(socketPath, fmt.Sprintf("singularity-buildkitd-%d.sock", os.Getpid()))
+	dirs := strings.Split(xdgRuntimeDir, ":")
+	socketPath = filepath.Join(dirs[0], "singularity-buildkitd")
+	return "unix://" + filepath.Join(socketPath, fmt.Sprintf("singularity-buildkitd-%d.sock", os.Getpid())), nil
 }