Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NixOS support] Run patchelf after autoupdate download #1468

Merged
merged 11 commits into from
Nov 22, 2023
Prev Previous commit
Next Next commit
Add tests, documentation
RebeccaMahany committed Nov 21, 2023
commit 2741611e2760c9376e13a42d3ca8613bfe5253fb
10 changes: 8 additions & 2 deletions ee/tuf/finalize_linux.go
Original file line number Diff line number Diff line change
@@ -4,6 +4,7 @@
package tuf

import (
"bytes"
"context"
"debug/elf"
"errors"
@@ -14,6 +15,9 @@ import (
"github.com/kolide/launcher/pkg/allowedcmd"
)

// On NixOS, we have to set the interpreter for any non-NixOS executable we want to
RebeccaMahany marked this conversation as resolved.
Show resolved Hide resolved
// run. This means the binaries that our updater downloads.
// See: https://unix.stackexchange.com/a/522823
func patchExecutable(executableLocation string) error {
if !allowedcmd.IsNixOS() {
return nil
@@ -60,8 +64,10 @@ func getInterpreter(executableLocation string) (string, error) {
return "", fmt.Errorf("reading .interp section: %w", err)
}

// interpData should look something like "/lib64/ld-linux-x86-64.so.2"
return filepath.Base(string(interpData)), nil
trimmedInterpData := bytes.TrimRight(interpData, "\x00")

// interpData should look something like "/lib64/ld-linux-x86-64.so.2" -- grab just the filename
return filepath.Base(string(trimmedInterpData)), nil
}

func findInterpreterInNixStore(interpreter string) (string, error) {
24 changes: 24 additions & 0 deletions ee/tuf/finalize_linux_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
//go:build linux
// +build linux

package tuf

import (
"os"
"testing"

"github.com/stretchr/testify/require"
)

func Test_getInterpreter(t *testing.T) {
t.Parallel()

// Use the current executable in our test
currentRunningExecutable, err := os.Executable()
require.NoError(t, err, "getting current executable")

// Confirm we pick the expected interpreter
interpreter, err := getInterpreter(currentRunningExecutable)
require.NoError(t, err, "expected no error getting interpreter")
require.Equal(t, "ld-linux-x86-64.so.2", interpreter)
}
17 changes: 17 additions & 0 deletions ee/tuf/finalize_other_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
//go:build !linux
// +build !linux

package tuf

import (
"testing"

"github.com/stretchr/testify/require"
)

func Test_patchExecutable(t *testing.T) {
t.Parallel()

// patchExecutable is a no-op on windows and darwin
require.NoError(t, patchExecutable(""))
}