Merge pull request #3 from tsirysndr/fix-sudo · tsiry-sandratraina.com/fireup@135e366

tsiry-sandratraina.com / fireup

fork atom

Prepare, configure, and manage Firecracker microVMs in seconds!

virtualization linux microvm firecracker

fork atom

Merge pull request #3 from tsirysndr/fix-sudo

fix: add credential validation for sudo and improve Firecracker startup timeout handling

authored by tsiry-sandratraina.com and committed by

GitHub 6 months ago 135e366e e3d1b9c1

+25 -1

2 changed files

expand all

unified split

crates

firecracker-process

src

command.rs

lib.rs

+13

crates/firecracker-process/src/command.rs

··· 58 58 command 59 59 )); 60 60 } 61 + 62 + let status = Command::new("sudo") 63 + .arg("-v") 64 + .stdin(Stdio::inherit()) 65 + .stdout(Stdio::inherit()) 66 + .stderr(Stdio::inherit()) 67 + .status() 68 + .context("failed to run 'sudo -v' for credential validation")?; 69 + 70 + if !status.success() { 71 + return Err(anyhow!("'sudo -v' failed (wrong password or sudo policy)")); 72 + } 73 + 61 74 let mut c = Command::new("sudo"); 62 75 c.arg(command); 63 76

+12 -1

crates/firecracker-process/src/lib.rs

··· 1 - use std::process; 1 + use std::{process, thread}; 2 2 3 3 use anyhow::Result; 4 4 use firecracker_state::repo; ··· 19 19 stop(Some(name)).await?; 20 20 println!("[+] Starting Firecracker..."); 21 21 let pid = run_command_in_background("firecracker", &["--api-sock", &config.api_socket], true)?; 22 + 23 + let mut attempts = 0; 24 + while !std::path::Path::new(&config.api_socket).exists() { 25 + if attempts >= 100 { 26 + println!("[!] Timed out waiting for Firecracker to start. Please check the logs."); 27 + process::exit(1); 28 + } 29 + attempts += 1; 30 + thread::sleep(std::time::Duration::from_millis(500)); 31 + } 32 + 22 33 Ok(pid) 23 34 } 24 35