config: Do not allow runtimes to ignore properties defined by the spec by wking · Pull Request #680 · opencontainers/runtime-spec

wking · 2017-02-07T23:00:52Z

Otherwise a runtime could silently ignore a property it didn't want to implement, which would be confusing for runtime callers. This closes a potential loophole in the restriction from #559.

wking · 2017-02-07T23:02:59Z

This would benefit from the clearer platform/protocol slug language in #570, so if #570 lands first I'll rebase this PR around it and tighten the “target platform” wording here.

wking · 2017-04-07T19:11:15Z

This would benefit from the clearer platform/protocol slug language in #570…

#570 landed, and I've floated some work tying settings to platforms in #747. I recommend reviewing #747 first, and then I'll reroll this if/when that lands.

crosbymichael · 2017-05-10T22:19:46Z

We are going to figure out a better way to word this.

wking · 2017-05-15T17:40:51Z

 ## Extensibility
 Implementations that are reading/processing this configuration file MUST NOT generate an error if they encounter an unknown property.
 Instead they MUST ignore unknown properties.
+Properties defined for the [target platform](#platform) by the [declared version](#specification-version) of this specification MUST NOT be ignored.


@tianon questioned the “for the target platform” portion of this in #819, saying he would be surprised if the runtime did not error when the config set a property that this spec only defined for another platform (e.g. the Windows-only process.user.username in a Linux config). I, on the other hand, would be very surprised if the runtime cared about those properties at all (and I see no code in runC checking Process.Username). So whatever we end up doing to clarify the intended behavior, we'll want to cover what happens in situations like that.

vbatts · 2017-05-24T15:48:06Z

let's make a decision on whether this is required for v1.0.0

tianon · 2017-05-24T15:53:49Z

IMO we can decide on the specifics of this edge case post-1.0

@crosbymichael what's your opinion on clarifying this being a 1.0 or 1.1 concern?

wking · 2017-05-24T16:29:28Z

On Wed, May 24, 2017 at 08:48:07AM -0700, v1.0.0.batts wrote: let's make a decision on whether this is required for v1.0.0

I don't think the current spec is particularly clear, but if folks read the current wording like I do [1] and we end up landing wording settling on @tianon's interpretation [1], that would be a breaking change (e.g. configs targeting Linux that set process.user.username would go from being legal to being illegal). So if we punt to post-1.0, settle on @tianon's interpretation, and feel like my current reading has any merit, we'd have to bump to 2.0 when we landed wording for @tianon's interpretation. [1]: https://github.com/opencontainers/runtime-spec/pull/680/files#r116554735

Otherwise a runtime could silently ignore a property it didn't want to implement, which would be confusing for runtime callers [1]. This closes a potential loophole in the restriction from 766abd6 (runtime.md: Require 'create' to fail if config.json asks for the impossible, 2016-09-08, opencontainers#559). [1]: opencontainers#472 (comment) Signed-off-by: W. Trevor King <[email protected]>

wking · 2017-06-16T20:26:49Z

Rebased around #850 with 19ed44c → ffa1718, changing the “target platform” link from #platform to spec.md#platforms.

justincormack · 2017-06-27T14:39:22Z

Does this mean that everything that cannot be defined for one platform must be moved to platform specific code or explicitly annotated?

eg currently root.readonly is not annotated as every platform except Windows.

wking · 2017-07-10T22:46:00Z

On Tue, Jun 27, 2017 at 07:39:23AM -0700, Justin Cormack wrote: Does this mean that everything that cannot be defined for one platform must be moved to platform specific code or explicitly annotated?

Yes! For example, in rc6 we have wording restricting process.user.uid, etc. to POSIX platforms [1] and wording restricting everything in config-linux.md to Linux [2]. To make those restrictions more explicit, we could declare them in the property specification [3], but that approach was rejected [4]. Regardless of whether the declaration is on the property itself or somewhere else in the spec, I think we need to be (and generally are) very clear about which platforms a property is defined for. Not clearly documenting that association will make life confusing for config authors. For example, a Linux or Solaris runtime that ignores process.rlimits would violate at least [5,6,7,8]. [1]: https://github.com/opencontainers/runtime-spec/blob/v1.0.0-rc6/config.md#posix-platform-user [2]: https://github.com/opencontainers/runtime-spec/blob/v1.0.0-rc6/config-linux.md#linux-container-configuration [3]: https://github.com/wking/opencontainer-runtime-spec/blob/05da00bc76e1746276e977ab45957ab39c31c73a/spec.md#property-specification [4]: #747 (comment) [5]: https://github.com/opencontainers/runtime-spec/blame/v1.0.0-rc6/config.md#L162 [6]: https://github.com/opencontainers/runtime-spec/blame/v1.0.0-rc6/config.md#L168-L169 [7]: https://github.com/opencontainers/runtime-spec/blame/v1.0.0-rc6/config.md#L172-L173 [8]: https://github.com/opencontainers/runtime-spec/blame/v1.0.0-rc6/config.md#L176

vbatts · 2019-12-17T18:19:42Z

house keeping:
is this still an interested topic?

wking commented May 15, 2017

View reviewed changes

vbatts assigned crosbymichael May 24, 2017

mrunalp assigned tianon May 24, 2017

wking mentioned this pull request May 24, 2017

Mount correction #854

Merged

wking force-pushed the limit-unknown branch from 19ed44c to ffa1718 Compare June 16, 2017 20:42

wking mentioned this pull request Oct 4, 2017

config: Drop "subset of the valid values" line #927

Closed

wking mentioned this pull request Nov 9, 2017

runtime.md: only required properties are MUST applied #935

Open

h-vetinari mentioned this pull request Feb 3, 2020

Tag a new release #1010

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

config: Do not allow runtimes to ignore properties defined by the spec#680

config: Do not allow runtimes to ignore properties defined by the spec#680
wking wants to merge 1 commit intoopencontainers:mainfrom
wking:limit-unknown

wking commented Feb 7, 2017

Uh oh!

wking commented Feb 7, 2017

Uh oh!

wking commented Apr 7, 2017

Uh oh!

crosbymichael commented May 10, 2017

Uh oh!

wking May 15, 2017

Uh oh!

vbatts commented May 24, 2017

Uh oh!

tianon commented May 24, 2017

Uh oh!

wking commented May 24, 2017 via email

Uh oh!

wking commented Jun 16, 2017

Uh oh!

justincormack commented Jun 27, 2017 •

edited

Loading

Uh oh!

wking commented Jul 10, 2017 via email

Uh oh!

vbatts commented Dec 17, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

Conversation

wking commented Feb 7, 2017

Uh oh!

wking commented Feb 7, 2017

Uh oh!

wking commented Apr 7, 2017

Uh oh!

crosbymichael commented May 10, 2017

Uh oh!

wking May 15, 2017

Choose a reason for hiding this comment

Uh oh!

vbatts commented May 24, 2017

Uh oh!

tianon commented May 24, 2017

Uh oh!

wking commented May 24, 2017 via email

Uh oh!

wking commented Jun 16, 2017

Uh oh!

justincormack commented Jun 27, 2017 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

wking commented Jul 10, 2017 via email

Uh oh!

vbatts commented Dec 17, 2019

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants

justincormack commented Jun 27, 2017 •

edited

Loading