Skip to content

Commit 66c347a

Browse files
mafredrimafredri
committed
fix(agent): filter out GOTRACEBACK=none
With the switch to Go 1.24.1, our dogfood workspaces started setting `GOTRACEBACK=none` in the environment, resulting in missing stacktraces for users. This is due to the capability changes we do when `USE_CAP_NET_ADMIN=true`. https://github.com/coder/coder/blob/564b387262e5b768c503e5317242d9ab576395d6/provisionersdk/scripts/bootstrap_linux.sh#L60-L76 This most likely triggers a change in securitybits which sets `_AT_SECURE` for the process. https://github.com/golang/go/blob/a1ddbdd3ef8b739aab53f20d6ed0a61c3474cf12/src/runtime/os_linux.go#L297-L327 Which in turn triggers secure mode: https://github.com/golang/go/blob/a1ddbdd3ef8b739aab53f20d6ed0a61c3474cf12/src/runtime/security_unix.go A better fix may be to read `/proc/self/environ` to figure out if this was set by the runtime or manually, but I'm not sure we should care about that. A template author can still set the environment on the agent resource. See https://pkg.go.dev/runtime#hdr-Security
1 parent 564b387 commit 66c347a

File tree

2 files changed

+15
-2
lines changed

2 files changed

+15
-2
lines changed

agent/agentexec/cli_linux.go

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,8 @@ import (
1717
"golang.org/x/sys/unix"
1818
"golang.org/x/xerrors"
1919
"kernel.org/pub/linux/libs/security/libcap/cap"
20+
21+
"github.com/coder/coder/v2/agent/usershell"
2022
)
2123

2224
// CLI runs the agent-exec command. It should only be called by the cli package.
@@ -114,7 +116,8 @@ func CLI() error {
114116

115117
// Remove environment variables specific to the agentexec command. This is
116118
// especially important for environments that are attempting to develop Coder in Coder.
117-
env := os.Environ()
119+
ei := usershell.SystemEnvInfo{}
120+
env := ei.Environ()
118121
env = slices.DeleteFunc(env, func(e string) bool {
119122
return strings.HasPrefix(e, EnvProcPrioMgmt) ||
120123
strings.HasPrefix(e, EnvProcOOMScore) ||

agent/usershell/usershell.go

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,17 @@ func (SystemEnvInfo) User() (*user.User, error) {
5050
}
5151

5252
func (SystemEnvInfo) Environ() []string {
53-
return os.Environ()
53+
var env []string
54+
for _, e := range os.Environ() {
55+
// Ignore GOTRACEBACK=none, as it disables stack traces, it can
56+
// be set on the agent due to changes in capabilities.
57+
// https://pkg.go.dev/runtime#hdr-Security.
58+
if e == "GOTRACEBACK=none" {
59+
continue
60+
}
61+
env = append(env, e)
62+
}
63+
return env
5464
}
5565

5666
func (SystemEnvInfo) HomeDir() (string, error) {

0 commit comments

Comments
 (0)