Regression with NSS_WRAPPER_PASSWD #2644
Description
What happened?
I'm currently updating the Spark operator and ran into a regression in the process.
When starting Spark applications, I encounter the following error.
Exception in thread "main" java.lang.IllegalArgumentException: basedir must be absolute: -anonymous uid}/.ivy2/local
For some reason, the startup assumes that -anonymous uid} is the home directory. I therefore looked at the entry point script and came across the following PR, which changed the behavior here. #2312
In general, I think the change to NSS_WRAPPER is very good. Modifying /etc/passwd is very bad practice.
By the way, I also run the Spark operator under Openshift, which is why this workaround is crucial for me.
As we can see, string interpolation does not work, so I wanted to ask what the purpose of it is?
This is my current workaround.
diff --git a/entrypoint.sh b/entrypoint.sh
index 7cdf382a..ec88353c 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -17,6 +17,7 @@ if ! getent passwd "$myuid" &> /dev/null; then
export LD_PRELOAD="$wrapper" NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
mygid="$(id -g)"
+ printf 'spark:x:%s:%s:%s:%s:/bin/false\n' "$myuid" "$mygid" "${SPARK_USER_NAME:-anonymous uid}" "$SPARK_HOME" > "$NSS_WRAPPER_PASSWD"
- printf 'spark:x:%s:%s:${SPARK_USER_NAME:-anonymous uid}:%s:/bin/false\n' "$myuid" "$mygid" "$SPARK_HOME" > "$NSS_WRAPPER_PASSWD"
printf 'spark:x:%s:\n' "$mygid" > "$NSS_WRAPPER_GROUP"
break
fiI will also submit this change as a pull request so that others don't make the same mistake.
- ✋ I have searched the open/closed issues and my issue is not listed.
Reproduction Code
Compile a small java class on your desktop. When compiling, the --release flag must also match the JDK version inside the Spark operator image.
import javax.swing.filechooser.FileSystemView;
import java.io.File;
class Home {
public static void main(String... args) {
FileSystemView view = FileSystemView.getFileSystemView();
File file = view.getHomeDirectory();
String desktopPath = file.getPath();
System.out.println(desktopPath);
}
}
Copy the class file into your container.
COPY Home.class .
Change the entrypoint script
diff --git a/entrypoint.sh b/entrypoint.sh
index 7cdf382a..1333a656 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -23,4 +23,5 @@ if ! getent passwd "$myuid" &> /dev/null; then
done
fi
+java Home
exec /usr/bin/tini -s -- /usr/bin/spark-operator "$@"Run docker with an random uid
09:13 $ docker run -ti --rm --user 12345 --env SPARK_USER_NAME=SPARK [ Image]
++ id -u
+ myuid=12345
+ getent passwd 12345
+ for wrapper in {/usr,}/lib{/*,}/libnss_wrapper.so
+ '[' -s /usr/lib/x86_64-linux-gnu/libnss_wrapper.so ']'
++ mktemp
+ NSS_WRAPPER_PASSWD=/tmp/tmp.wFj5JGyamG
++ mktemp
+ NSS_WRAPPER_GROUP=/tmp/tmp.fSPsnQPmoZ
+ export LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libnss_wrapper.so NSS_WRAPPER_PASSWD NSS_WRAPPER_GROUP
+ LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libnss_wrapper.so
++ id -g
+ mygid=0
+ printf 'spark:x:%s:%s:%s:%s:/bin/false\n' 12345 0 SPARK /opt/spark
+ printf 'spark:x:%s:%s:${SPARK_USER_NAME:-anonymous uid}:%s:/bin/false\n' 12345 0 /opt/spark
+ printf 'spark:x:%s:\n' 0
+ break
+ java Home
-anonymous uid}
+ exec /usr/bin/tini -s -- /usr/bin/spark-operator
Spark operator
Usage:
spark-operator [flags]
spark-operator [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
controller Spark operator controller
help Help about any command
version Print version information
webhook Spark operator webhook
Flags:
-h, --help help for spark-operator
Use "spark-operator [command] --help" for more information about a command.
Expected behavior
Spark recognizes the correct home directory
Actual behavior
Currently, interpolation does not work and -anonymous uid} is recognized as the home directory.
Environment & Versions
- Kubernetes Version: v1.30.7
- Openshift: 4.17
- Spark Operator Version: 2.3.0
- Apache Spark Version: 3.5
- Operatoring-System inside Spark-Operator: Ubuntu 24.04
Additional context
No response
Impacted by this bug?
Give it a 👍 We prioritize the issues with most 👍