search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
16.98k stars 1.71k forks source link

Teleport doesn't like to be compiled statically #1427

Closed sokoow closed 6 years ago

sokoow commented 6 years ago

It's more a nuisance, but I noticed that teleport doesn't like to be statically compiled:

[signal SIGSEGV: segmentation violation code=0x1 addr=0xe5 pc=0x7f4e8dd9cf59]

runtime stack:
runtime.throw(0x11ce0c5, 0x2a)
    /usr/local/go/src/runtime/panic.go:596 +0x95
runtime.sigpanic()
    /usr/local/go/src/runtime/signal_unix.go:274 +0x2db

goroutine 895 [syscall, locked to thread]:
runtime.cgocall(0xe49f70, 0xc4205ad360, 0x11ccbad)
    /usr/local/go/src/runtime/cgocall.go:131 +0xe2 fp=0xc4205ad320 sp=0xc4205ad2e0
os/user._Cfunc_mygetpwnam_r(0x7f4e840008c0, 0xc4205e12c0, 0x7f4e840008e0, 0x400, 0xc420663a60, 0x0)
    os/user/_obj/_cgo_gotypes.go:161 +0x4d fp=0xc4205ad360 sp=0xc4205ad320
os/user.lookupUser.func2.1(0x7f4e840008c0, 0xc4205e12c0, 0x7f4e840008e0, 0x400, 0xc420663a60, 0xc4205ad408)
    /usr/local/go/src/os/user/lookup_unix.go:66 +0x17b fp=0xc4205ad3b8 sp=0xc4205ad360
os/user.lookupUser.func2(0x10)
    /usr/local/go/src/os/user/lookup_unix.go:70 +0x51 fp=0xc4205ad3f8 sp=0xc4205ad3b8
os/user.retryWithBuffer(0xc420295470, 0xc4205ad510, 0xc420295470, 0x0)
    /usr/local/go/src/os/user/lookup_unix.go:253 +0x2b fp=0xc4205ad460 sp=0xc4205ad3f8
os/user.lookupUser(0xc420467b08, 0x6, 0x0, 0x0, 0x0)
    /usr/local/go/src/os/user/lookup_unix.go:71 +0x1ab fp=0xc4205ad548 sp=0xc4205ad460
os/user.Lookup(0xc420467b08, 0x6, 0x6, 0x0, 0x0)
    /usr/local/go/src/os/user/lookup.go:15 +0x35 fp=0xc4205ad580 sp=0xc4205ad548
github.com/gravitational/teleport/lib/srv.(*Server).keyAuth(0xc420408c00, 0x19fdd20, 0xc420320280, 0x19f7c60, 0xc42014e6e0, 0x0, 0x0, 0xc4205171e0)
    /opt/go/src/github.com/gravitational/teleport/lib/srv/sshserver.go:685 +0x1003 fp=0xc4205ad910 sp=0xc4205ad580
github.com/gravitational/teleport/lib/srv.(*Server).(github.com/gravitational/teleport/lib/srv.keyAuth)-fm(0x19fdd20, 0xc420320280, 0x19f7c60, 0xc42014e6e0, 0x42a, 0x42a, 0x0)
    /opt/go/src/github.com/gravitational/teleport/lib/srv/sshserver.go:287 +0x52 fp=0xc4205ad960 sp=0xc4205ad910
github.com/gravitational/teleport/vendor/golang.org/x/crypto/ssh.(*connection).serverAuthenticate(0xc420320280, 0xc4203f7760, 0x11, 0x40, 0x0)
    /opt/go/src/github.com/gravitational/teleport/vendor/golang.org/x/crypto/ssh/server.go:351 +0x1b22 fp=0xc4205adc58 sp=0xc4205ad960
github.com/gravitational/teleport/vendor/golang.org/x/crypto/ssh.(*connection).serverHandshake(0xc420320280, 0xc4203f7760, 0xc420488390, 0xc420133d88, 0xa51089)
    /opt/go/src/github.com/gravitational/teleport/vendor/golang.org/x/crypto/ssh/server.go:218 +0x593 fp=0xc4205add30 sp=0xc4205adc58
github.com/gravitational/teleport/vendor/golang.org/x/crypto/ssh.NewServerConn(0x19fef20, 0xc420488390, 0xc420494940, 0xc420488390, 0x9, 0x5, 0x0, 0x0)
    /opt/go/src/github.com/gravitational/teleport/vendor/golang.org/x/crypto/ssh/server.go:149 +0xc2 fp=0xc4205add98 sp=0xc4205add30
github.com/gravitational/teleport/lib/sshutils.(*Server).handleConnection(0xc4204948c0, 0x19ff340, 0xc4206628e0)
    /opt/go/src/github.com/gravitational/teleport/lib/sshutils/server.go:272 +0x201 fp=0xc4205adfc8 sp=0xc4205add98
runtime.goexit()
    /usr/local/go/src/runtime/asm_amd64.s:2197 +0x1 fp=0xc4205adfd0 sp=0xc4205adfc8
created by github.com/gravitational/teleport/lib/sshutils.(*Server).acceptConnections
    /opt/go/src/github.com/gravitational/teleport/lib/sshutils/server.go:240 +0x18e
...
ahammond commented 6 years ago

I disagree. A statically complied version of teleport is absolutely essential for supporting horrible old legacy servers...

sokoow commented 6 years ago

yeah, that's what I did, compiled it statically and then got this error message..

moritzdietz commented 6 years ago

It probably helps if you post how you compiled it so they can reproduce it and find the code that is not compatible with the system you're compiling it for.

sokoow commented 6 years ago

I just compiled it with go build -a -ldflags '-extldflags "-static"'

moritzdietz commented 6 years ago

Can you post a uname -a of the system you're compiling it on? Maybe the output of go env as well?

sokoow commented 6 years ago

it's silly, cause it's a standard x86 system with go 1.8 docker image, but here it goes:

Linux phalanx1 4.10.0-37-generic #41~16.04.1-Ubuntu SMP Fri Oct 6 22:42:59 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/go"
GORACE=""
GOROOT="/usr/local/go"
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
CC="gcc"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build958220582=/tmp/go-build -gno-record-gcc-switches"
CXX="g++"
CGO_ENABLED="1"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
kontsevoy commented 6 years ago

@sokoow @ahammond I agree with the sentiment, but being practical here:

So... the current state of static builds is this: when one of us gets bored we occasionally fix them but we're not going to support this build method until we're pushed. :)